Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Delta Toolbar, Babylon, FilesFrogUpdater durch Free-Tool installier. Infektion zu befürchten?

Delta Toolbar, Babylon, FilesFrogUpdater durch Free-Tool installier. Infektion zu befürchten?


Plagegeister aller Art und deren Bekämpfung: Delta Toolbar, Babylon, FilesFrogUpdater durch Free-Tool installier. Infektion zu befürchten?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 18.09.2013, 22:49   #1
Nebelwand
 
Delta Toolbar, Babylon, FilesFrogUpdater durch Free-Tool installier. Infektion zu befürchten? - Standard

Delta Toolbar, Babylon, FilesFrogUpdater durch Free-Tool installier. Infektion zu befürchten?


Hallo beisammen,

vor gut 2 Wochen habe ich mir das Tool "Logon Screen" von einer vollkommen vertrauenswürdigen Quelle heruntergerladen und die Zusatzsoftware (TuneUp) beim Installieren abgewählt. Dennoch hat dieses ***-Tool folgenden Krempel ungefragt mitinstalliert:

- FilesFrog Updater Checker
- Delta Toolbar
- Babylon "Irgendetwas"
- Bundled Software Uninstaller

Ich habe alle diese Programme deinstalliert, teilweise auch noch Reste manuell aus der Registrierung geworfen. Zudem habe ich den Adware Cleaner laufen lassen. Da ich unsicher wurde, habe ich MBAM und OTL laufen lassen direkt danach, beide waren unauffällig. Die Logs hänge ich noch an.

Das lässt mir aber keine Ruhe, darum habe ich noch mehrere Rootkit-Scanner (z.B. TDSS Killer) laufen lassen, nix gefunden.

Mir geht es jetzt konkret darum, ob diese lästigen Programme nun weg sind oder nicht bzw. ob ich Schlimmeres befürchten muss. Sofern der Rechner nicht befallen ist, würde ich ungern neu installieren. Ich bemerke weder ein auffälliges Verhalten, noch wird der Rechner langsamer, Internet geht normal, keine verdächtigen Pop-Ups oder Fenster, keine schrägen Skype-Meldungen, die Auslastung der Prozessoren ist niedrig wie immer.
Ich erwähne das mal weil es mir nur darum geht, ob da überhaupt was sein könnte. Nach meinem Kenntnisstand würde ich davon ausgehen, dass der Rechner nicht befallen ist, aber die Meinung von Euch ist mir mehr als wichtig damit ich die Kiste beruhigt weiter nutzen kann.

Als Schutz habe ich avast Vollversion sowie den Spyware Terminator.

Logs im nächsten Post.

Danke!!

Grüße
Nebelwand

Neuester MBAM Log von gerade eben (zuvor natürlich aktualisiert, Voll-Scan):

rogrMalwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.18.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Dreizehn :: XYZ-PC [Administrator]

18.09.2013 23:33:01
mbam-log-2013-09-18 (23-33-01).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P
Deaktivierte Suchlaufeinstellungen:
Durchsuchte Objekte: 371509
Laufzeit: 10 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

OTL-Log von "damals". Ich reiche gern einen neuen nach!

OTL Teil 1:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 09.09.2013 20:57:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

15,95 Gb Total Physical Memory | 11,09 Gb Available Physical Memory | 69,53% Memory free
31,89 Gb Paging File | 26,71 Gb Available in Paging File | 83,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 149,52 Gb Free Space | 64,20% Space Free | Partition Type: NTFS
Drive D: | 1863,01 Gb Total Space | 1163,11 Gb Free Space | 62,43% Space Free | Partition Type: NTFS
Drive E: | 7,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: PC-NAME | User Name: Benutzer### | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.09.09 20:15:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe
PRC - [2013.08.30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programme\Avast\AvastUI.exe
PRC - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programme\Avast\AvastSvc.exe
PRC - [2013.08.30 09:47:31 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Programme\Avast\afwServ.exe
PRC - [2013.08.28 23:47:18 | 001,811,880 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013.08.28 23:47:18 | 000,563,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013.08.27 23:16:41 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.08.27 23:16:03 | 002,155,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.08.27 23:16:02 | 001,213,216 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013.08.18 11:26:28 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Firefox\firefox.exe
PRC - [2013.08.18 11:26:27 | 000,017,304 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Firefox\plugin-container.exe
PRC - [2013.08.15 21:12:37 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2013.08.15 21:12:14 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.08.07 20:27:30 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Thunderbird\thunderbird.exe
PRC - [2013.07.31 00:21:08 | 000,124,416 | ---- | M] (VideoLAN) -- C:\Program Files (x86)\VLC\vlc.exe
PRC - [2013.07.23 16:34:55 | 001,516,496 | ---- | M] (TrueCrypt Foundation) -- C:\Programme\TrueCrypt\TrueCrypt.exe
PRC - [2013.07.12 15:01:00 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_11_8_800_94.exe
PRC - [2013.07.03 10:32:44 | 000,660,184 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.06.20 11:29:38 | 000,173,192 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.26 10:25:54 | 000,292,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013.04.03 03:06:06 | 003,684,488 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2013.04.03 03:05:58 | 002,777,736 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
PRC - [2013.04.01 06:54:52 | 000,015,888 | ---- | M] (Intel(R) Corporation) -- C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
PRC - [2013.03.22 08:38:32 | 000,286,704 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013.03.22 08:38:32 | 000,015,344 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013.03.12 13:20:54 | 000,366,552 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013.03.12 13:20:50 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2013.03.01 17:44:06 | 000,763,856 | ---- | M] () -- C:\Program Files (x86)\CoreTemp\Core Temp.exe
PRC - [2013.01.02 17:11:16 | 000,171,632 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
PRC - [2012.08.03 08:01:00 | 003,801,736 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files (x86)\TotalCommander\TOTALCMD.EXE
PRC - [2012.02.13 21:19:20 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
PRC - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (No Company Name) ==========

