| SCHADSOFTWARE? BrowserProtect lässt sich nicht entfernen! Hallo liebe Community,
das hier ist mein erster Beitrag.
Ich habe auf meinem Rechner eine Software namens "BrowserProtect" entdeckt. Diese wurde ohne meines Wissens installiert (oder versehentlich). Ich habe mehrmals meinen "gekauften" Avast drüber laufen lassen. Wurde auch entdeckt und wollte ich löschen, ging aber nicht. Habe es auch manuell versucht, dabei heißt es immer, dass die Software gerade ausgefürt wird, was aber nicht der Fall ist.
Nebenbei werden etliche, scheinbar sinnlose Ordner erstellt. Ich bitte euch um Mithilfe dieses Problem zu beheben.
Hier meine Logfiles:
Defogger: Zitat:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:53 on 09/04/2013 (***)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
|
OTL: Zitat:
OTL logfile created on: 09.04.2013 17:55:01 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,86 Gb Total Physical Memory | 6,02 Gb Available Physical Memory | 76,52% Memory free
23,59 Gb Paging File | 21,57 Gb Available in Paging File | 91,46% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,00 Gb Total Space | 27,74 Gb Free Space | 39,63% Space Free | Partition Type: NTFS
Drive D: | 611,63 Gb Total Space | 409,08 Gb Free Space | 66,88% Space Free | Partition Type: NTFS
Computer Name: LIFEBOOK | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ==========
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\PROGRA~2\AD-AWA~1\AdAware.exe (Lavasoft Limited)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED) ========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeskUpdateNotifier\0bbd213c31831ecd29d5de742778716e\DeskUpdateNotifier.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\log4net\652daef54b944f4e81ac562d639d0112\log4net.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll () ========== Services (SafeList) ==========
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV:64bit: - (PFNService) -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe (FUJITSU LIMITED)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (FUJ02E3Service) -- C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
SRV:64bit: - (PowerSavingUtilityService) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe (FUJITSU LIMITED)
SRV:64bit: - (DTSAudioSvc) -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe (DTS, Inc)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Ad-Aware Service) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SBAMSvc) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ==========
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)
DRV:64bit: - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\drivers\gfibto.sys (GFI Software)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\Netwsw00.sys (Intel Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FBIOSDRV) -- C:\Windows\SysNative\drivers\FBIOSDRV.sys (FUJITSU LIMITED)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (FUJ02E3) -- C:\Windows\SysNative\drivers\fuj02e3.sys (FUJITSU LIMITED)
DRV:64bit: - (FUJ02B1) -- C:\Windows\SysNative\drivers\fuj02b1.sys (FUJITSU LIMITED)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{95A2EF7D-634F-4DE1-9D92-3CF37BC46378}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSH
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{95A2EF7D-634F-4DE1-9D92-3CF37BC46378}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu.com/fts
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{34E6DA36-7150-4DC4-B932-B7E2C73096CE}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3244149
IE - HKCU\..\SearchScopes\{95A2EF7D-634F-4DE1-9D92-3CF37BC46378}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSH
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ==========
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledAddons: %7B0F827075-B026-42F3-885D-98981EE7B1AE%7D:2.6.1125.80
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.15 15:45:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 16:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 16:24:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.01.01 21:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2013.04.09 17:31:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\o5z2o8mz.default\extensions
[2013.02.15 14:05:49 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\o5z2o8mz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.08 16:24:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.09 08:12:15 | 000,000,000 | ---D | M] (BrowserProtect) -- C:\PROGRAMDATA\BROWSERPROTECT\2.6.1125.80\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION
[2013.03.08 16:24:20 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.29 11:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 11:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.29 11:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 11:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 11:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 11:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DeskUpdateNotifier] c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [Yontoo Desktop] "C:\Users\***\AppData\Roaming\Yontoo\YontooDesktop.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C966ADA2-6D67-427E-9C0B-04E9D6F58DC2}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4f913c13-94a4-11e2-8c8f-685d43cb6cb2}\Shell - "" = AutoRun
O33 - MountPoints2\{4f913c13-94a4-11e2-8c8f-685d43cb6cb2}\Shell\AutoRun\command - "" = F:\Password.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Password.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ==========
[2013.04.09 17:08:58 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\mbar
[2013.04.09 17:00:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.04.09 16:15:12 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop\Sicherheitscenter
[2013.04.09 16:12:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2013.04.09 16:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.09 16:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.09 16:11:55 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.09 16:11:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.09 16:03:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.09 08:23:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013.04.09 08:23:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013.04.09 08:12:15 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.04.09 08:11:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\GoforFiles
