binaries_burst6y5 und andere merkwürdige Prozesse

31.12.2015, 10:48
Member

Beiträge: 15
#1 Hi!

Hier geht es nicht um meinen eigenen Rechner, sondern um den Laptop eines Arbeitskollegen.
Er klagt über Leistungsprobleme ca. seit einer Woche.
Teileweise 100% Cpu auslastung. Die Programme die ich gewählt habe zeigen leider keine Risiken an.
PopUps meldet er nicht. Ich hoffe Ihr könnt mir dabei helfen.
Ansonsten schon mal einen guten Rutsch! ;)

OTL logfile created on: 31.12.2015 10:35:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Djokic\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18124)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,92 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 44,12% Memory free
7,79 Gb Paging File | 4,71 Gb Available in Paging File | 60,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 94,65 Gb Total Space | 4,88 Gb Free Space | 5,15% Space Free | Partition Type: NTFS
Drive E: | 1863,01 Gb Total Space | 1165,23 Gb Free Space | 62,55% Space Free | Partition Type: NTFS

Computer Name: A1011441 | User Name: mdjo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015.12.31 10:25:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Djokic\Desktop\OTL.exe
PRC - [2015.12.17 14:33:33 | 000,433,664 | -H-- | M] () -- C:\nayoyna7axi\vbkjypcruej.exe
PRC - [2015.12.17 14:33:33 | 000,433,664 | -H-- | M] () -- C:\nayoyna7axi\lhascn5.exe
PRC - [2015.12.17 14:32:18 | 001,343,488 | -H-- | M] () -- C:\Windows\qxhezfjfa.exe
PRC - [2015.12.17 14:32:18 | 001,343,488 | -H-- | M] () -- C:\Windows\borxxpicmwuy.exe
PRC - [2015.12.11 04:54:14 | 000,741,704 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015.10.21 11:36:06 | 000,060,688 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2014.12.19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.06.27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014.06.24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014.06.24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014.04.25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014.02.20 14:35:26 | 000,060,504 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2013.12.18 19:42:48 | 000,840,568 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2013.11.01 13:59:56 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2013.10.17 16:44:28 | 000,208,424 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2013.10.10 09:36:14 | 000,014,848 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files (x86)\Lexware\services\Haufe.FabricHostService.exe
PRC - [2013.10.08 16:37:52 | 000,049,664 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
PRC - [2013.05.10 08:57:32 | 000,037,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
PRC - [2012.10.07 22:01:32 | 000,024,064 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files (x86)\lexware\installer service\LxInstallerService.exe
PRC - [2012.06.01 13:05:36 | 000,141,176 | ---- | M] (iAnywhere Solutions, Inc.) -- C:\Program Files (x86)\SQL Anywhere 12\Bin32\dbsrv12.exe
PRC - [2011.07.12 16:10:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011.07.12 16:10:32 | 001,321,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011.07.07 15:44:12 | 000,183,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2011.07.07 15:44:12 | 000,066,696 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2011.06.17 21:02:56 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.06.17 21:02:41 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.05.31 17:28:04 | 002,801,288 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011.05.20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.04.26 04:25:48 | 000,308,040 | ---- | M] (AuthenTec, Inc.) -- C:\Programme\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe
PRC - [2011.03.09 11:40:12 | 000,342,984 | ---- | M] () -- C:\Program Files (x86)\OneClickInternet\WTGService.exe
PRC - [2011.03.04 10:46:50 | 000,318,464 | ---- | M] (HUAWEI Technologies Co., Ltd.) -- C:\Program Files (x86)\Huawei\Gobi\GobiQDLService\GobiQDLService.exe
PRC - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015.12.17 14:33:33 | 000,433,664 | -H-- | M] () -- C:\nayoyna7axi\vbkjypcruej.exe
MOD - [2015.12.17 14:33:33 | 000,433,664 | -H-- | M] () -- C:\nayoyna7axi\lhascn5.exe
MOD - [2015.12.11 04:54:11 | 001,583,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
MOD - [2015.12.11 04:54:09 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
MOD - [2015.12.10 08:18:04 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6e56ea517d854a93073bbe300996dd26\IAStorUtil.ni.dll
MOD - [2015.12.10 08:14:01 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\95fe8bcfce8e5b609f6432ad43d854db\WindowsBase.ni.dll
MOD - [2015.11.11 12:20:25 | 012,897,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ac49b0362a9648df9d2f437d27ff54ff\System.Windows.Forms.ni.dll
MOD - [2015.11.11 12:18:28 | 019,547,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\b92e4d284cdd9304c0969091f655f098\System.ServiceModel.ni.dll
MOD - [2015.11.11 12:13:59 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\dc5e9aaf3f627418b920205c75b926df\System.Windows.Forms.ni.dll
MOD - [2015.10.13 05:46:12 | 001,040,144 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2015.10.13 05:45:48 | 000,237,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
MOD - [2015.09.10 07:16:52 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\82ecf48db57ddf66f74fca17b0f99453\System.Drawing.ni.dll
MOD - [2015.09.09 15:51:54 | 001,639,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\fe41e3eae34ac29f3c1f03a03d8aa1af\System.Drawing.ni.dll
MOD - [2015.05.16 15:11:01 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2015.05.15 16:04:39 | 006,982,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\c61bafa9d029e3f2bf83bd5af3f1f5ac\System.Core.ni.dll
MOD - [2015.05.15 16:04:32 | 000,967,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\908075c4922acdf834c67ac802814c9d\System.Configuration.ni.dll