MOD - [2013.08.28 23:47:20 | 001,120,680 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2013.08.22 00:18:28 | 000,687,104 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.08.18 11:26:28 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Firefox\mozjs.dll
MOD - [2013.08.14 10:32:35 | 001,226,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.WorkflowServ#\ecfb43e24051aed189d440e0fa1e9854 \System.WorkflowServices.ni.dll
MOD - [2013.08.14 10:32:20 | 001,141,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceModel#\9fa70774f4fdb66f3f500c46fa3ac824 \System.ServiceModel.Discovery.ni.dll
MOD - [2013.08.14 10:32:20 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceModel#\3fae818d7b77ce74ea15675ec06d2b1f \System.ServiceModel.Routing.ni.dll
MOD - [2013.08.14 10:32:19 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceModel#\d9d0cfcd2148c32aeb8dc27530903125 \System.ServiceModel.Channels.ni.dll
MOD - [2013.08.14 10:32:13 | 001,087,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceModel#\763d27427278ff580fd8face4edd9c5f \System.ServiceModel.Web.ni.dll
MOD - [2013.08.14 10:31:23 | 001,394,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceModel#\ad71a48cf5a6828d4e07f78e50a9eb54 \System.ServiceModel.Activities.ni.dll
MOD - [2013.08.14 10:31:21 | 018,101,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceModel\069130d01589ff7ead36c597b37fcdf7\ System.ServiceModel.ni.dll
MOD - [2013.08.14 10:31:21 | 001,078,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.IdentityModel\224d59cb515eb3660e0b4d4530f946bc \System.IdentityModel.ni.dll
MOD - [2013.08.14 09:38:32 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Runtime.Dura#\d82770dc4e5fee30ca8a7244bf7f613a \System.Runtime.DurableInstancing.ni.dll
MOD - [2013.08.14 09:38:32 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMD iagnostics\af7d7a2e47e0ac57b4f0fe5e0c1cda9a\SMDiag nostics.ni.dll
MOD - [2013.08.14 09:38:31 | 002,647,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Runtime.Seri#\420022aad3481c670eb86a4ca72d5b43 \System.Runtime.Serialization.ni.dll
MOD - [2013.08.14 09:28:19 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Windows.Forms\1a3b614a84244ea5fa4147b5cf007333 \System.Windows.Forms.ni.dll
MOD - [2013.08.14 09:28:17 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Core\c25ede0d0127774c504c4fc41d4de273\System.C ore.ni.dll
MOD - [2013.08.14 09:28:15 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xm l.ni.dll
MOD - [2013.08.14 09:28:13 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Drawing\3a3fc0216674bdea0be809b305517c98\Syste m.Drawing.ni.dll
MOD - [2013.08.14 09:28:13 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Configuration\df40dab689e9d8febfb943599ba79f8d \System.Configuration.ni.dll
MOD - [2013.08.14 09:28:12 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013.08.07 21:31:06 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013.08.07 20:27:30 | 002,244,504 | ---- | M] () -- C:\Program Files (x86)\Thunderbird\mozjs.dll
MOD - [2013.08.07 20:27:30 | 000,158,104 | ---- | M] () -- C:\Program Files (x86)\Thunderbird\NSLDAP32V60.dll
MOD - [2013.08.07 20:27:30 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Thunderbird\NSLDAPPR32V60.dll
MOD - [2013.07.31 00:22:00 | 002,376,192 | ---- | M] () -- C:\Program Files (x86)\VLC\libvlccore.dll
MOD - [2013.07.31 00:21:58 | 011,387,904 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\gui\libqt4_plugin.dll
MOD - [2013.07.31 00:21:58 | 000,123,392 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_h264_pl ugin.dll
MOD - [2013.07.31 00:21:58 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_vc1_plu gin.dll
MOD - [2013.07.31 00:21:58 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_mpeg4au dio_plugin.dll
MOD - [2013.07.31 00:21:58 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_mpeg4vi deo_plugin.dll
MOD - [2013.07.31 00:21:58 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_dirac_p lugin.dll
MOD - [2013.07.31 00:21:58 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_mpegvid eo_plugin.dll
