Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Firefox/IE öffnet Seiten erst nach Aktualisierung

Firefox/IE öffnet Seiten erst nach Aktualisierung


Log-Analyse und Auswertung: Firefox/IE öffnet Seiten erst nach Aktualisierung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 18.08.2012, 09:46   #1
hsmautern
 
Firefox/IE öffnet Seiten erst nach Aktualisierung - Standard

Firefox/IE öffnet Seiten erst nach Aktualisierung


Hallo erstmal an alle!
Ich hoffe es kann geholfen werden.

Ich habe seit gestern ein Problem:
Sowohl IE als auch Firefox öffnen vorerst normal mit der eingestellten Startseite.
Wenn ich jedoch einen neuen Tab aufmache (google.at eingestellt) kommt sofort "Die Verbindung zum Server wurde zurückgesetzt, während die Seite geladen wurde". Erst durch Aktualisierung öffnet sich die Seite normal. Das passiert allerdings auch bei Seiten die ich aus den Favoriten auswähle oder aus Links die ich anklicke. Leider aber ohne erkennbares System.

Auch auf dieser Seite gibts Troubles wenn ich z.B. auf die Seite 2 eines Threads wechseln will.

Malwarebytes hab ich ausgeführt.
Logfile:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Börni :: BERNHARD [Administrator]

18.08.2012 10:16:17
mbam-log-2012-08-18 (10-16-17).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 205516
Laufzeit: 3 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
D:\Temp\InstallShare11630\FunmoodsSetupV2.1.exe (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Temp\InstallShare16711\FunmoodsSetupV2.1.exe (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

die PUP.Funmoods wurden scheinbar entfernt

Jetzt läuft grad ESET
log folgt in Kürze

Code:
ATTFilter
C:\ProgramData\YouTube Downloader\ytd_installer.exe	Win32/Toolbar.Widgi application
C:\Users\All Users\YouTube Downloader\ytd_installer.exe	Win32/Toolbar.Widgi application
C:\Users\Börni\Downloads\R3_nqeu_q4.exe	a variant of Win32/DirectDownloader.B application
D:\Eigene Dateien\Downloads\Nero-9.4.12.3d_free.exe	Win32/Toolbar.AskSBar application
D:\Eigene Dateien\Downloads\Nero-9.4.12.3d_free.exe.part	Win32/Toolbar.AskSBar application
D:\Eigene Dateien\Downloads\SLOW-PCfighter 1.0.87 + Crack (Multi Language)\slow-pcfighter_Web.exe	probably a variant of Win32/SlowPCfighter application
D:\Eigene Dateien\Downloads\SLOW-PCfighter 1.0.87 + Crack (Multi Language)\Crack\SLOW-PCfighter.exe	probably a variant of Win32/SlowPCfighter application
D:\Programme\eMule\Incoming\Camtasia Studio 5.0.0 [Cracked by Black Knight]\Camtasia Studio 5.0.0 [Cracked by Black Knight]\Camtasia.Studio.v5.0.Spanish.exe	probably a variant of Win32/TrojanDownloader.Obfuscated.NGSCEOR trojan
D:\Temp\toolbar.exe	a variant of Win32/Toolbar.Zugo application
D:\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe	Win32/Toolbar.Babylon application
G:\Downloads\IMG_1559(1).rar	Archbomb.RAR trojan
G:\Downloads\IMG_1559.rar	Archbomb.RAR trojan
G:\Downloads\YouTubeDownloaderSetup33.exe	a variant of Win32/Toolbar.Widgi application
Code:
ATTFilter
OTL logfile created on: 18.08.2012 16:52:23 - Run 2
OTL by OldTimer - Version 3.2.57.0     Folder = G:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,85 Gb Available Physical Memory | 73,22% Memory free
23,99 Gb Paging File | 21,08 Gb Available in Paging File | 87,89% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,23 Gb Total Space | 61,15 Gb Free Space | 51,29% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 392,08 Gb Free Space | 84,18% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 255,86 Gb Free Space | 54,93% Space Free | Partition Type: NTFS
Drive T: | 465,76 Gb Total Space | 392,08 Gb Free Space | 84,18% Space Free | Partition Type: FAT32
 