MOD - [2015.04.23 09:59:36 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0967cf5c31691f38d013263304d2dacb\System.Runtime.Remoting.ni.dll
MOD - [2015.02.09 09:37:02 | 010,069,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll
MOD - [2015.02.09 09:35:33 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\93a0883923e78cc3e80b7ac4a9768c60\SMDiagnostics.ni.dll
MOD - [2015.02.09 07:58:53 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\4f0bdd6d4a7c160ad10c188dbef64dfc\Microsoft.VisualC.ni.dll
MOD - [2015.02.09 07:57:00 | 000,396,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8092ad8ffb37d779da3984d6e11e7516\System.Xml.Linq.ni.dll
MOD - [2015.02.06 16:41:03 | 002,855,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll
MOD - [2015.02.06 16:41:00 | 000,790,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\14cc73701aac461eb89d6473a88fcd56\System.ServiceModel.Internals.ni.dll
MOD - [2015.02.06 16:40:24 | 007,793,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6ee4ffbd9a86ac1e7b01800b6fe9c7\System.Xml.ni.dll
MOD - [2015.02.06 16:38:44 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MOD - [2014.10.20 06:55:10 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014.10.20 06:54:49 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014.09.10 21:27:46 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\b5bc33af0da6f86c36947421e2a90c24\IAStorCommon.ni.dll
MOD - [2014.09.10 19:34:16 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014.05.13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014.05.13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014.05.13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2014.01.20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.12.18 19:43:04 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
MOD - [2013.11.01 13:59:56 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe
MOD - [2013.09.26 12:20:40 | 000,176,168 | ---- | M] () -- C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
MOD - [2013.09.26 12:20:40 | 000,043,048 | ---- | M] () -- C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
MOD - [2013.07.09 07:38:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 00:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:64bit: - [2015.11.08 23:01:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.07.23 01:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013.11.01 13:59:56 | 000,266,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2012.08.02 11:24:32 | 000,050,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Policy Platform\policyHost.exe -- (lppsvc)
SRV:64bit: - [2012.08.02 11:24:32 | 000,050,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Policy Platform\policyHost.exe -- (lpasvc)
SRV:64bit: - [2011.07.19 23:33:46 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.12.29 10:19:12 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.12.17 14:32:18 | 001,343,488 | -H-- | M] () [Auto | Running] -- C:\Windows\borxxpicmwuy.exe -- (Filtering UserMode Protected Registrar)
SRV - [2015.07.31 15:12:28 | 001,653,272 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV - [2014.12.19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.04.11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014.02.20 14:35:26 | 000,060,504 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2014.01.16 10:42:50 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\Sony\MSS\3.8.141\McCHSvc.exe -- (McComponentHostServiceSony)
SRV - [2013.11.01 13:59:56 | 000,377,768 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Care\ESRV\esrv_svc.exe -- (USER_ESRV_SVC)
SRV - [2013.11.01 13:59:56 | 000,377,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Care\ESRV\esrv_svc.exe -- (ESRV_SVC)
SRV - [2013.10.10 09:36:14 | 000,014,848 | ---- | M] (Haufe-Lexware GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Lexware\services\Haufe.FabricHostService.exe -- (Haufe FabricHostService)
SRV - [2013.10.08 16:37:52 | 000,049,664 | ---- | M] (Haufe-Lexware GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe -- (Lexware_Update_Service)
SRV - [2013.08.27 16:42:10 | 000,948,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2012.11.21 03:00:00 | 001,840,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\CCM\CcmExec.exe -- (CcmExec)
SRV - [2012.11.21 03:00:00 | 000,633,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\CCM\RemCtrl\CmRcService.exe -- (CmRcService)
SRV - [2012.11.21 03:00:00 | 000,402,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\CCM\TSManager.exe -- (smstsmgr)
SRV - [2012.11.20 16:34:22 | 001,696,824 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Programme\TightVNC\tvnserver.exe -- (tvnserver)
SRV - [2012.10.07 22:01:32 | 000,024,064 | ---- | M] (Haufe-Lexware GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\lexware\installer service\LxInstallerService.exe -- (Lexware Installations Dienst)
SRV - [2012.06.01 13:05:36 | 000,141,176 | ---- | M] (iAnywhere Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\SQL Anywhere 12\Bin32\dbsrv12.exe -- (Lexware_Datenbank_Professional_Adm)
SRV - [2012.01.12 09:07:32 | 000,695,640 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfeeScanAndRepair\McAfeeScanRepairSvc.exe -- (McAfee ScanAndRepair Svc)
SRV - [2011.08.25 02:58:28 | 000,111,776 | ---- | M] (Atheros Communication Inc.) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe -- (DCDhcpService)
SRV - [2011.07.12 16:10:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011.07.12 16:10:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011.07.12 16:10:28 | 000,923,984 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011.07.07 15:44:12 | 000,066,696 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2011.06.17 21:02:56 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.06.17 21:02:41 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.06.16 21:51:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.05.31 16:51:20 | 000,552,584 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2011.05.20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.05.02 14:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011.05.02 14:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011.05.02 14:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011.04.26 04:25:04 | 000,294,216 | ---- | M] (AuthenTec, Inc) [Auto | Running] -- C:\Programme\TrueSuite\TrueSuite.Service.exe -- (FPLService)