MOD - [2013.07.31 00:21:58 | 000,079,360 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_flac_pl ugin.dll
MOD - [2013.07.31 00:21:58 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_mlp_plu gin.dll
MOD - [2013.07.31 00:21:52 | 000,387,584 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libtheora_plugin.dll
MOD - [2013.07.31 00:21:52 | 000,221,696 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libpng_plugin.dll
MOD - [2013.07.31 00:21:52 | 000,086,528 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_output\libwaveout_plugin.d ll
MOD - [2013.07.31 00:21:52 | 000,084,992 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_output\libaout_directx_plu gin.dll
MOD - [2013.07.31 00:21:52 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libdts_plugin.dll
MOD - [2013.07.31 00:21:52 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libcvdsub_plugin.dll
MOD - [2013.07.31 00:21:52 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libcdg_plugin.dll
MOD - [2013.07.31 00:21:50 | 000,968,704 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\liblibass_plugin.dll
MOD - [2013.07.31 00:21:48 | 001,759,232 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libvorbis_plugin.dll
MOD - [2013.07.31 00:21:48 | 001,338,880 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libschroedinger_plugin.dll
MOD - [2013.07.31 00:21:48 | 000,340,480 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libopus_plugin.dll
MOD - [2013.07.31 00:21:48 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\liblpcm_plugin.dll
MOD - [2013.07.31 00:21:48 | 000,077,312 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libspudec_plugin.dll
MOD - [2013.07.31 00:21:48 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libmpeg_audio_plugin.dll
MOD - [2013.07.31 00:21:48 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libsvcdsub_plugin.dll
MOD - [2013.07.31 00:21:48 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libaes3_plugin.dll
MOD - [2013.07.31 00:21:46 | 000,393,728 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libfaad_plugin.dll
MOD - [2013.07.31 00:21:46 | 000,279,552 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libflac_plugin.dll
MOD - [2013.07.31 00:21:42 | 000,181,248 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libspeex_plugin.dll
MOD - [2013.07.31 00:21:42 | 000,087,552 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\control\libhotkeys_plugin.dll
MOD - [2013.07.31 00:21:42 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\libaraw_plugin.dll
MOD - [2013.07.31 00:21:42 | 000,072,704 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\codec\librawvideo_plugin.dll
MOD - [2013.07.31 00:21:42 | 000,072,704 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\control\libglobalhotkeys_plugin. dll
MOD - [2013.07.31 00:21:42 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_mixer\libfloat32_mixer_plu gin.dll
MOD - [2013.07.31 00:21:34 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\lua\liblua_plugin.dll
MOD - [2013.07.31 00:21:34 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\libdtstofloat32_plu gin.dll
MOD - [2013.07.31 00:21:34 | 000,107,520 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\liba52tofloat32_plu gin.dll
MOD - [2013.07.31 00:21:34 | 000,082,432 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\libaudio_format_plu gin.dll
MOD - [2013.07.31 00:21:34 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\libconverter_fixed_ plugin.dll
MOD - [2013.07.31 00:21:34 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\libdtstospdif_plugi n.dll
MOD - [2013.07.31 00:21:32 | 001,551,872 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\libsamplerate_plugi n.dll
MOD - [2013.07.31 00:21:32 | 001,405,440 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\meta_engine\libtaglib_plugin.dll
MOD - [2013.07.31 00:21:32 | 000,164,864 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\libmpgatofixed32_pl ugin.dll
MOD - [2013.07.31 00:21:32 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\libscaletempo_plugi n.dll
MOD - [2013.07.31 00:21:32 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\libsimple_channel_m ixer_plugin.dll