Computer Name: BERNHARD | User Name: Börni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.18 10:25:33 | 000,596,992 | ---- | M] (OldTimer Tools) -- G:\Downloads\OTL(1).exe
PRC - [2012.08.16 17:45:00 | 003,021,440 | ---- | M] () -- C:\Program Files (x86)\Digital Trends Club\Payback-Reporting.exe
PRC - [2012.08.16 17:44:56 | 001,377,920 | ---- | M] () -- C:\Program Files (x86)\Digital Trends Club\Payback-Updater.exe
PRC - [2012.08.16 17:28:07 | 000,060,544 | ---- | M] () -- C:\Program Files (x86)\PaybackLSPService\Payback-WatchDog.exe
PRC - [2012.07.29 09:09:59 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.06.22 16:40:04 | 001,288,264 | ---- | M] (Secomba GmbH) -- C:\Program Files (x86)\BoxCryptor\BoxCryptor.exe
PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Börni\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.05.18 10:12:21 | 000,234,784 | ---- | M] (Apple Inc.) -- C:\AirPrint\airprint.exe
PRC - [2012.02.23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011.09.30 09:28:08 | 000,546,464 | ---- | M] (ESET) -- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
PRC - [2011.04.08 14:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2011.03.29 15:33:08 | 000,598,312 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010.11.20 14:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010.10.26 13:27:42 | 000,703,080 | ---- | M] (Fortinet Inc.) -- C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
PRC - [2009.10.07 15:04:44 | 003,872,552 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe
PRC - [2009.10.07 14:50:26 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2009.08.26 10:25:28 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
PRC - [2009.06.26 16:25:24 | 000,356,352 | ---- | M] () -- C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe
PRC - [2009.04.15 16:37:32 | 000,654,640 | ---- | M] (REINER SCT) -- C:\Windows\SysWOW64\cjpcsc.exe
PRC - [2007.02.27 16:05:44 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Krait\razerofa.exe
PRC - [2007.02.16 18:46:20 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Razer\Krait\razertra.exe
PRC - [2007.02.16 18:44:08 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Razer\Krait\razerhid.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.08.16 17:28:07 | 000,060,544 | ---- | M] () -- C:\Program Files (x86)\PaybackLSPService\Payback-WatchDog.exe
MOD - [2012.07.29 09:09:59 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.06.15 03:07:06 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c06946b464ae8dd22151e0a6f310c976\System.Windows.Forms.ni.dll
MOD - [2012.06.15 03:06:54 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\29e48cb144e24a7b4335d1360cc06642\System.Drawing.ni.dll
MOD - [2012.05.21 06:04:08 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\e72d56a0f58bcf95890614700f925609\System.Management.ni.dll
MOD - [2012.05.20 23:31:55 | 000,736,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\4278bedb3086448c94c1e7f563325052\System.Security.ni.dll
MOD - [2012.05.20 23:31:53 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bd2433e160ce2f19acc8ebe10babae8d\System.Xml.ni.dll
MOD - [2012.05.20 23:31:51 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6711765f90c0082ec393943b924ed277\System.Configuration.ni.dll
MOD - [2012.05.20 23:31:49 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\3e4f9b3b78f0f13b7469a14e69d756ef\System.Core.ni.dll
MOD - [2012.05.20 23:31:44 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9cf67ed1b743fbc3dd6b78fbc0595236\System.ni.dll
MOD - [2012.05.20 23:31:40 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\1bdf7de454340e0ea9fc455aeaec49d9\mscorlib.ni.dll
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2009.07.22 18:22:20 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\ScanWizard 5\SFRes.dll
MOD - [2009.06.26 16:25:24 | 000,356,352 | ---- | M] () -- C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe
MOD - [2007.02.16 18:46:20 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Razer\Krait\razertra.exe
MOD - [2007.02.16 18:44:08 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Razer\Krait\razerhid.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012.04.19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012.03.20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012.03.20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012.03.20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2010.07.07 03:50:54 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.16 17:45:00 | 003,021,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Digital Trends Club\Payback-Reporting.exe -- (Payback-Reporting-Service)
SRV - [2012.08.16 17:44:56 | 001,377,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Digital Trends Club\Payback-Updater.exe -- (Payback-Update-Service)