SRV - [2011.04.21 09:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011.04.21 08:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2011.03.09 11:40:12 | 000,342,984 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\OneClickInternet\WTGService.exe -- (WTGService)
SRV - [2011.03.04 10:46:50 | 000,318,464 | ---- | M] (HUAWEI Technologies Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Huawei\Gobi\GobiQDLService\GobiQDLService.exe -- (GobiQDLService)
SRV - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2015.06.10 22:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014.05.02 06:22:17 | 000,013,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\semav6thermal64ro.sys -- (semav6thermal64ro)
DRV:64bit: - [2013.12.02 11:34:56 | 000,079,872 | ---- | M] (BlackBerry Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2013.10.02 03:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.08.29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013.01.29 18:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012.12.10 14:48:02 | 000,044,544 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2012.11.21 21:53:36 | 000,026,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PrepDrv.sys -- (prepdrvr)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.19 23:42:15 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.07.19 23:34:07 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.19 23:34:07 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.07.19 23:30:07 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.07.06 17:16:40 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011.07.06 16:34:00 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.07.06 16:33:58 | 000,052,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.06.25 04:13:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.06.21 15:19:16 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011.06.21 15:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011.06.21 15:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011.06.17 21:02:39 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.06.16 21:51:52 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.06.15 21:17:49 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011.06.14 05:24:06 | 000,207,872 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.06.14 05:24:06 | 000,087,552 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.05.01 14:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.04.21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011.04.21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.04.21 02:29:28 | 000,399,872 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gobi3kmbb.sys -- (gobi3kmbb)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.08 14:44:06 | 000,046,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2011.01.30 02:19:52 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.27 12:41:18 | 000,894,240 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2010.12.13 08:18:48 | 000,233,984 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gobi3kserial.sys -- (gobi3kserial)
DRV:64bit: - [2010.12.13 08:16:58 | 000,034,304 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gobi3kfilter.sys -- (gobi3kfilter)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.04.26 21:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010.03.19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.20 03:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 21:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {A9ACAEE4-BAB6-4087-AB9B-716450E98B3E}
IE - HKCU\..\SearchScopes\{099DCD31-FF9E-4243-B267-1D9942179208}: "URL" = http://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\..\SearchScopes\{27EE2C54-350D-440F-8E63-6F4FC74A3079}: "URL" = http://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
IE - HKCU\..\SearchScopes\{3848AF78-38C7-4E8C-A4D6-3EBC68E9CFEB}: "URL" = http://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=http://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
IE - HKCU\..\SearchScopes\{38C8EAE1-6BD7-48FB-B57E-BCA6211386F8}: "URL" = http://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
IE - HKCU\..\SearchScopes\{58C1CD90-B97F-41BD-BF02-04292B891F80}: "URL" = http://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MXGB_deDE524
IE - HKCU\..\SearchScopes\{8ECB12FA-160A-43D4-9E1D-841A3936481B}: "URL" = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKCU\..\SearchScopes\{A9ACAEE4-BAB6-4087-AB9B-716450E98B3E}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{D512F06C-ADDE-4BD3-8211-707CFD4B6F06}: "URL" = http://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.100.222:3128

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Djokic\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015.07.10 17:30:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013.01.21 15:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Djokic\AppData\Roaming\mozilla\Extensions
[2013.10.04 11:23:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Djokic\AppData\Roaming\mozilla\Firefox\Profiles\95shrqef.default\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Djokic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Djokic\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokdoppleiafjmfmggefbkghfblaplo\1.0_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\TrueSuite\TrueSuite.IEBHO.dll (AuthenTec Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\TrueSuite\x86\TrueSuite.IEBHO.dll (AuthenTec Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [ClientAppLogon] C:\Programme\TrueSuite\TrueSuite.ClientAppLogonExe.exe (AuthenTec, Inc.)