MOD - [2013.07.31 00:21:32 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\libdolby_surround_d ecoder_plugin.dll
MOD - [2013.07.31 00:21:32 | 000,070,656 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\libugly_resampler_p lugin.dll
MOD - [2013.07.31 00:21:32 | 000,070,144 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\audio_filter\liba52tospdif_plugi n.dll
MOD - [2013.07.31 00:21:28 | 001,285,120 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\misc\libxml_plugin.dll
MOD - [2013.07.31 00:21:28 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\services_discovery\libupnp_plugi n.dll
MOD - [2013.07.31 00:21:28 | 000,122,368 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\services_discovery\libsap_plugin .dll
MOD - [2013.07.31 00:21:28 | 000,077,312 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\services_discovery\libpodcast_pl ugin.dll
MOD - [2013.07.31 00:21:28 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\services_discovery\libmediadirs_ plugin.dll
MOD - [2013.07.31 00:21:28 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\services_discovery\libwindrive_p lugin.dll
MOD - [2013.07.31 00:21:28 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\mmxext\libmemcpymmxext_plugin.dl l
MOD - [2013.07.31 00:21:22 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\video_output\libdirectx_plugin.d ll
MOD - [2013.07.31 00:21:20 | 000,293,888 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\access\libdvdnav_plugin.dll
MOD - [2013.07.31 00:21:20 | 000,282,112 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\access\libdshow_plugin.dll
MOD - [2013.07.31 00:21:20 | 000,224,768 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\access\liblibbluray_plugin.dll
MOD - [2013.07.31 00:21:20 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\access\libzip_plugin.dll
MOD - [2013.07.31 00:21:20 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\access\libaccess_vdr_plugin.dll
MOD - [2013.07.31 00:21:20 | 000,079,360 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\access\libfilesystem_plugin.dll
MOD - [2013.07.31 00:21:16 | 000,134,656 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\access\libaccess_bd_plugin.dll
MOD - [2013.07.31 00:21:16 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\access\libstream_filter_rar_plug in.dll
MOD - [2013.07.31 00:21:14 | 000,080,384 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\demux\libflacsys_plugin.dll
MOD - [2013.07.31 00:21:14 | 000,080,384 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\demux\libes_plugin.dll
MOD - [2013.07.31 00:21:12 | 000,229,888 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\demux\libmp4_plugin.dll
MOD - [2013.07.31 00:21:12 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\demux\libplaylist_plugin.dll
MOD - [2013.07.31 00:21:12 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\demux\libavi_plugin.dll
MOD - [2013.07.31 00:21:12 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\demux\libasf_plugin.dll
MOD - [2013.07.31 00:21:08 | 000,693,760 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\stream_filter\libstream_filter_d ash_plugin.dll
MOD - [2013.07.31 00:21:08 | 000,469,504 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\stream_filter\libstream_filter_h ttplive_plugin.dll
MOD - [2013.07.31 00:21:08 | 000,144,896 | ---- | M] () -- C:\Program Files (x86)\VLC\libvlc.dll
MOD - [2013.07.31 00:21:08 | 000,071,168 | ---- | M] () -- C:\Program Files (x86)\VLC\plugins\stream_filter\libstream_filter_r ecord_plugin.dll
MOD - [2013.07.12 15:00:59 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_80 0_94.dll
MOD - [2013.07.12 14:27:00 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\msc orlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni .dll
MOD - [2013.06.15 01:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 01:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013.06.15 01:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013.03.01 17:44:06 | 000,763,856 | ---- | M] () -- C:\Program Files (x86)\CoreTemp\Core Temp.exe


========== Services (SafeList) ==========

SRV - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.08.30 09:47:31 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2013.08.28 23:47:18 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.08.27 23:17:43 | 014,997,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013.08.27 23:16:03 | 002,155,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.08.18 11:26:28 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.08.15 21:12:37 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2013.08.15 21:12:14 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.07.25 08:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.07.12 15:01:00 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.07.03 10:32:44 | 001,228,504 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2013.07.03 10:32:44 | 000,660,184 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.06.20 11:29:38 | 000,173,192 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.11 11:54:36 | 000,490,496 | ---- | M] () [Auto | Running] -- C:\Programme\Qualcomm Atheros\Killer Network Manager\BFNService.exe -- (Qualcomm Atheros Killer Service)
SRV - [2013.04.03 03:06:12 | 001,149,104 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2013.04.01 06:54:52 | 000,015,888 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe -- (XTU3SERVICE)
SRV - [2013.03.22 08:38:32 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2013.03.12 13:20:54 | 000,366,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013.03.12 13:20:50 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013.02.17 12:18:06 | 000,137,336 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2013.02.13 12:47:04 | 000,820,184 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV - [2013.02.13 12:46:48 | 000,731,648 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013.01.02 17:11:16 | 000,171,632 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.02.13 21:19:20 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe -- (BBUpdate)
SRV - [2012.02.13 21:19:20 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe -- (BBSvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.08.30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.08.30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.08.30 09:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.08.30 09:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.08.30 09:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.08.30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.08.30 09:48:09 | 000,270,824 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2013.08.30 09:48:09 | 000,131,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2013.08.30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.08.30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.08.30 09:48:09 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013.08.20 15:33:40 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.07.23 16:34:55 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2013.07.12 14:14:51 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2013.07.03 10:32:42 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI)
DRV:64bit: - [2013.06.21 14:02:43 | 000,448,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2013.06.14 17:13:40 | 000,142,072 | ---- | M] (Ray Hinchliffe) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SIVX64.sys -- (SIVDriver)
DRV:64bit: - [2013.04.26 10:24:58 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2013.04.26 10:24:56 | 000,786,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2013.04.26 10:24:56 | 000,368,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2013.04.11 11:55:34 | 000,066,928 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bflwfx64.sys -- (BfLwf)
DRV:64bit: - [2013.04.11 11:55:32 | 000,165,824 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e22W7x64.sys -- (Ke2200)
DRV:64bit: - [2013.03.22 08:38:18 | 000,678,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013.03.22 08:38:18 | 000,028,656 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2013.03.13 19:01:59 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2013.03.12 13:20:52 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013.02.25 10:12:04 | 002,426,672 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013.02.25 07:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.01.23 01:46:12 | 000,027,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2012.08.23 16:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.07.17 10:07:22 | 000,025,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiCtlDrv.sys -- (AcpiCtlDrv)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.11.24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.01.07 09:52:48 | 000,025,448 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys -- (iocbios2)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3674264657-2911685468-1046851556-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
IE - HKU\S-1-5-21-3674264657-2911685468-1046851556-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-3674264657-2911685468-1046851556-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 71 BA 8C 29 D4 AB CE 01 [binary data]
IE - HKU\S-1-5-21-3674264657-2911685468-1046851556-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3674264657-2911685468-1046851556-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3674264657-2911685468-1046851556-1001\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.1.0
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.7.1
FF - prefs.js..extensions.enabledAddons: googlesharing%40extension.thoughtcrime.org:0.22
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: Noia4Options%40ArisT2:1.8.6
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1497
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_80 0_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_80 0_94.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\wrc@avast.com: C:\Program Files\Avast\WebRep\FF [2013.09.07 16:31:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Firefox\plugins [2013.08.18 11:26:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Thunderbird\components [2013.08.07 20:27:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Firefox\plugins [2013.08.18 11:26:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Thunderbird\components [2013.08.07 20:27:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Thunderbird\plugins

[2013.07.12 14:18:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\Exten sions
[2013.08.31 16:26:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\Firef ox\Profiles\lacdvedv.default\extensions
[2013.07.12 16:49:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\Firef ox\Profiles\lacdvedv.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.08.31 16:26:56 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\Firef ox\Profiles\lacdvedv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.07.12 14:21:35 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\Firef ox\Profiles\lacdvedv.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2013.07.12 14:20:19 | 000,000,000 | ---D | M] (British English Dictionary (Updated)) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\Firef ox\Profiles\lacdvedv.default\extensions\en-gb@flyingtophat.co.uk
[2013.08.18 11:27:38 | 000,000,000 | ---D | M] (GoogleSharing) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\Firef ox\Profiles\lacdvedv.default\extensions\googleshar ing@extension.thoughtcrime.org
[2013.08.18 11:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\Firef ox\Profiles\lacdvedv.default\extensions\googleshar ing@extension.thoughtcrime.org\chrome
[2013.08.18 11:27:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\Firef ox\Profiles\lacdvedv.default\extensions\googleshar ing@extension.thoughtcrime.org\components
[2013.08.18 11:27:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\Firef ox\Profiles\lacdvedv.default\extensions\googleshar ing@extension.thoughtcrime.org\defaults
[2013.08.24 12:10:43 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\firef ox\profiles\lacdvedv.default\extensions\elemhidehe lper@adblockplus.org.xpi
[2013.08.20 23:11:01 | 000,342,166 | ---- | M] () (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\firef ox\profiles\lacdvedv.default\extensions\langpack-en-GB@firefox.mozilla.org.xpi
[2013.09.06 21:54:03 | 000,088,432 | R--- | M] () (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\firef ox\profiles\lacdvedv.default\extensions\Noia4Optio ns@ArisT2.xpi
[2013.08.17 13:24:36 | 000,534,203 | ---- | M] () (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\firef ox\profiles\lacdvedv.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.07.31 10:43:42 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\firef ox\profiles\lacdvedv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.07.12 14:26:01 | 000,765,412 | ---- | M] () (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\firef ox\profiles\lacdvedv.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013.09.06 21:54:03 | 001,449,144 | R--- | M] () (No name found) -- C:\Users\Benutzer###\AppData\Roaming\mozilla\firef ox\profiles\lacdvedv.default\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi
[2013.09.07 16:31:37 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST\WEBREP\FF

OTL Nummer 2:

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe (The Eraser Project)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: [avast] C:\Program Files\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3674264657-2911685468-1046851556-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-3674264657-2911685468-1046851556-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3674264657-2911685468-1046851556-1001..\Run: [TrueCrypt] C:\Program Files\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
O4 - HKU\S-1-5-21-3674264657-2911685468-1046851556-1011..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3674264657-2911685468-1046851556-1011..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{6FF9A845-8215-4FFC-85C0-D1D8FD5ECFA4}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{E094B310-4A10-4CC5-8E0F-92EE2383275A}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysWOW64\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.05.26 08:13:50 | 000,279,201 | R--- | M] () - E:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2010.02.12 03:58:58 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{65c5951a-eae8-11e2-9a72-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{65c5951a-eae8-11e2-9a72-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2011.05.13 02:41:44 | 000,435,216 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrvonServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.09.07 17:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.09.07 17:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.09.07 16:47:41 | 001,492,848 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Benutzer###\Desktop\SkypeSetup(1).exe
[2013.09.07 16:18:43 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\AppData\Roaming\Safer Networking
[2013.09.07 16:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safer Networking
[2013.09.07 16:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegAnalyzer
[2013.09.07 15:08:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2013.09.07 14:14:29 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\Local Settings
[2013.09.07 14:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\Logon Screen
[2013.09.06 17:29:44 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\AppData\Roaming\Skype
[2013.09.06 17:29:42 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.09.06 17:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.08.31 21:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2013.08.31 14:29:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.08.31 14:28:21 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2013.08.31 14:28:21 | 000,028,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2013.08.31 14:26:52 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.08.31 14:26:51 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.08.31 14:26:51 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.08.31 14:26:51 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.08.31 14:26:51 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.08.31 14:26:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.08.31 14:26:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.08.31 14:26:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.08.31 14:26:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.08.31 14:26:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.08.25 20:33:08 | 000,275,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DreamScene.dll
[2013.08.25 20:15:18 | 000,275,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DreamScene.dll
[2013.08.23 11:54:13 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.08.22 01:17:40 | 000,000,000 | R--D | C] -- C:\Users\Benutzer###\Desktop\Games
[2013.08.20 22:38:29 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\AppData\Roaming\Microsoft\Win dows\Start Menu\Programs\Afraid of Monsters Director's Cut
[2013.08.20 22:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Afraid of Monsters Director's Cut
[2013.08.19 23:35:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2013.08.19 23:35:59 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\Documents\EA Games
[2013.08.19 23:25:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.08.18 13:16:48 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\AppData\Local\Two Worlds II
[2013.08.18 11:26:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefox
[2013.08.18 09:19:24 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\Documents\streumon
[2013.08.16 12:46:41 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\AppData\Local\Electronic Arts
[2013.08.16 12:46:36 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\Documents\Electronic Arts
[2013.08.16 10:30:32 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\Documents\Almost Human
[2013.08.15 22:14:51 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\AppData\Roaming\Wireshark
[2013.08.15 22:13:30 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\AppData\Local\gtk-2.0
[2013.08.15 22:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2013.08.15 22:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2013.08.15 20:32:39 | 000,447,752 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2013.08.15 20:03:06 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\AppData\Local\Criterion Games
[2013.08.14 09:28:40 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.08.14 09:28:40 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.08.14 09:28:39 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.08.14 09:28:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.08.14 09:28:39 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.08.14 09:28:39 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.08.14 09:28:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.08.14 09:28:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.08.14 09:28:39 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.08.14 09:28:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.08.14 09:28:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.08.14 09:28:38 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.08.14 09:28:38 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.08.14 09:28:38 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.08.14 09:28:37 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.08.14 09:14:41 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.08.14 09:14:40 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013.08.14 09:14:40 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.08.14 09:14:23 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.08.14 09:14:23 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.08.14 09:14:23 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013.08.13 16:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013.08.13 16:44:29 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\AppData\Roaming\Malwarebytes
[2013.08.13 16:44:24 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.08.13 16:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.08.13 16:44:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.08.12 17:34:34 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\AppData\Roaming\vlc
[2013.08.12 17:32:42 | 000,000,000 | ---D | C] -- C:\Users\Benutzer###\AppData\Local\Secunia PSI
[2013.08.12 17:32:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia

========== Files - Modified Within 30 Days ==========

[2013.09.09 20:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.09 19:26:46 | 000,025,392 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.09 19:26:46 | 000,025,392 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.09 19:24:10 | 001,645,378 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.09 19:24:10 | 000,708,288 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.09.09 19:24:10 | 000,661,906 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.09 19:24:10 | 000,153,378 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.09.09 19:24:10 | 000,125,594 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.09 19:19:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.09 19:19:32 | 4250,939,390 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.07 17:34:28 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.09.07 16:34:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.09.07 15:45:27 | 000,376,320 | ---- | M] (hxxp://www.julien-manici.com/) -- C:\Users\Benutzer###\Desktop\Win7LogonBackgroundCh anger.exe
[2013.09.07 15:13:34 | 001,492,848 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Benutzer###\Desktop\SkypeSetup(1).exe
[2013.09.07 15:08:13 | 000,001,728 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013.08.30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.08.30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.08.30 09:48:10 | 000,204,880 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.08.30 09:48:10 | 000,072,016 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.08.30 09:48:10 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.08.30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.08.30 09:48:09 | 000,270,824 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2013.08.30 09:48:09 | 000,131,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2013.08.30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.08.30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.08.30 09:48:09 | 000,022,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2013.08.30 09:47:40 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.08.30 09:47:14 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.08.25 20:35:57 | 000,008,107 | ---- | M] () -- C:\Windows\w7dsd.reg
[2013.08.25 20:35:57 | 000,008,089 | ---- | M] () -- C:\Windows\w7dse.reg
[2013.08.25 20:33:08 | 000,275,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DreamScene.dll
[2013.08.20 15:33:40 | 000,039,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2013.08.20 15:32:58 | 000,029,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2013.08.20 15:32:46 | 000,028,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2013.08.15 22:21:19 | 000,000,218 | ---- | M] () -- C:\Users\Benutzer###\AppData\Local\recently-used.xbel
[2013.08.15 21:12:37 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.08.15 21:12:14 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.08.15 20:31:51 | 000,447,752 | ---- | M] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2013.08.15 16:57:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01 009.Wdf


========== Files Created - No Company Name ==========

[2013.09.07 17:34:28 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.09.07 15:08:13 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013.08.25 20:33:08 | 000,008,107 | ---- | C] () -- C:\Windows\w7dsd.reg
[2013.08.25 20:33:08 | 000,008,089 | ---- | C] () -- C:\Windows\w7dse.reg
[2013.08.15 22:21:19 | 000,000,218 | ---- | C] () -- C:\Users\Benutzer###\AppData\Local\recently-used.xbel
[2013.08.15 21:12:14 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2013.08.15 16:57:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01 009.Wdf
[2013.08.05 14:54:07 | 002,793,768 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.07.31 11:44:07 | 000,004,510 | ---- | C] () -- C:\Users\Benutzer###\AppData\Roaming\CamStudio.cfg
[2013.07.31 11:44:07 | 000,000,408 | ---- | C] () -- C:\Users\Benutzer###\AppData\Roaming\CamShapes.ini
[2013.07.31 11:44:07 | 000,000,408 | ---- | C] () -- C:\Users\Benutzer###\AppData\Roaming\CamLayout.ini
[2013.07.31 11:44:07 | 000,000,096 | ---- | C] () -- C:\Users\Benutzer###\AppData\Roaming\Camdata.ini
[2013.07.25 13:13:34 | 000,007,635 | ---- | C] () -- C:\Users\Benutzer###\AppData\Local\Resmon.ResmonCf g
[2013.07.24 11:19:01 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.07.14 14:30:47 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.07.14 14:30:45 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.06.11 12:02:52 | 001,671,740 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.04.24 08:43:35 | 000,002,048 | ---- | C] () -- C:\Windows\hidcon.exe
[2013.02.13 12:27:54 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.09.07 15:07:39 | 000,000,000 | ---D | M] -- C:\Users\Benutzer###\AppData\Roaming\GHISLER
[2013.07.25 12:05:43 | 000,000,000 | ---D | M] -- C:\Users\Benutzer###\AppData\Roaming\Leadertech
[2013.08.15 14:02:38 | 000,000,000 | ---D | M] -- C:\Users\Benutzer###\AppData\Roaming\Origin
[2013.09.07 16:18:43 | 000,000,000 | ---D | M] -- C:\Users\Benutzer###\AppData\Roaming\Safer Networking
[2013.07.12 14:14:51 | 000,000,000 | ---D | M] -- C:\Users\Benutzer###\AppData\Roaming\Spyware Terminator
[2013.07.12 15:55:49 | 000,000,000 | ---D | M] -- C:\Users\Benutzer###\AppData\Roaming\Thunderbird
[2013.08.15 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\Benutzer###\AppData\Roaming\TrueCrypt
[2013.08.15 22:21:19 | 000,000,000 | ---D | M] -- C:\Users\Benutzer###\AppData\Roaming\Wireshark