SRV - [2012.08.16 17:28:11 | 003,302,528 | ---- | M] (Payback) [Auto | Stopped] -- C:\Program Files (x86)\PaybackLSPService\PaybackLSPService.exe -- (PaybackLSPService)
SRV - [2012.08.15 08:04:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.29 09:09:59 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.18 10:12:21 | 000,234,784 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\AirPrint\airprint.exe -- (AirPrint)
SRV - [2011.03.29 15:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.02.02 12:00:32 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2010.10.26 13:27:42 | 000,703,080 | ---- | M] (Fortinet Inc.) [Auto | Running] -- C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe -- (FortiSslvpnDaemon)
SRV - [2010.03.29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.23 10:56:22 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009.10.07 14:50:26 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.15 16:37:32 | 000,654,640 | ---- | M] (REINER SCT) [Auto | Running] -- C:\Windows\SysWOW64\cjpcsc.exe -- (cjpcsc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.06.07 11:24:18 | 000,352,144 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cbfs3.sys -- (cbfs3)
DRV:64bit: - [2012.04.11 18:43:48 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012.02.22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012.02.22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012.02.22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.08.17 09:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.05.10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 12:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2010.12.02 12:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.12.02 07:50:16 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.07.29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010.07.07 04:30:08 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.07.07 04:30:08 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.07.07 03:15:42 | 000,265,728 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009.11.04 17:54:06 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009.11.04 17:47:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009.10.20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009.09.30 16:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.21 18:53:06 | 000,042,528 | ---- | M] (Fortinet Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pppop64.sys -- (pppop)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.23 10:38:20 | 003,531,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.05.18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.01.25 11:12:34 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2007.06.13 15:20:52 | 000,043,320 | ---- | M] (REINER SCT) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cjusb.sys -- (cjusb)
DRV:64bit: - [2006.01.24 12:11:24 | 000,010,368 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\krait.sys -- (krait03)
DRV:64bit: - [2000.01.01 02:00:00 | 000,535,656 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2000.01.01 02:00:00 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV - [2010.01.29 12:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009.10.28 12:03:37 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2009.10.28 12:03:18 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009.10.28 12:03:11 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 11 C2 87 E0 30 57 CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0A70FF06-3276-4BE5-A934-A57E6D1C0B01}: "URL" = hxxp://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=3012_3&babsrc=SP_ss&mntrId=40aa7a34000000000000000000000000
IE - HKCU\..\SearchScopes\{3BC07E92-F52C-4E1D-8A87-43E08E86D530}: "URL" = hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@FortinetCacheClean: C:\Program Files (x86)\Fortinet\SslvpnClient\npccplugin.dll (Fortinet Inc.)
FF - HKLM\Software\MozillaPlugins\@FortinetTunnelControl: C:\Program Files (x86)\Fortinet\SslvpnClient\nptcplugin.dll (Fortinet Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.07.22 18:23:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gacela2@nurago.com: C:\Program Files (x86)\Digital Trends Club [2012.08.18 16:50:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: D:\WISI\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.04.21 16:13:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012.06.30 12:37:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.29 09:09:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.17 18:06:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.29 09:09:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.17 18:06:00 | 000,000,000 | ---D | M]
 
[2012.06.04 16:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Börni\AppData\Roaming\mozilla\Extensions
[2012.08.15 16:30:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\63p5sotz.default-1339307419817\extensions
[2012.08.18 09:57:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions
[2010.04.30 08:13:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.11.27 19:07:11 | 000,000,000 | ---D | M] (Bookmark Backup [de]) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions\{3474c305-9dad-11d8-9207-00055d74c2e4}
[2012.03.06 07:50:09 | 000,000,000 | ---D | M] (Buyertools) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions\{411F2F11-830F-4AB5-B7F0-FBC77B870B5A}
[2009.11.27 19:07:11 | 000,000,000 | ---D | M] (TradeManager-Plugin) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions\{4D144BC3-23FB-47de-90C5-63CCB0139CCF}
[2011.05.31 12:15:01 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2012.06.04 15:55:08 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012.05.17 09:10:29 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010.07.29 14:12:54 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.02.15 21:56:25 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009.12.04 13:30:51 | 000,000,000 | ---D | M] (Flash Video Resources Downloader) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions\max@subfighter.com
[2011.03.24 07:34:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Börni\AppData\Roaming\mozilla\Firefox\Profiles\oj9ifl3u.default\extensions\nostmp
[2012.07.25 13:11:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.25 13:11:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\ffxtlbr@babylon.com
File not found (No name found) -- C:\USERS\BöRNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\63P5SOTZ.DEFAULT-1339307419817\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
[2012.07.29 09:09:59 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.25 13:11:12 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.06.01 18:33:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.18 09:45:01 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.06.04 15:55:05 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\Börni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: No name found = C:\Users\Börni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: No name found = C:\Users\Börni\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.122.1_0\
CHR - Extension: No name found = C:\Users\Börni\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkejcihojcegdmifcnlkhmnelneogef\11.3.1046_0\
CHR - Extension: No name found = C:\Users\Börni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.08.01 11:10:09 | 000,000,850 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 172.23.1.3		nrc5000nav01
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:64bit: - BHO: (Digital Trends Club) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\x64\Gacela2.dll (Payback)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120630050754.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Digital Trends Club) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\Gacela2.dll (Payback)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120630050754.dll (McAfee, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Krait] C:\Program Files (x86)\Razer\Krait\razerhid.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Payback-WatchDog] C:\Program Files (x86)\PaybackLSPService\Payback-WatchDog.exe ()
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - Startup: C:\Users\Börni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BoxCryptor.lnk = C:\Program Files (x86)\BoxCryptor\BoxCryptor.exe (Secomba GmbH)
O4 - Startup: C:\Users\Börni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Börni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: server = C:\Windows\server.exe
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\Users\BRNI~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Börni\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\Users\BRNI~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An OneNote s&enden - res://C:\Users\BRNI~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Börni\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\Users\BRNI~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra 'Tools' menuitem : Ãœber Digital Trends Club - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\x64\Gacela2.dll (Payback)
O9 - Extra 'Tools' menuitem : Über Digital Trends Club - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\Gacela2.dll (Payback)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\PaybackLSPService64.DLL (Payback)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\PaybackLSPService64.DLL (Payback)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\PaybackLSPService64.DLL (Payback)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\PaybackLSPService64.DLL (Payback)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\PaybackLSPService64.DLL (Payback)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\PaybackLSPService.DLL (Payback)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\PaybackLSPService.DLL (Payback)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\PaybackLSPService.DLL (Payback)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\PaybackLSPService.DLL (Payback)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\PaybackLSPService.DLL (Payback)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} hxxp://eic.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab (Reg Error: Key error.)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AE8D033-BD51-47E1-8726-A8B80E989326}: DhcpNameServer = 213.94.78.17 213.94.78.16
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E8A39AD-3202-4949-B0A5-806DE609C36F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{497a15aa-c47c-11de-b43c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{497a15aa-c47c-11de-b43c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\BlueBirds.exe
O33 - MountPoints2\{497a15ab-c47c-11de-b43c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{497a15ab-c47c-11de-b43c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\BlueBirds.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\zdata\cobi.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.18 10:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.08.18 10:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.18 10:15:32 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.18 10:15:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.18 10:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.08.18 06:50:21 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{C71E4996-8DFF-4F48-A3A7-7F866A54BF97}
[2012.08.17 18:05:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.08.17 12:43:20 | 000,383,616 | ---- | C] (Payback) -- C:\Windows\SysWow64\PaybackLSPService64.dll
[2012.08.17 12:43:19 | 000,316,032 | ---- | C] (Payback) -- C:\Windows\SysWow64\PaybackLSPService.dll
[2012.08.17 11:46:29 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{EEDD7612-1496-42E5-8047-2612389BAF9A}
[2012.08.17 11:46:17 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{98C06A7C-A26F-4564-A714-08583A3191F0}
[2012.08.17 11:45:24 | 000,383,616 | ---- | C] (Payback) -- C:\Windows\SysNative\PaybackLSPService64.DLL
[2012.08.17 11:39:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PaybackLSPService
[2012.08.16 08:00:25 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{527FCB13-08C2-454A-B426-D9071D3C5B79}
[2012.08.16 08:00:13 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{FBE9F78B-B34B-4E33-B7D9-22ACADF104F4}
[2012.08.16 03:02:49 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.16 03:02:48 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.16 03:02:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.16 03:02:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.16 03:02:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.16 03:02:47 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.16 03:02:47 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.16 03:02:47 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.16 03:02:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.16 03:02:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.16 03:02:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.16 03:02:46 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.16 03:02:46 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.15 16:35:31 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{137D6E7D-AD2C-4CC5-B85F-36C03BF449E7}
[2012.08.15 16:35:18 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{EF69C1B0-39CC-4A59-9532-C5EA21D9595F}
[2012.08.15 14:28:35 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.15 14:28:32 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.15 14:28:32 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.15 14:28:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.15 14:28:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 14:28:30 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 14:28:30 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 14:28:27 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.15 11:04:55 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{F5765340-48B2-4F56-91FD-1A2CA627B601}
[2012.08.14 06:22:21 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{82AD0005-37D8-475F-BCF3-363179F12DE8}
[2012.08.14 06:22:10 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{5E28F497-C866-4C34-AF5E-72415F512BB0}
[2012.08.14 06:03:14 | 000,000,000 | ---D | C] -- C:\Users\Börni\Desktop\Berlin
[2012.08.09 11:33:51 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{1EBA5A59-1DC1-453D-BD78-4C115AA1743F}
[2012.08.09 11:33:40 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{13150E53-4811-419C-94DE-E0C025E345EA}
[2012.08.06 06:32:08 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{89214358-284B-4B58-BC96-2E05D87EDF87}
[2012.08.06 06:31:57 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{253D8B8D-6FA7-4140-9801-4D85A7AD2F09}
[2012.08.05 19:41:39 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{F959CF8B-0058-4C1C-A5C4-63A00AD4913C}
[2012.08.05 19:41:28 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{393C7C3B-5C99-4A88-80DE-EE7EEBFA6D83}
[2012.08.05 07:24:12 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{B9F9872C-D827-420A-99C8-451FF6877D77}
[2012.08.05 07:24:01 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{0CA3E8D1-75E0-4724-9246-3DDBD37BEE6A}
[2012.08.04 13:00:04 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{12477EA9-2C68-4AD2-9C4B-56377CF5A246}
[2012.08.04 12:59:52 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{B2D98AC5-117A-421B-8D49-7F123514F3BD}
[2012.08.04 12:59:31 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{1222818A-5BA5-47E4-BC94-9E18CBAF54CC}
[2012.08.04 12:59:20 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{6227276A-34E2-46CE-AAB7-43AAF229F593}
[2012.08.03 07:23:30 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{7C26580B-A906-4ED2-AD30-758B7CEC4FD6}
[2012.08.03 07:23:19 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{ADD2176B-BC2F-4F97-8BD3-3E147C78EDA1}
[2012.08.01 14:03:00 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{DB2B7A5E-83A0-4F50-BC69-D0096C28E2D8}
[2012.08.01 14:02:46 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{1697034A-E590-4D0F-B165-E9F689E924E9}
[2012.08.01 07:11:24 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{99775DB5-AF09-436A-8D44-1ABEFDFA34AA}
[2012.07.31 08:49:00 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{AC6E5FB5-4C88-4E8E-AED0-465FFAB470D9}
[2012.07.31 08:48:49 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{D692523F-665A-4496-9C89-9D68B5E7E5C5}
[2012.07.30 10:56:30 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{32FAB3E4-9221-4612-BE20-4F26A7525C31}
[2012.07.30 10:56:18 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{9DC2BA17-85E9-458D-8EEA-87C867BD5EAB}
[2012.07.30 10:02:33 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{56C0934B-9BD7-4DA2-803B-5D0CC491760F}
[2012.07.29 10:56:48 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{D2BEDEB3-0683-483E-9A87-70D9BCB014E7}
[2012.07.29 10:56:36 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{C59B774A-64F5-4305-82FE-B17A97352CDA}
[2012.07.29 10:36:32 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{F3F0D423-E20B-460A-A40C-A4FFE6449B22}
[2012.07.29 09:36:30 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{CADB9E39-0536-4282-8FA6-D8A4FE744347}
[2012.07.29 09:36:19 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{D8CF6F34-F258-4E52-924C-6F6B5C9C9DF9}
[2012.07.29 09:09:32 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{353192E0-5A28-4B6C-BCCC-2A7C1D3E8E95}
[2012.07.29 09:09:21 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{702F8A2C-42E4-4306-BE77-6A6E24ABC8AC}
[2012.07.28 10:13:20 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{5D27CA6E-CE21-4A30-8190-3BF7FE59638B}
[2012.07.28 10:13:09 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{36937110-810F-461E-ADFF-CEC0CBBF453B}
[2012.07.28 09:48:36 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{D0917509-8819-4465-99D5-4DA67BEF74E8}
[2012.07.28 08:58:31 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{7175901D-DD55-46CD-8AC7-8719C85C0636}
[2012.07.28 08:58:16 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{92FA6737-82F6-4585-A9F2-AC3D8749CF2A}
[2012.07.27 08:59:01 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{70677EA0-4528-4F9D-A768-6FB7C79DC22A}
[2012.07.27 08:58:51 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{DDA9F1F1-25CE-4CC0-95B5-AB7144E18FE8}
[2012.07.27 08:48:37 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{4F531D90-6485-435D-8CC6-87A0F7B1756A}
[2012.07.26 18:01:04 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{28D16855-9235-4545-BC54-1859A39ACC80}
[2012.07.26 18:00:53 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{FCB36A8A-6A2C-4002-852B-241F01849D9F}
[2012.07.26 06:00:28 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{17EF121A-D716-4323-A348-06786D13983F}
[2012.07.26 06:00:16 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{054A8887-76B6-43A8-8195-C2A10D22F5F9}
[2012.07.25 13:25:57 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\InstallShare
[2012.07.25 13:11:05 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Roaming\Babylon
[2012.07.25 06:02:42 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{895DC641-65B0-4F4B-B468-F6A9CD78A38D}
[2012.07.25 06:02:30 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{41EB3CFB-4A87-4D8B-ABFB-FEDCA76E41AA}
[2012.07.24 08:10:15 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{9EA6C1CE-6E8D-4C7B-B481-5CD706B703B0}
[2012.07.24 08:10:03 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{728ABCC6-2237-4790-8BCD-61B96AF7B218}
[2012.07.23 07:13:23 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{7E0465A2-A204-4CC5-80A0-28040D50D319}
[2012.07.23 07:13:12 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{3D47D7E8-EF6B-4B26-9D49-1A8CCB29DB11}
[2012.07.22 15:04:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.22 15:04:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.22 15:04:44 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.22 15:04:39 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.22 15:04:37 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.22 12:26:05 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{EF3EC705-1D9F-47B0-A017-EF9F49C2D995}
[2012.07.22 12:25:54 | 000,000,000 | ---D | C] -- C:\Users\Börni\AppData\Local\{471EDF77-6CB0-4971-B7BB-DFDE9A68E71D}
[2010.07.31 16:38:29 | 000,208,896 | ---- | C] (www.mp3dev.org) -- C:\Users\Börni\lame_enc.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.18 17:04:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.18 16:10:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.18 10:15:38 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.18 10:13:05 | 000,018,432 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.18 10:13:05 | 000,018,432 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.18 10:12:43 | 001,622,076 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.18 10:12:43 | 000,700,358 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.18 10:12:43 | 000,655,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.18 10:12:43 | 000,149,154 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.18 10:12:43 | 000,121,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.18 10:10:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.18 10:05:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.18 10:05:41 | 2143,936,511 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.18 06:43:11 | 000,003,160 | ---- | M] () -- C:\Windows\SysWow64\PaybackLSPService.ini
[2012.08.18 06:43:11 | 000,001,856 | ---- | M] () -- C:\Windows\SysWow64\GacelaLSPServiceOff.ini
[2012.08.18 06:43:11 | 000,001,856 | ---- | M] () -- C:\Windows\SysNative\GacelaLSPServiceOff.ini
[2012.08.16 17:28:12 | 000,383,616 | ---- | M] (Payback) -- C:\Windows\SysWow64\PaybackLSPService64.dll
[2012.08.16 17:28:12 | 000,383,616 | ---- | M] (Payback) -- C:\Windows\SysNative\PaybackLSPService64.DLL
[2012.08.16 17:28:09 | 000,316,032 | ---- | M] (Payback) -- C:\Windows\SysWow64\PaybackLSPService.dll
[2012.08.16 03:20:14 | 000,418,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.15 08:04:17 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.15 08:04:17 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.09 14:48:00 | 000,187,724 | ---- | M] () -- C:\Users\Börni\Desktop\Unbenannt.JPG
[2012.08.03 12:27:50 | 007,326,917 | ---- | M] () -- C:\Users\Börni\Desktop\3-16 Von Scheibbs bis Nebraska.mp3
[2012.07.25 13:11:18 | 000,000,247 | ---- | M] () -- C:\user.js
[2012.07.25 09:09:12 | 000,001,429 | ---- | M] () -- C:\Users\Börni\Desktop\aSc Vertretung.lnk
[2012.07.25 09:09:12 | 000,000,589 | ---- | M] () -- C:\Users\Börni\Desktop\aSc Stundenpläne.lnk
[2012.07.23 08:46:55 | 000,120,949 | ---- | M] () -- C:\Users\Börni\Desktop\Groupon-AC9A715E75.pdf
 
========== Files Created - No Company Name ==========
 
[2012.08.18 10:15:38 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.17 11:39:29 | 000,003,160 | ---- | C] () -- C:\Windows\SysWow64\PaybackLSPService.ini
[2012.08.17 11:39:29 | 000,001,856 | ---- | C] () -- C:\Windows\SysWow64\GacelaLSPServiceOff.ini
[2012.08.17 11:39:29 | 000,001,856 | ---- | C] () -- C:\Windows\SysNative\GacelaLSPServiceOff.ini
[2012.08.09 14:47:30 | 000,187,724 | ---- | C] () -- C:\Users\Börni\Desktop\Unbenannt.JPG
[2012.08.03 12:29:32 | 007,326,917 | ---- | C] () -- C:\Users\Börni\Desktop\3-16 Von Scheibbs bis Nebraska.mp3
[2012.07.25 13:11:17 | 000,000,247 | ---- | C] () -- C:\user.js
[2012.07.25 09:09:12 | 000,001,429 | ---- | C] () -- C:\Users\Börni\Desktop\aSc Vertretung.lnk
[2012.07.23 08:46:55 | 000,120,949 | ---- | C] () -- C:\Users\Börni\Desktop\Groupon-AC9A715E75.pdf
[2012.06.09 08:35:52 | 000,000,666 | ---- | C] () -- C:\Windows\wininit.ini
[2012.03.13 14:59:08 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.03.13 12:30:48 | 000,004,884 | ---- | C] () -- C:\ProgramData\homrfjdr.aqx
[2012.03.13 12:29:38 | 000,004,962 | ---- | C] () -- C:\ProgramData\etgxespc.rpo
[2012.01.16 08:03:23 | 000,004,096 | -H-- | C] () -- C:\Users\Börni\AppData\Local\keyfile3.drm
[2011.12.21 08:03:13 | 000,000,173 | ---- | C] () -- C:\Users\Börni\AppData\Local\msmathematics.qat.Börni
[2011.05.01 08:16:42 | 000,816,104 | ---- | C] () -- C:\Users\Börni\Signatur Boerni.pdf
[2010.07.24 17:07:32 | 000,000,030 | ---- | C] () -- C:\Program Files (x86)\Exiferupdate.ini
[2010.06.14 18:48:53 | 000,022,039 | ---- | C] () -- C:\Users\Börni\AppData\Roaming\Tabulatorgetrennte Werte (DOS).ADR
[2010.06.14 18:41:35 | 000,022,034 | ---- | C] () -- C:\Users\Börni\AppData\Roaming\Tabulatorgetrennte Werte (Windows).ADR
[2010.06.14 18:40:11 | 000,038,428 | ---- | C] () -- C:\Users\Börni\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2010.06.14 18:39:16 | 000,022,027 | ---- | C] () -- C:\Users\Börni\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2010.05.24 12:49:06 | 000,000,075 | ---- | C] () -- C:\Users\Börni\ShowDesktop.scf
[2010.05.23 10:07:06 | 000,011,230 | ---- | C] () -- C:\Users\Börni\gsview32.ini
[2010.02.15 11:59:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.02.15 02:46:24 | 000,019,968 | ---- | C] () -- C:\Users\Börni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.09 07:56:56 | 000,012,937 | ---- | C] () -- C:\Users\Börni\AppData\Roaming\Microsoft Excel 97-2003.CAL
[2010.01.03 15:38:08 | 000,000,600 | ---- | C] () -- C:\Users\Börni\AppData\Local\PUTTY.RND
[2009.11.27 18:22:51 | 000,000,600 | ---- | C] () -- C:\Users\Börni\AppData\Roaming\winscp.rnd
[2009.11.27 15:09:16 | 000,000,600 | ---- | C] () -- C:\Users\Börni\PUTTY.RND
[2009.11.27 11:14:32 | 000,022,046 | ---- | C] () -- C:\Users\Börni\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2009.10.28 11:51:29 | 000,007,603 | ---- | C] () -- C:\Users\Börni\AppData\Local\resmon.resmoncfg