O4:64bit: - HKLM..\Run: [ClientAppLogon32] C:\Programme\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe (AuthenTec, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe [2015.12.21 08:16:33 | 000,000,000 | ---D | M]
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [BGInfo] C:\Windows\BGInfo.exe (Sysinternals)
O4 - HKCU..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe File not found
O4 - HKCU..\Run: [Health Debugger Update Provider Background] C:\Users\Djokic\AppData\Local\borxxpicmwuy.exe File not found
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Intelligent Health DCOM Hardware] C:\nayoyna7axi\vbkjypcruej.exe ()
O4 - HKCU..\Run: [List Auto Bus Remote User Health Human] C:\crchulbnq\alhwric.exe File not found
O4 - HKCU..\Run: [SpybotPostWindows10UpgradeReInstall] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [WEB.DE Application {sync-000021}] C:\Users\Djokic\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe (1&1 Mail & Media GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiscSpaceChecks = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Save page in SuperOffice - res://C:\PROGRA~2\SUPERO~1\SoIeExtensions.dll/SavePageInSuperOffice.htm File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Save page in SuperOffice - res://C:\PROGRA~2\SUPERO~1\SoIeExtensions.dll/SavePageInSuperOffice.htm File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: SuperOror - {CC88D81F-6166-4F46-AC89-B75CD9CEB292} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.3 192.168.100.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sc.pt
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A40F9020-17F5-434D-AF26-4759E8B61C11}: DhcpNameServer = 192.168.100.3 192.168.100.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D19810A4-D0BA-4C61-83E6-8DFC74D8AA08}: DhcpNameServer = 62.28.40.173 62.28.116.41 8.8.8.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\saphtmlp - No CLSID value found
O18:64bit: - Protocol\Handler\sapr3 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP AG, Walldorf)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.01.08 12:39:34 | 000,000,000 | ---D | M] - E:\Auto Matunin -- [ NTFS ]
O33 - MountPoints2\{c8cff1af-65f5-11e2-bbd6-88532e564324}\Shell - "" = AutoRun
O33 - MountPoints2\{c8cff1af-65f5-11e2-bbd6-88532e564324}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:64bit: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{4BC6C7FE-598E-4C81-A967-D8C2CCE766B7} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015.12.31 10:25:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Djokic\Desktop\OTL.exe
[2015.12.31 09:42:43 | 000,821,920 | ---- | C] (Safer-Networking Ltd. ) -- C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
[2015.12.31 09:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2015.12.31 09:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2015.12.31 09:41:40 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2015.12.31 09:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2015.12.31 09:41:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2015.12.31 09:41:15 | 000,000,000 | ---D | C] -- C:\Users\Djokic\AppData\Local\Programs
[2015.12.30 16:43:48 | 000,000,000 | ---D | C] -- C:\Windows\binaries_burst6y5
[2015.12.30 15:26:44 | 000,844,648 | R--- | C] (Sysinternals) -- C:\Windows\Bginfo.exe
[2015.12.30 15:19:38 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Djokic\Desktop\HijackThis_2.0.5.exe
[2015.12.22 08:20:37 | 000,164,864 | ---- | C] (Info-Zip <www.info-zip.org>;) -- C:\Windows\unzip.exe
[2015.12.18 08:02:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wups2.dll
[2015.12.18 08:02:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wuauclt.exe
[2015.12.17 15:53:54 | 000,000,000 | -H-D | C] -- C:\Windows\bgaodzppqmxulc
[2015.12.17 14:33:31 | 000,000,000 | -H-D | C] -- C:\nayoyna7axi
[2015.12.17 09:12:06 | 000,000,000 | ---D | C] -- C:\Users\Djokic\AppData\Local\Ofi Labs
[2015.12.16 20:00:35 | 000,000,000 | -H-D | C] -- C:\Users\Djokic\AppData\Local\bgaodzppqmxulc
[2015.12.16 15:49:47 | 000,000,000 | -H-D | C] -- C:\crchulbnq