========== Purity Check ==========



< End of report >
--- --- ---
Geändert von Nebelwand (18.09.2013 um 22:55 Uhr) Grund: Verhalten des PCs ergänzt

 

Themen zu Delta Toolbar, Babylon, FilesFrogUpdater durch Free-Tool installier. Infektion zu befürchten?
adware, avast, babylon toolbar, befallen, bingbar, cleaner, delta, delta toolbar, direkt, folge, folgende, infektion, installieren, installiert, laufen, launch, mbam, plug-in, programme, pup.adbundle, rechner, registrierung, schutz, screen, secunia psi, spyware, tdss, tool, ungefragt, vollversion, woche, wochen


« Zugriff auf die Festplatte | Wirklich alle Trojaner vom PC entfernt? »


Ähnliche Themen: Delta Toolbar, Babylon, FilesFrogUpdater durch Free-Tool installier. Infektion zu befürchten?


  1. Babylon-Toolbar, BProtect-D und andere Schädlinge werde ich nicht los
    Log-Analyse und Auswertung - 26.07.2014 (11)
  2. Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a.
    Log-Analyse und Auswertung - 08.01.2014 (15)
  3. BitGuard, Babylon, Delta Search und andere Ad-, Spy- und Scareware @ MARCO-VAIO
    Log-Analyse und Auswertung - 05.01.2014 (13)
  4. PUP.Optinonal.Wajam.A, PUP.Optinonal.Babylon.A, PUP.BProtector, PUP.Optional.DataMgr.A, PUP.Optional.Babylon.Toolbar.A
    Log-Analyse und Auswertung - 11.12.2013 (11)
  5. Windows Vista: PUP.Babylon.a, qone8 Toolbar etc. ...
    Log-Analyse und Auswertung - 08.11.2013 (5)
  6. Windows 7 "PUP Babylon Toolbar" und "a variant of Win32/Bundled.Toolbar.Ask.D" gefunden
    Log-Analyse und Auswertung - 26.09.2013 (9)
  7. pup.babylon.a, vollständig entferne, junkware removal tool
    Log-Analyse und Auswertung - 23.09.2013 (11)
  8. XP Neuinstallation nach Infektion mit Babylon und Delta Search
    Log-Analyse und Auswertung - 12.08.2013 (3)
  9. Delta Search und Babylon search - Malware durch Freeware, Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 16.07.2013 (37)
  10. blacole.cz und babylon toolbar
    Log-Analyse und Auswertung - 30.05.2013 (20)
  11. Delta Search Babylon
    Log-Analyse und Auswertung - 28.05.2013 (14)
  12. isearch Babylon Toolbar ist nicht zu eliminieren
    Plagegeister aller Art und deren Bekämpfung - 14.05.2013 (2)
  13. Searchnu406, Babylon Toolbar
    Plagegeister aller Art und deren Bekämpfung - 13.02.2013 (31)
  14. PUP.Babylon Toolbar
    Plagegeister aller Art und deren Bekämpfung - 10.01.2013 (17)
  15. claro search entfernen und evtl babylon toolbar
    Plagegeister aller Art und deren Bekämpfung - 07.01.2013 (22)
  16. Babylon Toolbar,Spyhunter4, Firefoxbrowser claro search
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (3)
  17. Babylon Search Tool
    Plagegeister aller Art und deren Bekämpfung - 29.09.2012 (23)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Delta Toolbar, Babylon, FilesFrogUpdater durch Free-Tool installier. Infektion zu befürchten? - Hallo beisammen, vor gut 2 Wochen habe ich mir das Tool "Logon Screen" von einer vollkommen vertrauenswürdigen Quelle heruntergerladen und die Zusatzsoftware (TuneUp) beim Installieren abgewählt. Dennoch hat dieses ***-Tool - Delta Toolbar, Babylon, FilesFrogUpdater durch Free-Tool installier. Infektion zu befürchten?...
Archiv
Du betrachtest: Delta Toolbar, Babylon, FilesFrogUpdater durch Free-Tool installier. Infektion zu befürchten? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27