< End of report >
Geändert von hsmautern (18.08.2012 um 09:58 Uhr) Grund: Ergänzung

Alt 19.08.2012, 10:48   #2
hsmautern
 
Firefox/IE öffnet Seiten erst nach Aktualisierung - Standard

Firefox/IE öffnet Seiten erst nach Aktualisierung


Es wird immer schlimmer!

Bitte um Hilfe!

Übrigens funktioniert im abgesicherten Modus alles normal
__________________
Antwort

Themen zu Firefox/IE öffnet Seiten erst nach Aktualisierung
administrator, anti-malware, autostart, babylontoolbar, black, dateien, document, explorer, favoriten, firefox, gelöscht, gen, google earth, langs, links, neue, neuen, notification, plug-in, problem, quarantäne, seite, seiten, server, service, speicher, tab, temp, verbindung, version, win32/toolbar.zugo, youtube downloader, öffnen, öffnet, öffnet seiten


« C:\Windows\system32\rundll32.exe Folgender Eintrag fehlt: FQ10 | Trojanerbefahl: TR/Nedsym.G.148; TR/Atraps.Gen2 ... schon 2. Mal nach der Windows-Neuinstalation »


Ähnliche Themen: Firefox/IE öffnet Seiten erst nach Aktualisierung


  1. Firefox öffnet mehrere weiße Seiten
    Plagegeister aller Art und deren Bekämpfung - 08.11.2014 (13)
  2. Firefox öffnet selbständig Game Seiten
    Log-Analyse und Auswertung - 08.08.2014 (17)
  3. Firefox öffnet ständig neue seiten
    Plagegeister aller Art und deren Bekämpfung - 06.04.2014 (9)
  4. Firefox öffnet plötzlich fremde Seiten (auch nach neuer WindowsInstallation) + ständige Bluescreens
    Log-Analyse und Auswertung - 12.06.2011 (4)
  5. Firefox öffnet fremde Seiten
    Log-Analyse und Auswertung - 19.02.2011 (16)
  6. Firefox öffnet fremde Seiten
    Log-Analyse und Auswertung - 18.01.2011 (4)
  7. Firefox öffnet dubiose Seiten
    Log-Analyse und Auswertung - 05.01.2011 (14)
  8. Win Vista wird automatisch runtergefahren, Firefox öffnet erst nach langer Wartezeit, JAVA/Agent.M.1
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (5)
  9. Firefox öffnet neue Seiten
    Log-Analyse und Auswertung - 28.04.2010 (12)
  10. Firefox öffnet ungewollt Seiten
    Log-Analyse und Auswertung - 06.11.2009 (1)
  11. Firefox öffnet falsche Seiten
    Log-Analyse und Auswertung - 12.03.2009 (0)
  12. Firefox stürzt ab und lässt sich dann erst nach neustart wieder ausführen
    Log-Analyse und Auswertung - 20.09.2008 (5)
  13. Firefox öffnet neue Seiten
    Log-Analyse und Auswertung - 10.07.2008 (1)
  14. Firefox öffnet Seiten ungewollt
    Plagegeister aller Art und deren Bekämpfung - 26.11.2007 (0)
  15. Firefox öffnet automatisch Seiten
    Log-Analyse und Auswertung - 30.11.2006 (3)
  16. Firefox öffnet andauernd seiten von sebst
    Log-Analyse und Auswertung - 21.04.2006 (20)
  17. firefox öffnet erst nach 1 minute
    Log-Analyse und Auswertung - 23.12.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Firefox/IE öffnet Seiten erst nach Aktualisierung - Hallo erstmal an alle! Ich hoffe es kann geholfen werden. Ich habe seit gestern ein Problem: Sowohl IE als auch Firefox öffnen vorerst normal mit der eingestellten Startseite. Wenn ich - Firefox/IE öffnet Seiten erst nach Aktualisierung...
Archiv
Du betrachtest: Firefox/IE öffnet Seiten erst nach Aktualisierung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55