[2015.12.14 16:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015.12.14 16:40:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015.12.14 16:40:49 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015.12.14 16:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015.12.14 16:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013.01.16 14:24:06 | 003,100,672 | ---- | C] (SAP Technology,Inc) -- C:\Program Files (x86)\Common Files\sapxlhelper.dll
[2013.01.16 14:24:05 | 000,626,688 | ---- | C] (SAP AG) -- C:\Program Files (x86)\Common Files\sapconsaccess.dll
[2013.01.16 14:24:05 | 000,192,512 | ---- | C] (SAP Tech Inc.) -- C:\Program Files (x86)\Common Files\sapconsr3.dll
[2013.01.16 14:24:04 | 000,040,960 | ---- | C] (SAP-TECHNOLOGY) -- C:\Program Files (x86)\Common Files\DigitalSignature.ocx
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015.12.31 10:28:25 | 000,031,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.12.31 10:28:25 | 000,031,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.12.31 10:28:25 | 000,007,604 | ---- | M] () -- C:\Users\Djokic\AppData\Local\Resmon.ResmonCfg
[2015.12.31 10:26:32 | 001,634,422 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.12.31 10:26:32 | 000,704,960 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2015.12.31 10:26:32 | 000,659,152 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.12.31 10:26:32 | 000,151,422 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2015.12.31 10:26:32 | 000,123,818 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.12.31 10:25:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Djokic\Desktop\OTL.exe
[2015.12.31 10:24:35 | 000,000,333 | ---- | M] () -- C:\Windows\SMSCFG.ini
[2015.12.31 10:23:08 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.12.31 10:22:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.12.31 10:22:02 | 3155,054,592 | -HS- | M] () -- C:\hiberfil.sys
[2015.12.31 10:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.12.31 09:41:43 | 000,001,383 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2015.12.30 16:43:46 | 000,788,914 | ---- | M] () -- C:\Windows\binaries_burst6y5.zip
[2015.12.30 15:19:39 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Djokic\Desktop\HijackThis_2.0.5.exe
[2015.12.24 09:19:36 | 000,251,369 | ---- | M] () -- C:\Users\Djokic\Documents\201512240918.pdf
[2015.12.22 08:20:41 | 000,787,585 | ---- | M] () -- C:\Windows\binaries_burst6y4.zip
[2015.12.22 08:20:37 | 000,164,864 | ---- | M] (Info-Zip <www.info-zip.org>;) -- C:\Windows\unzip.exe
[2015.12.18 08:02:31 | 000,273,408 | ---- | M] () -- C:\Windows\pcre.dll
[2015.12.18 08:02:29 | 000,973,312 | ---- | M] () -- C:\Windows\libpff.dll
[2015.12.17 15:55:17 | 000,006,212 | ---- | M] () -- C:\Windows\xunit.js
[2015.12.17 15:55:16 | 000,059,986 | ---- | M] () -- C:\Windows\tester.js
[2015.12.17 15:55:16 | 000,021,401 | ---- | M] () -- C:\Windows\utils.js
[2015.12.17 15:55:15 | 000,005,692 | ---- | M] () -- C:\Windows\querystring.js
[2015.12.17 15:55:15 | 000,004,770 | ---- | M] () -- C:\Windows\pagestack.js
[2015.12.17 15:55:15 | 000,000,767 | ---- | M] () -- C:\Windows\package.json
[2015.12.17 15:55:14 | 000,008,055 | ---- | M] () -- C:\Windows\events.js
[2015.12.17 15:55:14 | 000,004,684 | ---- | M] () -- C:\Windows\colorizer.js
[2015.12.17 15:55:14 | 000,004,229 | ---- | M] () -- C:\Windows\mouse.js
[2015.12.17 15:55:14 | 000,002,502 | ---- | M] () -- C:\Windows\http.js
[2015.12.17 15:55:13 | 000,087,907 | ---- | M] () -- C:\Windows\casper.js
[2015.12.17 15:55:13 | 000,035,353 | ---- | M] () -- C:\Windows\clientutils.js
[2015.12.17 15:55:13 | 000,005,281 | ---- | M] () -- C:\Windows\cli.js
[2015.12.17 15:55:12 | 000,014,821 | ---- | M] () -- C:\Windows\bootstrap.js
[2015.12.17 15:55:11 | 007,488,000 | ---- | M] () -- C:\Windows\phantomjs198.exe
[2015.12.17 15:53:54 | 000,471,040 | ---- | M] () -- C:\Users\Djokic\AppData\Local\libpff.dll
[2015.12.17 14:32:18 | 001,343,488 | -H-- | M] () -- C:\Windows\qxhezfjfa.exe
[2015.12.17 14:32:18 | 001,343,488 | -H-- | M] () -- C:\Windows\borxxpicmwuy.exe
[2015.12.17 09:12:04 | 000,059,986 | ---- | M] () -- C:\Users\Djokic\AppData\Local\tester.js