[2013.04.06 09:36:42 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop\Sonstiges
[2013.04.04 20:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TERA
[2013.04.04 20:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
[2013.03.28 04:41:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MOS v1.4
[2013.03.28 04:39:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MOS v1.3
[2013.03.28 04:03:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Third Age - Total War 3.0 (Part 2of2)
[2013.03.28 03:59:15 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Third Age - Total War 3.0 (Part 1of2)
[2013.03.19 19:33:53 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2013.03.13 12:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.13 12:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.13 12:41:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ==========
[2013.04.09 17:53:02 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2013.04.09 17:50:42 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe
[2013.04.09 17:40:10 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.09 17:40:10 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.09 17:33:51 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{911FA2CD-1759-4FA0-B690-FE5BEC9A9DD2}.job
[2013.04.09 17:32:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.09 17:32:12 | 2037,616,639 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.09 17:31:18 | 000,000,097 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.04.09 17:29:05 | 000,613,083 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe
[2013.04.09 17:22:32 | 000,890,798 | ---- | M] () -- C:\Users\***\Desktop\SecurityCheck.exe
[2013.04.09 17:08:46 | 012,894,739 | ---- | M] () -- C:\Users\***\Desktop\mbar-1.01.0.1022.zip
[2013.04.09 17:00:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.04.09 16:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.09 16:54:11 | 000,344,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.02 13:11:14 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.02 13:11:14 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.02 13:11:14 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.02 13:11:14 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.02 13:11:14 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.24 22:19:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.03.24 19:04:35 | 000,002,904 | ---- | M] () -- C:\Users\***\AppData\Local\recently-used.xbel
[2013.03.19 19:33:53 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2013.03.14 09:09:29 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.14 09:09:29 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ==========
[2013.04.09 17:53:02 | 000,000,000 | ---- | C] () -- C:\Users\Raphael Schurr\defogger_reenable
[2013.04.09 17:50:42 | 000,050,477 | ---- | C] () -- C:\Users\Raphael Schurr\Desktop\Defogger.exe
[2013.04.09 17:31:13 | 000,000,097 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.04.09 17:29:05 | 000,613,083 | ---- | C] () -- C:\Users\Raphael Schurr\Desktop\adwcleaner.exe
[2013.04.09 17:22:31 | 000,890,798 | ---- | C] () -- C:\Users\Raphael Schurr\Desktop\SecurityCheck.exe
[2013.04.09 17:08:45 | 012,894,739 | ---- | C] () -- C:\Users\Raphael Schurr\Desktop\mbar-1.01.0.1022.zip
[2013.04.09 16:53:56 | 000,344,376 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.24 19:04:35 | 000,002,904 | ---- | C] () -- C:\Users\Raphael Schurr\AppData\Local\recently-used.xbel
[2013.03.14 09:09:29 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.14 09:09:29 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.09.24 01:19:06 | 000,270,408 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.09.24 01:19:06 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.09.16 00:09:44 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012.09.16 00:09:44 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2012.03.02 20:43:47 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.08 03:00:35 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.02.08 03:00:34 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.02.08 03:00:25 | 000,559,780 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.02.08 03:00:25 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.02.08 03:00:07 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.02.08 03:00:01 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.02.08 02:59:51 | 013,001,728 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.02.08 02:59:44 | 013,206,016 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.12.08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat ========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 15:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 15:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ==========
[2013.01.01 20:56:55 | 000,000,000 | ---D | M] -- C:\Users\Raphael Schurr\AppData\Roaming\Ad-Aware Antivirus
[2012.10.01 10:17:37 | 000,000,000 | ---D | M] -- C:\Users\Raphael Schurr\AppData\Roaming\Auslogics
[2012.03.02 20:51:58 | 000,000,000 | ---D | M] -- C:\Users\Raphael Schurr\AppData\Roaming\Fujitsu
[2012.09.15 14:36:27 | 000,000,000 | ---D | M] -- C:\Users\Raphael Schurr\AppData\Roaming\Fujitsu Launch Center
[2013.04.09 08:11:56 | 000,000,000 | ---D | M] -- C:\Users\Raphael Schurr\AppData\Roaming\GoforFiles
[2012.09.24 01:19:00 | 000,000,000 | ---D | M] -- C:\Users\Raphael Schurr\AppData\Roaming\PunkBuster
[2012.12.23 10:41:42 | 000,000,000 | ---D | M] -- C:\Users\Raphael Schurr\AppData\Roaming\SendSpace
[2013.01.24 02:05:57 | 000,000,000 | ---D | M] -- C:\Users\Raphael Schurr\AppData\Roaming\The Creative Assembly
[2013.03.02 18:24:23 | 000,000,000 | ---D | M] -- C:\Users\Raphael Schurr\AppData\Roaming\TS3Client
[2013.03.02 12:30:21 | 000,000,000 | ---D | M] -- C:\Users\Raphael Schurr\AppData\Roaming\uTorrent
[2012.09.17 13:49:00 | 000,000,000 | ---D | M] -- C:\Users\Raphael Schurr\AppData\Roaming\Windows Live Writer ========== Purity Check ==========
< End of report >
| Habe mich im Board schon etwas umgesehen, aber leider habe ich keine Ahnung von Trojanern etc. Surfe eig. auch bewusst.
Vielen Dank für eure hoffentlich schnellen Antworten.
VG
euer Kane |