[2015.12.17 09:12:04 | 000,021,401 | ---- | M] () -- C:\Users\Djokic\AppData\Local\utils.js
[2015.12.17 09:12:04 | 000,006,212 | ---- | M] () -- C:\Users\Djokic\AppData\Local\xunit.js
[2015.12.17 09:12:03 | 000,005,692 | ---- | M] () -- C:\Users\Djokic\AppData\Local\querystring.js
[2015.12.17 09:12:03 | 000,004,770 | ---- | M] () -- C:\Users\Djokic\AppData\Local\pagestack.js
[2015.12.17 09:12:03 | 000,000,767 | ---- | M] () -- C:\Users\Djokic\AppData\Local\package.json
[2015.12.17 09:12:02 | 000,008,055 | ---- | M] () -- C:\Users\Djokic\AppData\Local\events.js
[2015.12.17 09:12:02 | 000,004,684 | ---- | M] () -- C:\Users\Djokic\AppData\Local\colorizer.js
[2015.12.17 09:12:02 | 000,004,229 | ---- | M] () -- C:\Users\Djokic\AppData\Local\mouse.js
[2015.12.17 09:12:02 | 000,002,502 | ---- | M] () -- C:\Users\Djokic\AppData\Local\http.js
[2015.12.17 09:12:01 | 000,087,907 | ---- | M] () -- C:\Users\Djokic\AppData\Local\casper.js
[2015.12.17 09:12:01 | 000,035,353 | ---- | M] () -- C:\Users\Djokic\AppData\Local\clientutils.js
[2015.12.17 09:12:01 | 000,005,281 | ---- | M] () -- C:\Users\Djokic\AppData\Local\cli.js
[2015.12.17 09:12:00 | 007,488,000 | ---- | M] () -- C:\Users\Djokic\AppData\Local\phantomjs198.exe
[2015.12.17 09:12:00 | 000,014,821 | ---- | M] () -- C:\Users\Djokic\AppData\Local\bootstrap.js
[2015.12.15 12:32:34 | 000,111,836 | ---- | M] () -- C:\Users\Djokic\Documents\TK Power-Pack (3).JPG
[2015.12.15 12:31:40 | 000,096,244 | ---- | M] () -- C:\Users\Djokic\Documents\TK Power-Pack (2).JPG
[2015.12.15 12:30:48 | 000,090,356 | ---- | M] () -- C:\Users\Djokic\Documents\TK Power-Pack (1).JPG
[2015.12.14 16:41:03 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015.12.10 11:38:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2015.12.10 08:11:13 | 000,446,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.12.09 18:08:22 | 000,030,050 | ---- | M] () -- C:\Users\Djokic\Desktop\rfc04048_05768.trc
[2015.12.09 17:51:12 | 000,003,057 | ---- | M] () -- C:\Users\Djokic\Desktop\rfc04048_08004.trc
[2015.12.09 13:33:46 | 000,001,534 | ---- | M] () -- C:\Users\Djokic\Desktop\rfc04048_06384.trc
[2015.12.09 12:07:21 | 000,004,838 | ---- | M] () -- C:\Users\Djokic\Desktop\rfc04048_02888.trc
[2015.12.08 11:29:29 | 002,716,628 | ---- | M] () -- C:\Users\Djokic\Documents\Unfall 3. #1107.JPG
[2015.12.08 11:29:25 | 002,503,083 | ---- | M] () -- C:\Users\Djokic\Documents\Unfall 2. #1107.JPG
[2015.12.08 11:29:20 | 002,311,066 | ---- | M] () -- C:\Users\Djokic\Documents\Unfall 1. #1107.JPG
[2015.12.07 07:58:48 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015.12.31 09:41:43 | 000,001,395 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2015.12.31 09:41:43 | 000,001,383 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2015.12.30 16:43:46 | 000,788,914 | ---- | C] () -- C:\Windows\binaries_burst6y5.zip
[2015.12.30 15:35:58 | 000,007,604 | ---- | C] () -- C:\Users\Djokic\AppData\Local\Resmon.ResmonCfg
[2015.12.29 15:36:44 | 000,001,654 | R--- | C] () -- C:\Windows\BGInfo.bgi
[2015.12.24 09:19:36 | 000,251,369 | ---- | C] () -- C:\Users\Djokic\Documents\201512240918.pdf
[2015.12.22 08:20:41 | 000,787,585 | ---- | C] () -- C:\Windows\binaries_burst6y4.zip
[2015.12.18 08:02:31 | 000,273,408 | ---- | C] () -- C:\Windows\pcre.dll
[2015.12.18 08:02:29 | 000,973,312 | ---- | C] () -- C:\Windows\libpff.dll
[2015.12.17 15:55:17 | 000,006,212 | ---- | C] () -- C:\Windows\xunit.js
[2015.12.17 15:55:16 | 000,059,986 | ---- | C] () -- C:\Windows\tester.js
[2015.12.17 15:55:16 | 000,021,401 | ---- | C] () -- C:\Windows\utils.js
[2015.12.17 15:55:15 | 000,005,692 | ---- | C] () -- C:\Windows\querystring.js
[2015.12.17 15:55:15 | 000,004,770 | ---- | C] () -- C:\Windows\pagestack.js
[2015.12.17 15:55:15 | 000,000,767 | ---- | C] () -- C:\Windows\package.json
[2015.12.17 15:55:14 | 000,008,055 | ---- | C] () -- C:\Windows\events.js
[2015.12.17 15:55:14 | 000,004,684 | ---- | C] () -- C:\Windows\colorizer.js
[2015.12.17 15:55:14 | 000,004,229 | ---- | C] () -- C:\Windows\mouse.js
[2015.12.17 15:55:14 | 000,002,502 | ---- | C] () -- C:\Windows\http.js
[2015.12.17 15:55:13 | 000,087,907 | ---- | C] () -- C:\Windows\casper.js
[2015.12.17 15:55:13 | 000,035,353 | ---- | C] () -- C:\Windows\clientutils.js
[2015.12.17 15:55:13 | 000,005,281 | ---- | C] () -- C:\Windows\cli.js
[2015.12.17 15:55:12 | 000,014,821 | ---- | C] () -- C:\Windows\bootstrap.js
[2015.12.17 15:55:03 | 007,488,000 | ---- | C] () -- C:\Windows\phantomjs198.exe
[2015.12.17 15:53:58 | 001,343,488 | -H-- | C] () -- C:\Windows\qxhezfjfa.exe
[2015.12.17 15:53:54 | 001,343,488 | -H-- | C] () -- C:\Windows\borxxpicmwuy.exe
[2015.12.17 15:53:54 | 000,471,040 | ---- | C] () -- C:\Users\Djokic\AppData\Local\libpff.dll
[2015.12.17 09:12:04 | 000,059,986 | ---- | C] () -- C:\Users\Djokic\AppData\Local\tester.js
[2015.12.17 09:12:04 | 000,021,401 | ---- | C] () -- C:\Users\Djokic\AppData\Local\utils.js
[2015.12.17 09:12:04 | 000,006,212 | ---- | C] () -- C:\Users\Djokic\AppData\Local\xunit.js
[2015.12.17 09:12:03 | 000,005,692 | ---- | C] () -- C:\Users\Djokic\AppData\Local\querystring.js
[2015.12.17 09:12:03 | 000,004,770 | ---- | C] () -- C:\Users\Djokic\AppData\Local\pagestack.js
[2015.12.17 09:12:02 | 000,008,055 | ---- | C] () -- C:\Users\Djokic\AppData\Local\events.js
[2015.12.17 09:12:02 | 000,004,684 | ---- | C] () -- C:\Users\Djokic\AppData\Local\colorizer.js
[2015.12.17 09:12:02 | 000,004,229 | ---- | C] () -- C:\Users\Djokic\AppData\Local\mouse.js
[2015.12.17 09:12:02 | 000,002,502 | ---- | C] () -- C:\Users\Djokic\AppData\Local\http.js
[2015.12.17 09:12:02 | 000,000,767 | ---- | C] () -- C:\Users\Djokic\AppData\Local\package.json
[2015.12.17 09:12:01 | 000,087,907 | ---- | C] () -- C:\Users\Djokic\AppData\Local\casper.js
[2015.12.17 09:12:01 | 000,035,353 | ---- | C] () -- C:\Users\Djokic\AppData\Local\clientutils.js
[2015.12.17 09:12:01 | 000,005,281 | ---- | C] () -- C:\Users\Djokic\AppData\Local\cli.js
[2015.12.17 09:12:00 | 000,014,821 | ---- | C] () -- C:\Users\Djokic\AppData\Local\bootstrap.js
[2015.12.17 09:11:53 | 007,488,000 | ---- | C] () -- C:\Users\Djokic\AppData\Local\phantomjs198.exe
[2015.12.15 10:41:49 | 000,111,836 | ---- | C] () -- C:\Users\Djokic\Documents\TK Power-Pack (3).JPG
[2015.12.15 10:41:35 | 000,096,244 | ---- | C] () -- C:\Users\Djokic\Documents\TK Power-Pack (2).JPG
[2015.12.15 10:41:26 | 000,090,356 | ---- | C] () -- C:\Users\Djokic\Documents\TK Power-Pack (1).JPG
[2015.12.14 16:41:03 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015.12.10 11:38:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2015.12.09 15:32:20 | 000,003,057 | ---- | C] () -- C:\Users\Djokic\Desktop\rfc04048_08004.trc
[2015.12.09 13:34:53 | 000,030,050 | ---- | C] () -- C:\Users\Djokic\Desktop\rfc04048_05768.trc
[2015.12.09 11:34:45 | 000,004,838 | ---- | C] () -- C:\Users\Djokic\Desktop\rfc04048_02888.trc
[2015.12.09 11:25:30 | 000,001,534 | ---- | C] () -- C:\Users\Djokic\Desktop\rfc04048_06384.trc
[2014.07.03 12:14:21 | 000,180,300 | ---- | C] () -- C:\Windows\_isusr32.dll
[2014.07.03 12:14:21 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\_isusr2k.dll
[2014.05.30 15:10:10 | 000,000,333 | ---- | C] () -- C:\Windows\SMSCFG.ini
[2014.05.29 16:27:39 | 000,002,188 | RHS- | C] () -- C:\Users\Djokic\ntuser.pol
[2014.01.21 09:30:58 | 000,321,576 | ---- | C] () -- C:\Windows\SysWow64\LxDNT100.dll
[2014.01.21 09:30:58 | 000,209,960 | ---- | C] () -- C:\Windows\SysWow64\LXPrnUtil10.dll
[2014.01.21 09:30:58 | 000,140,840 | ---- | C] () -- C:\Windows\SysWow64\LxDNTvmc100.dll
[2014.01.21 09:30:58 | 000,076,840 | ---- | C] () -- C:\Windows\SysWow64\LxDNTvm100.dll
[2013.06.09 22:40:27 | 001,084,692 | ---- | C] () -- C:\ProgramData\2433f433
[2013.01.16 14:24:05 | 001,124,864 | ---- | C] () -- C:\Program Files (x86)\Common Files\SAPActiveXL_nosig.xlt
[2013.01.16 14:24:04 | 001,129,984 | ---- | C] () -- C:\Program Files (x86)\Common Files\SAPActiveXL.xlt
[2013.01.16 10:33:38 | 000,011,188 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.08.06 19:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2013.07.27 15:45:31 | 000,000,000 | ---D | M] -- C:\Users\Djokic\AppData\Roaming\Afhimu
[2013.06.05 17:37:30 | 000,000,000 | ---D | M] -- C:\Users\Djokic\AppData\Roaming\EPSON
[2013.10.27 20:33:30 | 000,000,000 | ---D | M] -- C:\Users\Djokic\AppData\Roaming\iolo
[2014.02.11 07:59:40 | 000,000,000 | ---D | M] -- C:\Users\Djokic\AppData\Roaming\Lexware
[2013.03.13 17:55:37 | 000,000,000 | ---D | M] -- C:\Users\Djokic\AppData\Roaming\Sony
[2013.02.20 08:34:05 | 000,000,000 | ---D | M] -- C:\Users\Djokic\AppData\Roaming\SQL Anywhere 12
[2015.05.21 11:18:38 | 000,000,000 | ---D | M] -- C:\Users\Djokic\AppData\Roaming\SuperOffice
[2014.08.29 12:40:50 | 000,000,000 | ---D | M] -- C:\Users\Djokic\AppData\Roaming\TeamViewer
[2015.03.16 14:35:43 | 000,000,000 | ---D | M] -- C:\Users\Djokic\AppData\Roaming\Unity
[2013.08.01 16:28:40 | 000,000,000 | ---D | M] -- C:\Users\Djokic\AppData\Roaming\Uzlo
[2013.08.29 07:18:37 | 000,000,000 | ---D | M] -- C:\Users\Djokic\AppData\Roaming\WindSolutions

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color]
[2014.05.29 16:12:25 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2015.08.04 06:39:33 | 000,000,000 | -H-D | M] -- C:\$Windows.~BT
[2015.12.16 20:00:36 | 000,000,000 | -H-D | M] -- C:\crchulbnq
[2013.01.15 12:19:16 | 000,000,000 | ---D | M] -- C:\Documentation
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2013.01.15 13:23:21 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2014.07.03 12:13:32 | 000,000,000 | ---D | M] -- C:\Drivers
[2013.01.15 12:48:32 | 000,000,000 | ---D | M] -- C:\Infineon
[2013.01.15 12:01:28 | 000,000,000 | ---D | M] -- C:\Intel
[2015.12.30 16:45:28 | 000,000,000 | ---D | M] -- C:\mail datei
[2013.08.15 09:29:35 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2015.12.17 14:33:47 | 000,000,000 | -H-D | M] -- C:\nayoyna7axi
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2015.12.14 16:40:49 | 000,000,000 | R--D | M] -- C:\Program Files
[2015.12.31 09:41:35 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2015.12.31 09:41:39 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013.01.15 13:23:21 | 000,000,000 | -HSD | M] -- C:\Programme
[2015.12.08 11:28:15 | 000,000,000 | R--D | M] -- C:\Public
[2013.01.15 12:46:00 | 000,000,000 | -H-D | M] -- C:\SPLASH.000
[2013.01.15 12:45:38 | 000,000,000 | -H-D | M] -- C:\SPLASH.SYS
[2015.12.31 10:37:45 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2015.12.31 09:55:27 | 000,000,000 | ---D | M] -- C:\Temp
[2015.10.20 08:10:30 | 000,000,000 | ---D | M] -- C:\Update
[2015.12.14 16:40:15 | 000,000,000 | R--D | M] -- C:\Users
[2015.12.31 10:22:21 | 000,000,000 | ---D | M] -- C:\Windows
[2013.01.15 12:19:18 | 000,000,000 | ---D | M] -- C:\_FS_SWRINFO

[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color]

[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]
[2015.12.17 09:12:00 | 007,488,000 | ---- | M] () -- C:\Users\Djokic\AppData\Local\phantomjs198.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011.05.26 21:04:40 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2014.06.24 10:42:02 | 004,818,848 | ---- | M] (Safer-Networking Ltd.) MD5=280C014187E24860A7C860329513208F -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
[2011.05.26 21:04:40 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.05.26 21:04:40 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.05.26 21:04:40 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.05.26 21:04:40 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.05.26 21:04:40 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[color=#A23BEC]< MD5 for: REGEDIT.EXE >[/color]
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]

< End of report >
Seitenanfang Seitenende
04.01.2016, 22:07
Member
Avatar Gool

Beiträge: 4730
#2 Dringende Empfehlung: System neuinstallieren und zukünftig immer brav die Windows-Updates und andere relevante Softwareupdates durchführen (Flash, Java, Adobe Reader etc.) und einen Virenscanner installieren. Die Kiste ist augenscheinlich so verseucht, da würde ich von einer Reinigung, die sehr langwierig werden könnte, abraten.
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser
Seitenanfang Seitenende
05.01.2016, 08:05
Member

Themenstarter

Beiträge: 15
#3 Morgen!

Danke für die Antwort!
Das hatte ich mir schon fast gedacht. Werde es ihm ausrichten.
LG
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: