Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Virenbekämpfung (https://www.trojaner-board.de/142541-virenbekaempfung.html)

darkrider78 04.10.2013 20:36
Virenbekämpfung
 
Hallo, auf meinem Laptop sind einige Viren.
Diese möchte ich gerne loswerden.

Danke im Voraus an den/die Helfer/in

schrauber 04.10.2013 22:17
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


darkrider78 13.10.2013 22:24
Hallo.
Ich habe erst jetzt wieder an dieses Thema gedacht.

Ich habe heute Nacht einen Scan mit M'BAM gemacht.

FRST.txt:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by Tobias (administrator) on TOBIAS-PC on 13-10-2013 23:19:57
Running from C:\Users\Tobias\Desktop
Microsoft Windows 7 Home Premium  (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\system32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Programme\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe
() C:\Windows\system32\PnkBstrA.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Programme\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Programme\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe
(ICQ) C:\Users\Tobias\AppData\Roaming\ICQM\icq.exe
(Spotify Ltd) C:\Users\Tobias\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Almico Software (www.almico.com)) C:\Programme\SpeedFan\speedfan.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(EJIE Technology) C:\Programme\Clover\clover.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313672 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.)
HKCU\...\Run: [EPSON SX210 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU "C:\Windows\TEMP\E_S2B7D.tmp" /EF "HKCU"
HKCU\...\Run: [Skype] - C:\Programme\Skype\Phone\Skype.exe [19876456 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [icq] - C:\Users\Tobias\AppData\Roaming\ICQM\icq.exe [27598184 2013-05-22] (ICQ)
HKCU\...\Run: [AshSnap] - C:\Programme\Ashampoo\Ashampoo Snap 4\ashsnap.exe [1528176 2011-04-01] (ashampoo GmbH & Co. KG)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Tobias\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-11] (Spotify Ltd)
HKCU\...\Run: [SandboxieControl] - C:\Programme\Sandboxie\SbieCtrl.exe [543320 2013-07-08] (Sandboxie Holdings, LLC)
MountPoints2: {7bc8f8a4-9144-11e2-87fe-6c626d60f91a} - I:\Launcher\LAUNCHER.EXE
HKU\Default\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [ 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\Default User\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [ 2009-11-12] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Driver Parallel Lines.LNK
ShortcutTarget: Registration Driver Parallel Lines.LNK -> C:\Spiele\Driver Parallel Lines\Register\RegistrationReminder.exe ()
Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk
ShortcutTarget: SpeedFan.lnk -> C:\Programme\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=5EF774F06D6CDB9E&affID=119523&tt=070813_wt3&tsp=4968
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=5EF774F06D6CDB9E&affID=119523&tt=070813_wt3&tsp=4968
SearchScopes: HKCU - {6D096609-3978-44B8-A0AF-15C92B77D9DF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO: ExplorerWatcher Class - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Programme\Clover\TabHelper32.dll (EJIE Technology)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU -&Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU -Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.169.185.225 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default
FF user.js: detected! => C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=5EF774F06D6CDB9E&affID=119523&tt=070813_wt3&tsp=4968
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 - C:\Program Files\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 - C:\Program Files\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\searchplugins\webde-suche.xml
FF Extension: Battlefield Heroes Updater - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Battlefield Play4Free - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\battlefieldplay4free@ea.com
FF Extension: Deutsches Wörterbuch - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: BrowserAdditions - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\toolbarbutton@browseradditions.com
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF Extension: WOT - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: about-addons-memory - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\about-addons-memory@tn123.org.xpi
FF Extension: autopager - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\autopager@mozilla.org.xpi
FF Extension: jid0-nEKQbsVUhSe9FRuGEdAV8hAphDI - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\jid0-nEKQbsVUhSe9FRuGEdAV8hAphDI@jetpack.xpi
FF Extension: jid1-uabu5A9hduqzCw - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\jid1-uabu5A9hduqzCw@jetpack.xpi
FF Extension: sharemenot - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\sharemenot@franziroesner.com.xpi
FF Extension: SkipScreen - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\SkipScreen@SkipScreen.xpi
FF Extension: support - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\support@free-hideip.com.xpi
FF Extension: toolbar - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\toolbar@gmx.net.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF HKLM\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: No Name - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFF
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF StartMenuInternet: FIREFOX.EXE - C:\Programme\Mozilla Firefox\firefox.exe

========================== Services (Whitelisted) =================

R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
R2 Hamachi2Svc; C:\Programme\LogMeIn Hamachi\hamachi-2.exe [1612112 2013-10-01] (LogMeIn Inc.)
R2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [42884448 2010-04-03] (Microsoft Corporation)
R2 NIS; C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\diMaster.dll [556336 2013-05-30] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-02-13] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 SbieSvc; C:\Programme\Sandboxie\SbieSvc.exe [129112 2013-07-08] (Sandboxie Holdings, LLC)
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [162408 2013-06-21] (Skype Technologies)
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [367456 2010-04-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130924.001\BHDrvx86.sys [1097304 2013-09-24] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1404000.028\ccSetx86.sys [134744 2013-04-16] (Symantec Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 CompFilter; C:\Windows\System32\DRIVERS\lvbusflt.sys [19688 2012-09-21] (Logitech Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-27] (Symantec Corporation)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20131011.001\IDSvix86.sys [392792 2013-10-09] (Symantec Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-10-13] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20131012.006\NAVENG.SYS [93272 2013-10-09] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20131012.006\NAVEX15.SYS [1612376 2013-10-09] (Symantec Corporation)
S4 RsFx0150; C:\Windows\System32\DRIVERS\RsFx0150.sys [240608 2010-04-03] (Microsoft Corporation)
R3 SbieDrv; C:\Programme\Sandboxie\SbieDrv.sys [159208 2013-07-08] (Sandboxie Holdings, LLC)
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R1 SRTSP; C:\Windows\System32\Drivers\NIS\1404000.028\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1404000.028\SRTSPX.SYS [32344 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1404000.028\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1404000.028\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1404000.028\Ironx86.SYS [175264 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1404000.028\SYMNETS.SYS [339544 2013-04-25] (Symantec Corporation)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [x]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [x]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-12 17:41 - 2013-10-12 17:41 - 00001991 _____ C:\Users\Public\Desktop\PS3 Video 9.lnk
2013-10-12 17:41 - 2013-10-12 17:41 - 00000000 ____D C:\Program Files\Video Converter App
2013-10-12 17:38 - 2013-10-12 17:41 - 00002100 _____ C:\Users\Public\Desktop\YouTube Downloader App.lnk
2013-10-12 17:38 - 2013-10-12 17:38 - 00000000 ____D C:\Users\Tobias\Documents\Regensoft
2013-10-12 17:38 - 2013-10-12 17:38 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-10-12 17:38 - 2013-10-12 17:38 - 00000000 ____D C:\Users\Tobias\AppData\Local\Geckofx
2013-10-12 17:38 - 2013-10-12 17:38 - 00000000 ____D C:\Program Files\Regensoft
2013-10-12 17:38 - 2013-10-12 17:38 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-10-12 05:15 - 2013-10-12 06:47 - 00000000 ____D C:\ProgramData\PMS
2013-10-12 05:15 - 2013-10-12 05:15 - 00000751 _____ C:\Users\Public\Desktop\PS3 Media Server.lnk
2013-10-12 05:11 - 2013-10-12 05:12 - 107506905 _____ C:\Users\Tobias\Downloads\pms-1.90.1-setup-full.zip
2013-10-12 02:30 - 2013-10-12 02:29 - 03440366 _____ C:\Users\Tobias\Desktop\1125749003_sami.rar
2013-10-12 02:30 - 2005-09-03 04:04 - 03579556 _____ (Indigo Rose Corporation hxxp://www.indigorose.com) C:\Users\Tobias\Desktop\San Andreas Mod Installer v1.0.exe
2013-10-12 01:53 - 2013-10-12 02:14 - 00000000 ____D C:\Users\Tobias\Downloads\GTA SA MODS
2013-10-05 18:45 - 2013-10-05 18:45 - 00000000 ____D C:\Users\Tobias\AppData\Local\LogMeIn
2013-10-05 18:45 - 2013-10-05 18:45 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-03 00:49 - 2013-10-03 00:49 - 00000000 _____ C:\Users\Tobias\Desktop\040 50 79 63 43.txt
2013-10-02 01:02 - 2013-10-03 00:59 - 00011362 _____ C:\Users\Tobias\Documents\bfh - funds - liste.xlsx
2013-10-01 20:30 - 2013-10-01 20:30 - 00716526 _____ C:\Users\Tobias\Downloads\pbsetup.zip
2013-09-30 23:22 - 2013-09-30 23:30 - 00000000 ____D C:\Program Files\Origin Games
2013-09-30 23:20 - 2013-10-01 23:10 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Origin
2013-09-30 23:20 - 2013-09-30 23:22 - 00000000 ____D C:\Users\Tobias\AppData\Local\Origin
2013-09-30 23:19 - 2013-10-01 23:10 - 00000000 ____D C:\ProgramData\Origin
2013-09-30 23:19 - 2013-09-30 23:19 - 00000720 _____ C:\Users\Public\Desktop\Origin.lnk
2013-09-30 23:18 - 2013-09-30 23:18 - 16952576 _____ (Electronic Arts, Inc.) C:\Users\Tobias\Downloads\OriginThinSetup.exe
2013-09-29 19:32 - 2013-09-29 19:32 - 01059222 _____ C:\Users\Tobias\Desktop\Bahnverbindung.bmp
2013-09-29 11:27 - 2013-09-29 11:27 - 00000000 ____D C:\Users\Dan\AppData\Local\PunkBuster
2013-09-29 11:26 - 2013-09-29 14:58 - 00000000 ____D C:\Users\Dan\Documents\Battlefield Heroes
2013-09-21 23:36 - 2013-09-21 23:36 - 00001064 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 2013.lnk
2013-09-21 23:36 - 2013-09-21 23:36 - 00000000 ____D C:\Users\Tobias\AppData\Local\ashampoo
2013-09-21 23:35 - 2013-09-21 23:36 - 00000000 ____D C:\ProgramData\Ashampoo
2013-09-21 22:59 - 2013-09-21 23:00 - 00000000 ____D C:\Users\Tobias\Downloads\Chip
2013-09-18 19:32 - 2013-09-18 19:32 - 01783296 _____ C:\Users\Tobias\Downloads\WinMTR.exe
2013-09-15 18:31 - 2013-09-15 18:31 - 06260632 _____ (Symantec Corporation) C:\Users\Tobias\Downloads\NRnR(1).exe
2013-09-14 14:50 - 2013-09-14 14:50 - 00000000 ____D C:\Users\Tobias\AppData\Local\Overwolf
2013-09-14 00:42 - 2013-09-16 02:10 - 00883873 _____ C:\Users\Tobias\Downloads\Essentials.jar

==================== One Month Modified Files and Folders =======

2013-10-13 23:19 - 2012-12-21 18:37 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Skype
2013-10-13 23:17 - 2013-08-07 14:23 - 01087213 _____ (Farbar) C:\Users\Tobias\Desktop\FRST.exe
2013-10-13 22:21 - 2012-12-21 18:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-13 22:12 - 2012-12-21 19:08 - 00000000 ____D C:\Spiele
2013-10-13 20:46 - 2012-12-21 14:23 - 00817994 _____ C:\Windows\WindowsUpdate.log
2013-10-13 20:16 - 2012-12-28 14:59 - 00000000 ____D C:\Users\Tobias\AppData\Local\LogMeIn Hamachi
2013-10-13 20:10 - 2009-07-14 06:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-13 20:10 - 2009-07-14 06:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-13 20:02 - 2012-12-21 18:11 - 00118740 _____ C:\Windows\PFRO.log
2013-10-13 20:02 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-13 20:02 - 2009-07-14 06:39 - 00115427 _____ C:\Windows\setupact.log
2013-10-13 20:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\security
2013-10-13 19:59 - 2012-12-23 17:10 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\SoftGrid Client
2013-10-13 19:17 - 2013-06-15 17:05 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Spotify
2013-10-13 01:16 - 2013-08-28 16:15 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-10-12 23:16 - 2012-12-21 18:23 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\.minecraft
2013-10-12 17:41 - 2013-10-12 17:41 - 00001991 _____ C:\Users\Public\Desktop\PS3 Video 9.lnk
2013-10-12 17:41 - 2013-10-12 17:41 - 00000000 ____D C:\Program Files\Video Converter App
2013-10-12 17:41 - 2013-10-12 17:38 - 00002100 _____ C:\Users\Public\Desktop\YouTube Downloader App.lnk
2013-10-12 17:38 - 2013-10-12 17:38 - 00000000 ____D C:\Users\Tobias\Documents\Regensoft
2013-10-12 17:38 - 2013-10-12 17:38 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-10-12 17:38 - 2013-10-12 17:38 - 00000000 ____D C:\Users\Tobias\AppData\Local\Geckofx
2013-10-12 17:38 - 2013-10-12 17:38 - 00000000 ____D C:\Program Files\Regensoft
2013-10-12 17:38 - 2013-10-12 17:38 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-10-12 17:38 - 2012-12-21 17:30 - 00000000 ____D C:\Programme
2013-10-12 06:47 - 2013-10-12 05:15 - 00000000 ____D C:\ProgramData\PMS
2013-10-12 05:15 - 2013-10-12 05:15 - 00000751 _____ C:\Users\Public\Desktop\PS3 Media Server.lnk
2013-10-12 05:12 - 2013-10-12 05:11 - 107506905 _____ C:\Users\Tobias\Downloads\pms-1.90.1-setup-full.zip
2013-10-12 02:29 - 2013-10-12 02:30 - 03440366 _____ C:\Users\Tobias\Desktop\1125749003_sami.rar
2013-10-12 02:14 - 2013-10-12 01:53 - 00000000 ____D C:\Users\Tobias\Downloads\GTA SA MODS
2013-10-11 23:37 - 2013-06-15 17:06 - 00000000 ____D C:\Users\Tobias\AppData\Local\Spotify
2013-10-10 20:56 - 2013-08-23 23:17 - 00001566 _____ C:\Windows\Sandboxie.ini
2013-10-09 15:21 - 2012-12-21 18:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-09 15:21 - 2012-12-21 18:40 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-07 21:04 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-06 11:26 - 2013-06-12 16:04 - 00000000 ____D C:\Users\Dan\AppData\Local\LogMeIn Hamachi
2013-10-05 18:45 - 2013-10-05 18:45 - 00000000 ____D C:\Users\Tobias\AppData\Local\LogMeIn
2013-10-05 18:45 - 2013-10-05 18:45 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-05 18:45 - 2013-08-17 01:19 - 00000759 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-10-05 11:17 - 2012-12-30 00:19 - 00282296 _____ C:\Windows\system32\PnkBstrB.xtr
2013-10-05 11:17 - 2012-12-30 00:16 - 00139648 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-10-05 11:17 - 2012-12-30 00:15 - 00282296 _____ C:\Windows\system32\PnkBstrB.exe
2013-10-05 11:17 - 2012-12-30 00:15 - 00270240 _____ C:\Windows\system32\PnkBstrB.ex0
2013-10-04 18:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-10-03 00:59 - 2013-10-02 01:02 - 00011362 _____ C:\Users\Tobias\Documents\bfh - funds - liste.xlsx
2013-10-03 00:49 - 2013-10-03 00:49 - 00000000 _____ C:\Users\Tobias\Desktop\040 50 79 63 43.txt
2013-10-01 23:10 - 2013-09-30 23:20 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Origin
2013-10-01 23:10 - 2013-09-30 23:19 - 00000000 ____D C:\ProgramData\Origin
2013-10-01 23:10 - 2013-02-05 16:02 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-10-01 23:10 - 2012-12-23 16:57 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-01 20:30 - 2013-10-01 20:30 - 00716526 _____ C:\Users\Tobias\Downloads\pbsetup.zip
2013-09-30 23:30 - 2013-09-30 23:22 - 00000000 ____D C:\Program Files\Origin Games
2013-09-30 23:22 - 2013-09-30 23:20 - 00000000 ____D C:\Users\Tobias\AppData\Local\Origin
2013-09-30 23:19 - 2013-09-30 23:19 - 00000720 _____ C:\Users\Public\Desktop\Origin.lnk
2013-09-30 23:18 - 2013-09-30 23:18 - 16952576 _____ (Electronic Arts, Inc.) C:\Users\Tobias\Downloads\OriginThinSetup.exe
2013-09-29 19:32 - 2013-09-29 19:32 - 01059222 _____ C:\Users\Tobias\Desktop\Bahnverbindung.bmp
2013-09-29 14:58 - 2013-09-29 11:26 - 00000000 ____D C:\Users\Dan\Documents\Battlefield Heroes
2013-09-29 11:27 - 2013-09-29 11:27 - 00000000 ____D C:\Users\Dan\AppData\Local\PunkBuster
2013-09-26 22:02 - 2013-03-20 14:24 - 00000000 ____D C:\Users\Tobias\Documents\Cross Fire
2013-09-23 23:28 - 2012-12-21 19:28 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\TS3Client
2013-09-23 09:32 - 2013-08-01 18:20 - 00000000 ____D C:\Users\Tobias\minecraft
2013-09-22 01:15 - 2012-12-21 18:59 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\FileZilla
2013-09-21 23:36 - 2013-09-21 23:36 - 00001064 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 2013.lnk
2013-09-21 23:36 - 2013-09-21 23:36 - 00000000 ____D C:\Users\Tobias\AppData\Local\ashampoo
2013-09-21 23:36 - 2013-09-21 23:35 - 00000000 ____D C:\ProgramData\Ashampoo
2013-09-21 23:00 - 2013-09-21 22:59 - 00000000 ____D C:\Users\Tobias\Downloads\Chip
2013-09-18 21:27 - 2012-12-21 17:34 - 00000000 ____D C:\Users\Tobias\AppData\Local\Mozilla
2013-09-18 19:32 - 2013-09-18 19:32 - 01783296 _____ C:\Users\Tobias\Downloads\WinMTR.exe
2013-09-18 18:59 - 2013-02-20 21:22 - 07555820 _____ C:\Users\Tobias\Downloads\server.log
2013-09-16 02:10 - 2013-09-14 00:42 - 00883873 _____ C:\Users\Tobias\Downloads\Essentials.jar
2013-09-15 18:33 - 2012-12-21 18:01 - 00000000 ____D C:\ProgramData\Norton
2013-09-15 18:31 - 2013-09-15 18:31 - 06260632 _____ (Symantec Corporation) C:\Users\Tobias\Downloads\NRnR(1).exe
2013-09-15 18:30 - 2012-12-21 18:04 - 06258072 _____ (Symantec Corporation) C:\Users\Tobias\Downloads\NRnR.exe
2013-09-14 14:50 - 2013-09-14 14:50 - 00000000 ____D C:\Users\Tobias\AppData\Local\Overwolf
2013-09-14 13:37 - 2013-02-20 14:28 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\ICQM
2013-09-14 02:25 - 2013-07-26 15:22 - 00000000 ____D C:\Users\Tobias\Desktop\server
2013-09-14 02:02 - 2013-07-26 15:09 - 00000000 ____D C:\Users\Tobias\workspace
2013-09-14 00:43 - 2013-08-17 17:47 - 00000000 ____D C:\Users\Tobias\Desktop\WorldEdit

Some content of TEMP:
====================
C:\Users\Tobias\AppData\Local\Temp\i4jdel0.exe
C:\Users\Tobias\AppData\Local\Temp\irsetup.exe
C:\Users\Tobias\AppData\Local\Temp\jansi-32-git-Bukkit-1.5.2-R1.0-35-g4176258-b2824jnks.dll
C:\Users\Tobias\AppData\Local\Temp\jansi-32-git-Bukkit-1.5.2-R1.0-b2788jnks.dll
C:\Users\Tobias\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.2-R0.1-b2838jnks.dll
C:\Users\Tobias\AppData\Local\Temp\jna3340813450195485397.dll
C:\Users\Tobias\AppData\Local\Temp\npp.6.4.3.Installer.exe
C:\Users\Tobias\AppData\Local\Temp\npp.6.4.5.Installer.exe
C:\Users\Tobias\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Tobias\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Tobias\AppData\Local\Temp\sfareca00001.dll
C:\Users\Tobias\AppData\Local\Temp\sfareca00002.dll
C:\Users\Tobias\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Tobias\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-11 02:55

==================== End Of Log ============================
--- --- ---

--- --- ---


Addition.txt:

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013
Ran by Tobias at 2013-10-13 23:21:06
Running from C:\Users\Tobias\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security CBE (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security CBE (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security CBE (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(De)Coder 4.1 Public Beta 4b (Version: 4.1.0.0)
4Story DE 4.1.176
Access 97rt PAN EURO G
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader XI (11.0.02) - Deutsch (Version: 11.0.02)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
AMP WinOFF 5.0.1 (Version: 5.0.1)
Anti-Twin (Installation 6/5/2013)
Any Video Converter 5 5.0.2
Ashampoo Burning Studio 2013 v.11.0.6 (Version: 11.0.6)
Ashampoo Snap 4 v.4.3.0 (Version: 4.3.0)
ATI Catalyst Install Manager (Version: 3.0.778.0)
AviSynth 2.5
Battlefield 1942™ (Version: 1.6.20.0)
Battlefield Heroes
Battlefield Play4Free
BlueGriffon Version 1.7.2 (Version: 1.7.2)
BrowserDefender
CameraHelperMsi (Version: 13.51.815.0)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0527.1242.20909)
Catalyst Control Center InstallProxy (Version: 2010.0527.1242.20909)
Catalyst Control Center Localization All (Version: 2010.0527.1242.20909)
CCC Help Danish (Version: 2010.0527.1241.20909)
CCC Help Dutch (Version: 2010.0527.1241.20909)
CCC Help English (Version: 2010.0527.1241.20909)
CCC Help Finnish (Version: 2010.0527.1241.20909)
CCC Help French (Version: 2010.0527.1241.20909)
CCC Help German (Version: 2010.0527.1241.20909)
CCC Help Italian (Version: 2010.0527.1241.20909)
CCC Help Japanese (Version: 2010.0527.1241.20909)
CCC Help Norwegian (Version: 2010.0527.1241.20909)
CCC Help Spanish (Version: 2010.0527.1241.20909)
CCC Help Swedish (Version: 2010.0527.1241.20909)
ccc-core-static (Version: 2010.0527.1242.20909)
ccc-utility (Version: 2010.0527.1242.20909)
Cheat Engine 6.2
Clover 3.0 (Version: 3.0)
CorelDRAW Essentials 4
CorelDRAW Essentials 4 - Content (Version: 4.0)
CorelDRAW Essentials 4 - Draw (Version: 4.0)
CorelDRAW Essentials 4 - Filters (Version: 4.0)
CorelDRAW Essentials 4 - ICA (Version: 4.0)
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0)
CorelDRAW Essentials 4 - Lang BR (Version: 4.0)
CorelDRAW Essentials 4 - Lang DE (Version: 4.0)
CorelDRAW Essentials 4 - Lang EN (Version: 4.0)
CorelDRAW Essentials 4 - Lang ES (Version: 4.0)
CorelDRAW Essentials 4 - Lang FR (Version: 4.0)
CorelDRAW Essentials 4 - Lang IT (Version: 4.0)
CorelDRAW Essentials 4 - Lang NL (Version: 4.0)
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0)
CorelDRAW Essentials 4 - Windows Shell Extension
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1)
CorelDRAW Essentials 4 (Version: 4.0)
Counter-Strike: Source
Counter-Strike: Source Beta
Craften Terminal 3.3.4897.28268 (Version: 3.3.4897.28268)
Cross Fire En
CyberLink LabelPrint (Version: 2.5.2515)
CyberLink Power2Go (Version: 6.1.3602c)
CyberLink PowerDVD Copy (Version: 1.5.1306)
Day of Defeat: Source
Driver: Parallel Lines (Version: 1.00.0000)
Druckerdeinstallation für EPSON SX210 Series
EPSON Scan
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
FileZilla Client 3.7.3 (HKCU Version: 3.7.3)
Firebird SQL Server - MAGIX Edition (Version: 2.1.31.0)
Frozen Synapse
Gameforge Live 1.7.0 "Legend" (Version: 1.7.0)
Half-Life 2: Deathmatch
Half-Life 2: Lost Coast
ICQ 8.0 (build 6019) (HKCU Version: 8.0.6019.0)
Intel(R) Rapid Storage Technology (Version: 9.6.0.1014)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
jose (Version: 1.3)
Junk Mail filter update (Version: 14.0.8117.416)
KC Softwares SUMo (Version: 3.7.0.203)
Logitech Webcam-Software (Version: 2.51)
LogMeIn Hamachi (Version: 2.2.0.58)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.51.827.0)
LWS Help_main (Version: 13.51.828.0)
LWS Launcher (Version: 13.51.828.0)
LWS Motion Detection (Version: 13.51.815.0)
LWS Pictures And Video (Version: 13.51.815.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Webcam Software (Version: 13.51.815.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
MacroX 3.1 (Version: 3.1)
Magical Jelly Bean PasswdFinder (Version: 1.0.0.22)
MAGIX Music Maker 17 (Demosongs) (Version: 1.0.0.0)
MAGIX Music Maker 17 (Einführungsvideos) (Version: 1.0.0.0)
MAGIX Music Maker 17 (Instrumenten-Paket 1) (Version: 1.0.0.0)
MAGIX Music Maker 17 (Instrumenten-Paket 2) (Version: 1.0.0.0)
MAGIX Music Maker 17 (Soundpaket) (Version: 1.0.0.0)
MAGIX Music Maker 17 (Synthesizer und Effekte) (Version: 1.0.0.0)
MAGIX Music Maker 17 (Version: 17.0.2.30)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Medion Home Cinema (Version: 6.0.0000)
Metin2
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Flight
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 3.0.126.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MozBackup 1.5.1
Mozilla Firefox 23.0 (x86 de) (Version: 23.0)
Mozilla Firefox 24.0 (x86 de) (HKCU Version: 24.0)
Mozilla Maintenance Service (Version: 23.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Need For Speed™ World (Version: 1.0.0.1229)
No23 Recorder (Version: 2.1.0.3)
Norton Internet Security CBE (Version: 20.4.0.40)
Nostale(DE)
Notepad++ (Version: 6.4.5)
Origin (Version: 9.3.7.2735)
Pando Media Booster (Version: 2.6.0.9)
Pinnacle VideoSpin (Version: 2.0.0.669)
PlayReady PC Runtime x86 (Version: 1.3.0)
PS3 Media Server (Version: 1.90.1)
PS3 Video 9 6 (Version: 6)
PunkBuster Services (Version: 0.990)
RealDownloader (Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.2)
Realtek Ethernet Controller Driver (Version: 7.53.216.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6591)
RealUpgrade 1.1 (Version: 1.1.0)
Sandboxie 4.04 (32-bit) (Version: 4.04)
SimCity 3000 Deutschland
Skype Click to Call (Version: 6.3.11079)
Skype™ 6.6 (Version: 6.6.106)
SpeedFan (remove only)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spotify (HKCU Version: 0.9.4.178.g259772ba)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
SQLite Maestro 12.11
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Team Fortress 2
TeamSpeak 3 Client (Version: 3.0.12)
Text-To-Speech-Runtime (Version: 1.0.0.0)
Tunatic
VLC media player 2.0.5 (Version: 2.0.5)
Webocton - Scriptly 0.8.95.6 (Version: 0.8.95.6)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Fotogalerie (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
YouTube Downloader App 3.00 (Version: 3.00)

==================== Restore Points  =========================

30-09-2013 21:36:49 DirectX wurde installiert
08-10-2013 12:19:30 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {08EE6401-DD14-4FE7-92D9-D71573A72BCC} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2009-07-14] (Microsoft Corporation)
Task: {10960DDD-FD47-45F3-AB88-7CE6A1CB7B75} - System32\Tasks\{741E510B-C728-4BEB-B0B1-276EFE0C5610} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {1DDFBC1E-F1C5-426C-A4DE-0D5DF4E7206D} - System32\Tasks\{CEAFC4C6-E2DD-4E3B-A129-F6C2919C1F26} => C:\Spiele\SimCity 3000 Deutschland\Apps\SC3U.EXE [2000-04-19] (Maxis)
Task: {24B3D032-0556-4489-829F-0B2F137F7F06} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {35B4517D-47F9-4D6B-8292-0DEF8C925CC2} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files\Norton Internet Security CBE\Engine\20.2.0.19\SymErr.exe
Task: {434CEA98-24A2-4D0D-83A1-260E08B91AE8} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-567156585-1928788911-4159497032-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {5EB2754D-79EC-4C9A-9E2D-5EDB60C67961} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-567156585-1928788911-4159497032-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {774AEA1F-AB47-479D-B9BC-B4E054B2963A} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {7AB7ED5E-09C9-4BC0-9EE3-67FE2E0D2F55} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-567156585-1928788911-4159497032-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {86EADBB3-E958-4EB6-8B7A-C11288A1C05F} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files\Norton Internet Security CBE\Engine\20.2.0.19\SymErr.exe
Task: {8FD4A386-8413-42BA-98B6-A9F9E4BF4134} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-567156585-1928788911-4159497032-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {B32DF609-0019-4294-826C-C6A0CCDD4D52} - System32\Tasks\EPUpdater => C:\Users\Tobias\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe
Task: {B67E83D3-AF2C-48FD-B910-497FACA5CC4B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18] (Adobe Systems Incorporated)
Task: {C3C93288-780F-43B0-AF20-BE34A1E3E7D0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {CE0B34C3-264D-4D7F-BA4C-F22A938632A6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {D934B984-38DC-4E0E-A52A-F5C5C2AB0E2E} - System32\Tasks\{F238D279-F2C6-483A-9923-D843D07165FC} => C:\Programme\Netscape\Communicator\Program\netscape.exe
Task: {E3A661AF-8BBB-419C-BF10-3136D7F088F4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-567156585-1928788911-4159497032-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {EF524401-CEFD-428D-BCB2-93AC8CC89C79} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {FFA45FB0-A9C6-4379-9ABE-52877354EFB0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-06-08 02:58 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES\NORTON INTERNET SECURITY CBE\ENGINE\20.4.0.40\wincfi39.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Programme\FileZilla FTP Client\fzshellext.dll
2013-05-22 00:04 - 2013-05-22 00:04 - 00304976 _____ () C:\Users\Tobias\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00260096 _____ () C:\Programme\Notepad++\NppShell_05.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2013-05-22 00:04 - 2013-05-22 00:04 - 00851456 _____ () C:\Users\Tobias\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2010-05-27 21:40 - 2010-05-27 21:40 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-17 19:16 - 2013-10-13 20:16 - 00158720 _____ () C:\Users\Tobias\AppData\Local\Temp\sfareca00001.dll
2013-08-15 02:39 - 2013-10-13 20:16 - 00192512 _____ () C:\Users\Tobias\AppData\Local\Temp\sfamcc00001.dll
2013-09-18 19:17 - 2013-09-18 19:17 - 03279768 _____ () C:\Programme\Mozilla Firefox\mozjs.dll
2013-06-08 02:58 - 2012-05-30 08:51 - 00699280 ____R () C:\Program Files\Norton Internet Security CBE\Engine\20.4.0.40\wincfi39.dll
2013-10-09 15:21 - 2013-10-09 15:21 - 16233864 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:6F7F9584EF131678

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2013 07:56:17 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (10/13/2013 07:55:01 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (10/13/2013 00:59:15 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WINWORDC.EXE, Version: 14.0.6129.5000, Zeitstempel: 0x5082ffdf
Name des fehlerhaften Moduls: dpgcmd.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4e320af3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x64ced8b0
ID des fehlerhaften Prozesses: 0x20f8
Startzeit der fehlerhaften Anwendung: 0xWINWORDC.EXE0
Pfad der fehlerhaften Anwendung: WINWORDC.EXE1
Pfad des fehlerhaften Moduls: WINWORDC.EXE2
Berichtskennung: WINWORDC.EXE3

Error: (10/12/2013 05:40:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Au_.exe, Version: 0.0.0.0, Zeitstempel: 0x4b1ae3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel: 0x4ba9b21e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005206e
ID des fehlerhaften Prozesses: 0xffc
Startzeit der fehlerhaften Anwendung: 0xAu_.exe0
Pfad der fehlerhaften Anwendung: Au_.exe1
Pfad des fehlerhaften Moduls: Au_.exe2
Berichtskennung: Au_.exe3

Error: (10/12/2013 01:17:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (10/12/2013 01:16:24 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (10/12/2013 04:51:55 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskmgr.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc13c
Name des fehlerhaften Moduls: dpgcmd.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4e320af3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x64ced8b0
ID des fehlerhaften Prozesses: 0x1938
Startzeit der fehlerhaften Anwendung: 0xtaskmgr.exe0
Pfad der fehlerhaften Anwendung: taskmgr.exe1
Pfad des fehlerhaften Moduls: taskmgr.exe2
Berichtskennung: taskmgr.exe3

Error: (10/12/2013 04:36:06 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.6.60.106, Zeitstempel: 0x51c4239d
Name des fehlerhaften Moduls: dpgcmd.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4e320af3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x64ced8b0
ID des fehlerhaften Prozesses: 0x1198
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3

Error: (10/12/2013 04:35:42 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16450, Zeitstempel: 0x4aeba271
Name des fehlerhaften Moduls: dpgcmd.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4e320af3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x64ced8b0
ID des fehlerhaften Prozesses: 0xa88
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (10/12/2013 02:34:44 AM) (Source: Application Hang) (User: )
Description: Programm irsetup.exe, Version 6.0.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d28

Startzeit: 01cec6e25a4e339a

Endzeit: 12

Anwendungspfad: C:\Users\Tobias\AppData\Local\Temp\irsetup.exe

Berichts-ID: 15791fbb-32d6-11e3-87ca-6c626d60f91a


System errors:
=============
Error: (10/13/2013 08:33:20 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "HD-LBU2" den Befehl "chkdsk" aus.

Error: (10/08/2013 00:49:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (10/08/2013 00:49:31 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.

Error: (10/05/2013 06:56:11 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (10/05/2013 06:56:11 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (10/05/2013 06:56:00 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (10/05/2013 06:45:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (10/05/2013 06:45:29 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.

Error: (10/05/2013 06:45:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (10/05/2013 00:32:33 AM) (Source: DCOM) (User: )
Description: {CEFF45EE-C862-41DE-AEE2-A022C81EDA92}


Microsoft Office Sessions:
=========================
Error: (10/13/2013 07:56:17 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"c:\Windows\installer\{3dc873bb-ffe3-46bf-9701-26b9ae371f9f}\recordingmanager.exe

Error: (10/13/2013 07:55:01 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Spiele\crossfire na\Aegis64.exe

Error: (10/13/2013 00:59:15 AM) (Source: Application Error)(User: )
Description: WINWORDC.EXE14.0.6129.50005082ffdfdpgcmd.dll_unloaded0.0.0.04e320af3c000000564ced8b020f801cec77ed31a95ccQ:\140066.deu\Office14\WINWORDC.EXEdpgcmd.dllea606b86-3391-11e3-87ca-6c626d60f91a

Error: (10/12/2013 05:40:37 PM) (Source: Application Error)(User: )
Description: Au_.exe0.0.0.04b1ae3c1ntdll.dll6.1.7600.165594ba9b21ec00000050005206effc01cec76155ff6a84C:\Users\Tobias\AppData\Local\Temp\~nsu.tmp\Au_.exeC:\Windows\SYSTEM32\ntdll.dlla34e52e7-3354-11e3-87ca-6c626d60f91a

Error: (10/12/2013 01:17:31 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"c:\Windows\installer\{3dc873bb-ffe3-46bf-9701-26b9ae371f9f}\recordingmanager.exe

Error: (10/12/2013 01:16:24 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Spiele\crossfire na\Aegis64.exe

Error: (10/12/2013 04:51:55 AM) (Source: Application Error)(User: )
Description: taskmgr.exe6.1.7600.163854a5bc13cdpgcmd.dll_unloaded0.0.0.04e320af3c000000564ced8b0193801cec6e2cc140352C:\Windows\System32\taskmgr.exedpgcmd.dll40d4ae00-32e9-11e3-87ca-6c626d60f91a

Error: (10/12/2013 04:36:06 AM) (Source: Application Error)(User: )
Description: Skype.exe6.6.60.10651c4239ddpgcmd.dll_unloaded0.0.0.04e320af3c000000564ced8b0119801cec6a99a4c7b89C:\Programme\Skype\Phone\Skype.exedpgcmd.dll0afb4dc2-32e7-11e3-87ca-6c626d60f91a

Error: (10/12/2013 04:35:42 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7600.164504aeba271dpgcmd.dll_unloaded0.0.0.04e320af3c000000564ced8b0a8801cec6a997a3b1fbC:\Windows\Explorer.EXEdpgcmd.dllfc9506f8-32e6-11e3-87ca-6c626d60f91a

Error: (10/12/2013 02:34:44 AM) (Source: Application Hang)(User: )
Description: irsetup.exe6.0.1.01d2801cec6e25a4e339a12C:\Users\Tobias\AppData\Local\Temp\irsetup.exe15791fbb-32d6-11e3-87ca-6c626d60f91a


==================== Memory info ===========================

Percentage of memory in use: 70%
Total physical RAM: 3071.24 MB
Available physical RAM: 896.63 MB
Total Pagefile: 6140.76 MB
Available Pagefile: 3377.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.28 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:841.58 GB) (Free:544.99 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:23.48 GB) NTFS
Drive j: (HD-LBU2) (Fixed) (Total:1863.02 GB) (Free:1192.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=842 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 4 (Size: 1863 GB) (Disk ID: A4776614)
Partition 1: (Not Active) - (Size=-198624378880) - (Type=07 NTFS)

==================== End Of Log ============================
M'BAM:

Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.12.07

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Tobias :: TOBIAS-PC [Administrator]

13.10.2013 01:17:10
mbam-log-2013-10-13 (01-17-10).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 2197672
Laufzeit: 6 Stunde(n), 21 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Delta\delta\Instl (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs|bProtectTabs (PUP.Optional.BrowserProtect.A) -> Daten: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=5EF774F06D6CDB9E&affID=119523&tt=070813_wt3&tsp=4968 -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Users\Tobias\AppData\Local\Temp\nsm329D.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Tobias\AppData\Local\Temp\nsv85FA.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Tobias\Downloads\ps3video9-600-setup.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Also mein Pc und mein Laptop scheinen verseucht zu sein.
Ich möchte jetzt gerne mit dem PC anfangen, da der öfter benutzt wird.

schrauber 14.10.2013 13:09
Dann geh ich davon aus dass obige logs von diesem Rechner sind.

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

darkrider78 14.10.2013 22:24
AdwCleaner:

Code:
# AdwCleaner v3.007 - Bericht erstellt am 14/10/2013 um 22:43:27
# Updated 09/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium  (32 bits)
# Benutzername : Tobias - TOBIAS-PC
# Gestartet von : C:\Users\Tobias\Desktop\AdwCleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Ordner Gelöscht : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\jetpack
Datei Gelöscht : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\searchplugins\safesearch.xml
Datei Gelöscht : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B32DF609-0019-4294-826C-C6A0CCDD4D52}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B32DF609-0019-4294-826C-C6A0CCDD4D52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKCU\Software\5e5388debd38e540
Schlüssel Gelöscht : HKLM\SOFTWARE\5e5388debd38e540
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.16385

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v23.0 (de)

[ Datei : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\fxvzl8v1.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=5EF774F06D6CDB9E&affID=119523&tt=070813_wt3&tsp=4968");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "5ef7949100000000000074f06d6cdb9e");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15925");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.22.0");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.22.021:35:35");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.22.0");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119523&tt=070813_wt3&tsp=4968");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.skipscreen.hostMatchStr", "hxxp://www.4shared.com/(get|audio|file|document|dir)/.*|hxxp://.*depositfiles.com/(([a-z]{2})/files/|auth-).*|hxxp://(www.)*digg.com/(.{5}|.{6})$|hxxp:[...]

[ Datei : C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\8e3r3t2i.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [5681 octets] - [14/10/2013 22:41:34]
AdwCleaner[S0].txt - [5584 octets] - [14/10/2013 22:43:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5644 octets] ##########
JRT:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.9 (07.30.2013:1)
OS: Windows 7 Home Premium x86
Ran by Tobias on 14.10.2013 at 22:48:25,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\video converter app"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.10.2013 at 22:50:28,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber 15.10.2013 09:49

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

darkrider78 17.10.2013 19:38
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=30c23cc701e70e4a8272cf2749b4bd6f
# engine=14665
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-06 11:57:53
# local_time=2013-08-07 01:57:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=3591 16777213 100 93 116910 138430058 0 0
# compatibility_mode=5893 16776574 100 94 19607246 127464664 0 0
# scanned=1615992
# found=2
# cleaned=0
# scan_time=576
sh=AA36F078D0FFC9B1FDA010712B860D15EA9B6E07 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.PAH trojan" ac=I fn="C:\Users\Tobias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\2ab99afa-51290a1b"
sh=F5E6E0D4D22BE5E161DDDBAE50A14F128AB92B89 ft=1 fh=81787384a3e07826 vn="Win32/Adware.ToolPlugin application" ac=I fn="J:\Users\Tobias\AppData\Roaming\toolplugin\toolbar.dll"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=30c23cc701e70e4a8272cf2749b4bd6f
# engine=15494
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-16 07:04:38
# local_time=2013-10-16 09:04:38 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=3591 16777213 100 93 944990 144503663 0 0
# compatibility_mode=5893 16776574 100 94 25677251 133538269 0 0
# scanned=2425114
# found=1
# cleaned=0
# scan_time=55804
sh=F5E6E0D4D22BE5E161DDDBAE50A14F128AB92B89 ft=1 fh=81787384a3e07826 vn="Win32/Adware.ToolPlugin application" ac=I fn="J:\Users\Tobias\AppData\Roaming\toolplugin\toolbar.dll"

schrauber 18.10.2013 14:53
und der Rest? :)

darkrider78 18.10.2013 21:35
Hatte ich vergessen.

Code:
Results of screen317's Security Check version 0.99.74 
 Windows 7  x86 (UAC is enabled) 
 Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
Norton Internet Security CBE 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java 7 Update 25 
 Java version out of Date!
 Adobe Flash Player        11.9.900.117 
 Adobe Reader 9 
 Adobe Reader XI 
 Mozilla Firefox (23.0)
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

schrauber 19.10.2013 14:44
Java und Windows updaten. Frisches FRST log fehlt. Noch Probleme?

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

darkrider78 26.11.2013 15:25
Hallo,
erstmal möchte ich mich entschuldigen, dass ich mich so lange nicht mehr gemeldet habe.
Aber ich habe auch ein Reallife ;).
Mein Rechner ist abgeschlossen.
Da er oft rumspinnt, werde ich ihn neuaufsetzen.

Können wir nun zum Laptop kommen?

schrauber 27.11.2013 09:14
Dann poste mal FRST logs vom Laptop und eine Fehlerbeschreibung.

darkrider78 27.11.2013 20:01
Also das Laptop ist sehr langsam und zugemüllt mit Adware.
Also, wenn man Firefox offen hat, öffnen sich ständig irgendwelche Seiten, Wörter sind grün und doppelt unterstrichen.

Das Laptop hängt ziemlich oft.
zum Beispiel jetzt gerade beim Schreiben.

Frst.txt

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-11-2013 01
Ran by MikeB57 (administrator) on MIKEB57-PC on 27-11-2013 19:31:22
Running from C:\Users\MikeB57\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxbscoms.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-23] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9643552 2009-12-11] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [325120 2009-10-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM\...\Run: [LXBSCATS] - rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXBStime.dll,RunDLLEntry
HKCU\...\Run: [Akamai NetSession Interface] - "C:\Users\MikeB57\AppData\Local\Akamai\netsession_win.exe"
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1086376 2012-08-03] (Nokia)
HKCU\...\Run: [EPSON SX210 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE /FU "C:\Users\MikeB57\AppData\Local\Temp\E_S6558.tmp" /EF "HKCU"
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [BackgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\MikeB57\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [258560 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801937&CUI=UN36506250126661762
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: HKLM-x32 - MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.)
URLSearchHook: HKLM-x32 - NCH DE Toolbar - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH2.dll (Conduit Ltd.)
URLSearchHook: HKCU - MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.)
URLSearchHook: HKCU - NCH DE Toolbar - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH2.dll (Conduit Ltd.)
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801937
SearchScopes: HKCU - 3BD32EAC6F754B30960AC7945C0E77A2 URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=96F870F1A1F78FCF&affID=119357&tsp=4923
SearchScopes: HKCU - {0CBDFE53-53F7-4873-9BF4-EE9ED88C645B} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.golsearch.com/?q={searchTerms}&babsrc=SP_ss_Btisdt6&mntrId=96F870F1A1F78FCF&affID=119357&tsp=4992
SearchScopes: HKCU - {44C332A8-1219-4591-B8CC-6528ED9EF87C} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {7A67CBAA-B43B-4035-B1FE-5D6AD6723F01} URL = hxxp://go.web.de/tb2/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {9FE0A241-8749-47D8-8D2F-FC11CB6C4327} URL = hxxp://go.web.de/tb/ie_amazon_sp/?field-keywords={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801937
SearchScopes: HKCU - {B0E13381-3B02-4707-A048-84DDAF56B9F8} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {D822D09F-5661-4F34-B876-3266A7B71A85} URL = hxxp://go.web.de/tb/ie_lastminute_sp/?searchText={searchTerms}
SearchScopes: HKCU - {F147A4A7-325E-413E-B329-8DDD0BB98E92} URL = hxxp://go.web.de/tb/ie_ebay_sp/?su={searchTerms}
BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\MikeB57\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\MikeB57\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: NCH DE Toolbar - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH2.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - NCH DE Toolbar - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH2.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} -  No File
Toolbar: HKCU - No Name - {B106B661-3E1B-4015-AF5C-195E909F35C6} -  No File
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.137.0.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 83.169.185.225 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default
FF user.js: detected! => C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\user.js
FF NewTab: hxxp://www2.delta-search.com/?babsrc=NT_ss&mntrId=96F870F1A1F78FCF&affID=119357&tsp=4992
FF SearchEngineOrder.1: Delta Search
FF SearchEngineOrder.3: Bing
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\MikeB57\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Lyrics Seeker - C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\Extensions\131
FF Extension: Lyrics Seeker - C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\Extensions\133
FF Extension: Plus-HD-2.3 - C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: Battlefield Heroes Updater - C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Battlefield Play4Free - C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\Extensions\battlefieldplay4free@ea.com
FF Extension: Delta Toolbar - C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\Extensions\ffxtlbr@delta.com
FF Extension: Complitly - Speed up your search with your personal search suggestions tool - C:\Users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\Extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKCU\...\Firefox\Extensions: [{72273571-743d-427e-a1c1-0538fbc2ddd3}] - C:\Program Files (x86)\LyricsSeeker\133.xpi
FF Extension: No Name - C:\Program Files (x86)\LyricsSeeker\133.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Delta Search) - hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=96F870F1A1F78FCF&affID=119357&tsp=4923
CHR DefaultSuggestURL: (Delta Search) -      "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\MikeB57\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
CHR Extension: (Google Docs) - C:\Users\MikeB57\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\MikeB57\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\MikeB57\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\MikeB57\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Complitly plugin for chrome) - C:\Users\MikeB57\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_1
CHR Extension: (Lyrics Seeker) - C:\Users\MikeB57\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgoiojnjnacbjngolldkokokgpcjbgjj\1.133_0
CHR Extension: (Google Wallet) - C:\Users\MikeB57\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\MikeB57\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [lgoiojnjnacbjngolldkokokgpcjbgjj] - C:\Program Files (x86)\LyricsSeeker\133.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [867360 2010-04-23] (Acer Incorporated)
S3 GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [238328 2009-10-10] (WildTangent, Inc.)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 lxbs_device; C:\Windows\system32\lxbscoms.exe [566704 2007-03-15] ( )
R2 lxbs_device; C:\Windows\SysWow64\lxbscoms.exe [537520 2007-03-15] ( )
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-24] ()
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [278016 2013-07-08] ()
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
S3 SpeedBoosterSvc; C:\Program Files (x86)\Common Files\MC Common\BoostService.exe [x]

==================== Drivers (Whitelisted) ====================

S1 acedrv06; C:\Windows\system32\drivers\acedrv06.sys [147456 2011-08-16] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-08] (Guillemot Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-17] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-17] (RapidSolution Software AG)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552384 2009-04-22] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [x]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [x]
S3 BT; system32\DRIVERS\btnetdrv.sys [x]
S3 BTHidEnum; system32\DRIVERS\vbtenum.sys [x]
S4 BTHidMgr; System32\Drivers\BTHidMgr.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 EverestDriver; \??\C:\Users\MikeB57\AppData\Local\Temp\EverestDriver.sys [x]
S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [x]
S3 VComm; system32\DRIVERS\VComm.sys [x]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [x]
S3 X6va005; \??\C:\Users\MikeB57\AppData\Local\Temp\0055C77.tmp [x]
S3 X6va006; \??\C:\Users\MikeB57\AppData\Local\Temp\00615F0.tmp [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-27 19:31 - 2013-11-27 19:32 - 00027908 _____ C:\Users\MikeB57\Desktop\FRST.txt
2013-11-27 19:30 - 2013-11-27 19:30 - 01958850 _____ (Farbar) C:\Users\MikeB57\Desktop\FRST64.exe
2013-11-27 19:30 - 2013-11-27 19:30 - 00000000 ____D C:\FRST
2013-11-24 17:53 - 2013-11-27 19:20 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-24 17:53 - 2013-11-27 19:20 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-24 17:53 - 2013-11-24 17:59 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-24 17:53 - 2013-11-24 17:59 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-23 18:46 - 2013-11-23 18:46 - 00722232 _____ (Playtech) C:\Users\MikeB57\Downloads\WinnerCSetup_e6997a_de.exe
2013-11-20 13:47 - 2013-11-20 13:58 - 00000000 ____D C:\Users\MikeB57\Desktop\usb
2013-11-20 13:46 - 2013-11-20 13:46 - 05192704 _____ (Geza Kovacs) C:\Users\MikeB57\Desktop\unetbootin-windows-585.exe
2013-11-20 13:23 - 2013-11-20 13:32 - 938475520 _____ C:\Users\MikeB57\Desktop\ubuntu-13.10-desktop-i386.iso
2013-11-15 20:45 - 2013-11-15 20:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 15:23 - 2013-11-15 15:24 - 00001808 _____ C:\Users\Public\Desktop\Golden Tiger Casino.lnk
2013-11-13 21:08 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 21:08 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 21:08 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 21:08 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 21:08 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 21:08 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 21:08 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 21:08 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 21:08 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 21:08 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 21:08 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 21:08 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 21:08 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 21:08 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 21:08 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 21:08 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 21:08 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 21:08 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 21:08 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 21:08 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 21:08 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 21:08 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 21:08 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 21:08 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 21:08 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 21:08 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 21:08 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 21:08 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 21:08 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 21:08 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 21:08 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 16:43 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 16:43 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 16:43 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 16:43 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 16:43 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 16:43 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 16:43 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 16:43 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 16:43 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 16:43 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 16:43 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 16:43 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 16:43 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 16:43 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 16:43 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 16:43 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 16:43 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 16:43 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 16:43 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 16:42 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 16:42 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 16:42 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 16:42 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 16:42 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 16:42 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 16:42 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 16:42 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 16:42 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 16:42 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 16:42 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-10 12:16 - 2013-11-10 12:16 - 103467942 _____ C:\Windows\SysWOW64\�㡧ᰴH
2013-11-08 21:31 - 2013-11-08 21:31 - 00000000 ____D C:\Users\Public\Documents\Audible
2013-11-08 21:31 - 2013-11-08 21:31 - 00000000 ____D C:\Users\MikeB57\Documents\Audible
2013-11-08 21:31 - 2013-11-08 21:31 - 00000000 ____D C:\Program Files (x86)\Audible
2013-11-08 21:29 - 2013-11-08 21:29 - 00001795 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-08 21:29 - 2013-11-08 21:29 - 00000000 ____D C:\Users\MikeB57\AppData\Local\Apple Computer
2013-11-08 21:29 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-11-08 21:28 - 2013-11-08 22:17 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-08 21:28 - 2013-11-08 21:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-08 21:28 - 2013-11-08 21:29 - 00000000 ____D C:\Program Files\iTunes
2013-11-08 21:28 - 2013-11-08 21:28 - 00000000 ____D C:\Program Files\iPod
2013-11-08 21:27 - 2013-11-08 21:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-08 21:27 - 2013-11-08 21:27 - 00000000 ____D C:\Program Files\Bonjour
2013-11-08 21:27 - 2013-11-08 21:27 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-06 17:15 - 2013-11-06 17:16 - 102781840 _____ C:\Windows\SysWOW64\暳䏗᭔¢
2013-11-02 23:03 - 2013-11-02 23:16 - 00000000 ____D C:\Users\MikeB57\AppData\Roaming\CasinoOnNet
2013-11-02 23:03 - 2013-11-02 23:03 - 00002052 _____ C:\Users\MikeB57\AppData\Roaming\Microsoft\Windows\Start Menu\888casino.lnk
2013-11-02 23:03 - 2013-11-02 23:03 - 00002028 _____ C:\Users\MikeB57\Desktop\888casino.lnk
2013-11-02 23:03 - 2013-11-02 23:03 - 00000000 ____D C:\Users\MikeB57\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888casino
2013-11-02 23:02 - 2013-11-02 23:03 - 00000000 ____D C:\Program Files (x86)\CasinoOnNet
2013-11-02 22:25 - 2013-11-02 22:25 - 00003382 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-02 22:18 - 2013-11-02 22:18 - 00000000 ____D C:\ProgramData\MGS
2013-11-02 22:18 - 2013-11-02 22:18 - 00000000 ____D C:\Microgaming
2013-10-30 13:55 - 2013-10-30 13:55 - 00000000 ____D C:\ProgramData\Oracle
2013-10-30 13:55 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-30 13:55 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-30 13:55 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-30 13:55 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-30 13:54 - 2013-10-30 13:55 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log

==================== One Month Modified Files and Folders =======

2013-11-27 19:32 - 2013-11-27 19:31 - 00027908 _____ C:\Users\MikeB57\Desktop\FRST.txt
2013-11-27 19:30 - 2013-11-27 19:30 - 01958850 _____ (Farbar) C:\Users\MikeB57\Desktop\FRST64.exe
2013-11-27 19:30 - 2013-11-27 19:30 - 00000000 ____D C:\FRST
2013-11-27 19:20 - 2013-11-24 17:53 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-27 19:20 - 2013-11-24 17:53 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-27 19:20 - 2013-09-01 15:47 - 00000294 _____ C:\Windows\Tasks\DSite.job
2013-11-27 19:20 - 2012-10-21 02:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-27 19:20 - 2011-09-07 16:19 - 00000000 ____D C:\Users\MikeB57\AppData\Roaming\Skype
2013-11-27 19:20 - 2010-09-12 00:08 - 01452954 _____ C:\Windows\WindowsUpdate.log
2013-11-27 16:33 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-27 16:33 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-27 16:29 - 2013-04-21 14:50 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater
2013-11-27 16:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-27 16:24 - 2009-07-14 05:51 - 00177383 _____ C:\Windows\setupact.log
2013-11-26 15:16 - 2012-05-12 21:51 - 00000000 ____D C:\Users\MikeB57\AppData\Roaming\.minecraft
2013-11-25 17:42 - 2013-06-21 08:38 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-25 17:42 - 2013-06-20 13:48 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-25 17:42 - 2013-06-20 13:48 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-25 17:42 - 2013-06-20 13:48 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-25 17:29 - 2010-05-07 07:33 - 01358460 _____ C:\Windows\PFRO.log
2013-11-24 17:59 - 2013-11-24 17:53 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-24 17:59 - 2013-11-24 17:53 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-24 17:53 - 2010-05-07 07:32 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-24 17:52 - 2012-10-21 02:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-24 17:52 - 2012-06-26 01:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-24 17:52 - 2011-08-08 23:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-24 17:51 - 2011-08-08 23:40 - 00000000 ____D C:\Users\MikeB57\AppData\Local\Adobe
2013-11-24 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-23 18:46 - 2013-11-23 18:46 - 00722232 _____ (Playtech) C:\Users\MikeB57\Downloads\WinnerCSetup_e6997a_de.exe
2013-11-22 22:40 - 2013-06-24 14:40 - 00000000 ____D C:\Users\MikeB57\AppData\Local\CrashDumps
2013-11-20 15:53 - 2011-09-23 19:01 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-20 15:53 - 2011-09-23 17:06 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-20 15:52 - 2011-09-23 17:06 - 00270240 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-20 13:58 - 2013-11-20 13:47 - 00000000 ____D C:\Users\MikeB57\Desktop\usb
2013-11-20 13:47 - 2010-09-12 09:55 - 00705756 _____ C:\Windows\system32\perfh007.dat
2013-11-20 13:47 - 2010-09-12 09:55 - 00151842 _____ C:\Windows\system32\perfc007.dat
2013-11-20 13:47 - 2009-07-14 06:13 - 01638638 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-20 13:46 - 2013-11-20 13:46 - 05192704 _____ (Geza Kovacs) C:\Users\MikeB57\Desktop\unetbootin-windows-585.exe
2013-11-20 13:32 - 2013-11-20 13:23 - 938475520 _____ C:\Users\MikeB57\Desktop\ubuntu-13.10-desktop-i386.iso
2013-11-18 16:45 - 2013-01-24 23:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 21:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-16 20:44 - 2013-04-21 14:51 - 00004410 _____ C:\Windows\System32\Tasks\Freemium1ClickMaint
2013-11-16 20:40 - 2011-08-17 20:19 - 00001471 _____ C:\Users\MikeB57\AppData\Local\RecConfig.xml
2013-11-15 20:45 - 2013-11-15 20:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 15:24 - 2013-11-15 15:23 - 00001808 _____ C:\Users\Public\Desktop\Golden Tiger Casino.lnk
2013-11-13 21:07 - 2013-08-15 17:58 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 21:02 - 2011-08-13 22:01 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 16:31 - 2012-03-05 15:08 - 00000000 ____D C:\Program Files\Lx_cats
2013-11-13 16:31 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-12 05:37 - 2012-12-01 22:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-12 05:37 - 2011-09-07 16:16 - 00000000 ____D C:\ProgramData\Skype
2013-11-12 05:37 - 2011-08-08 23:42 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-11-10 12:16 - 2013-11-10 12:16 - 103467942 _____ C:\Windows\SysWOW64\�㡧ᰴH
2013-11-08 22:17 - 2013-11-08 21:28 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-08 22:02 - 2011-11-05 16:15 - 00000000 ____D C:\Users\MikeB57\AppData\Roaming\Apple Computer
2013-11-08 21:31 - 2013-11-08 21:31 - 00000000 ____D C:\Users\Public\Documents\Audible
2013-11-08 21:31 - 2013-11-08 21:31 - 00000000 ____D C:\Users\MikeB57\Documents\Audible
2013-11-08 21:31 - 2013-11-08 21:31 - 00000000 ____D C:\Program Files (x86)\Audible
2013-11-08 21:29 - 2013-11-08 21:29 - 00001795 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-08 21:29 - 2013-11-08 21:29 - 00000000 ____D C:\Users\MikeB57\AppData\Local\Apple Computer
2013-11-08 21:29 - 2013-11-08 21:28 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-08 21:29 - 2013-11-08 21:28 - 00000000 ____D C:\Program Files\iTunes
2013-11-08 21:28 - 2013-11-08 21:28 - 00000000 ____D C:\Program Files\iPod
2013-11-08 21:28 - 2012-12-18 19:59 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-08 21:27 - 2013-11-08 21:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-08 21:27 - 2013-11-08 21:27 - 00000000 ____D C:\Program Files\Bonjour
2013-11-08 21:27 - 2013-11-08 21:27 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-08 21:27 - 2011-08-22 15:43 - 00000000 ____D C:\ProgramData\Apple
2013-11-08 12:39 - 2011-08-13 22:04 - 00000000 ____D C:\Users\MikeB57\AppData\Roaming\SoftGrid Client
2013-11-06 17:16 - 2013-11-06 17:15 - 102781840 _____ C:\Windows\SysWOW64\暳䏗᭔¢
2013-11-04 07:34 - 2013-04-21 14:50 - 00004104 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-11-02 23:16 - 2013-11-02 23:03 - 00000000 ____D C:\Users\MikeB57\AppData\Roaming\CasinoOnNet
2013-11-02 23:03 - 2013-11-02 23:03 - 00002052 _____ C:\Users\MikeB57\AppData\Roaming\Microsoft\Windows\Start Menu\888casino.lnk
2013-11-02 23:03 - 2013-11-02 23:03 - 00002028 _____ C:\Users\MikeB57\Desktop\888casino.lnk
2013-11-02 23:03 - 2013-11-02 23:03 - 00000000 ____D C:\Users\MikeB57\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888casino
2013-11-02 23:03 - 2013-11-02 23:02 - 00000000 ____D C:\Program Files (x86)\CasinoOnNet
2013-11-02 23:03 - 2011-08-08 23:13 - 00000000 ____D C:\Users\MikeB57
2013-11-02 22:25 - 2013-11-02 22:25 - 00003382 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-02 22:25 - 2012-05-13 18:04 - 00000000 ____D C:\Program Files (x86)\NCH_DE
2013-11-02 22:25 - 2012-05-13 16:00 - 00000000 ____D C:\Program Files (x86)\MyAshampoo
2013-11-02 22:25 - 2012-03-23 20:07 - 00000000 ____D C:\Users\MikeB57\AppData\Local\Conduit
2013-11-02 22:18 - 2013-11-02 22:18 - 00000000 ____D C:\ProgramData\MGS
2013-11-02 22:18 - 2013-11-02 22:18 - 00000000 ____D C:\Microgaming
2013-10-30 13:55 - 2013-10-30 13:55 - 00000000 ____D C:\ProgramData\Oracle
2013-10-30 13:55 - 2013-10-30 13:54 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-30 13:55 - 2011-10-08 20:53 - 00000000 ____D C:\Program Files (x86)\Java

Some content of TEMP:
====================
C:\Users\MikeB57\AppData\Local\Temp\avgnt.exe
C:\Users\MikeB57\AppData\Local\Temp\i4jdel0.exe
C:\Users\MikeB57\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\MikeB57\AppData\Local\Temp\un32265.exe
C:\Users\MikeB57\AppData\Local\Temp\_isE272.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-22 17:22

==================== End Of Log ============================
--- --- ---


Addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2013 01
Ran by MikeB57 at 2013-11-27 19:33:48
Running from C:\Users\MikeB57\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

888casino (x32)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0)
Adobe Reader X (10.1.6) - Deutsch (x32 Version: 10.1.6)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.5.146)
Advertising Center (x32 Version: 0.0.0.2)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.05094)
ALPS Touch Pad Driver (Version: 7.105.2015.1107)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.758.0)
Audials (x32 Version: 10.0.50301.100)
Audials (x32 Version: 9.0.52611.1100)
Audible Download Manager (x32 Version: 6.6.0.15)
Avira Free Antivirus (x32 Version: 14.0.1.749)
Aztec Bricks (x32 Version: 1.0)
Backup Manager Basic (x32 Version: 2.0.0.60)
Battlefield Heroes (x32)
Battlefield Play4Free (x32)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82)
Blasterball 3 (x32 Version: 2.2.0.82)
Bob the Builder Can-Do-Zoo (x32 Version: 2.2.0.82)
Bonjour (Version: 3.0.0.10)
Brick Shooter Egypt (x32 Version: 1.0)
Build-a-lot 2 (x32 Version: 2.2.0.82)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Light (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0122.858.16002)
Catalyst Control Center InstallProxy (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Localization All (x32 Version: 2010.0122.858.16002)
Cave Quest (x32 Version: 1.0.0.0)
CCC Help Chinese Standard (x32 Version: 2010.0122.0857.16002)
CCC Help Chinese Traditional (x32 Version: 2010.0122.0857.16002)
CCC Help Czech (x32 Version: 2010.0122.0857.16002)
CCC Help Danish (x32 Version: 2010.0122.0857.16002)
CCC Help Dutch (x32 Version: 2010.0122.0857.16002)
CCC Help English (x32 Version: 2010.0122.0857.16002)
CCC Help Finnish (x32 Version: 2010.0122.0857.16002)
CCC Help French (x32 Version: 2010.0122.0857.16002)
CCC Help German (x32 Version: 2010.0122.0857.16002)
CCC Help Greek (x32 Version: 2010.0122.0857.16002)
CCC Help Hungarian (x32 Version: 2010.0122.0857.16002)
CCC Help Italian (x32 Version: 2010.0122.0857.16002)
CCC Help Japanese (x32 Version: 2010.0122.0857.16002)
CCC Help Korean (x32 Version: 2010.0122.0857.16002)
CCC Help Norwegian (x32 Version: 2010.0122.0857.16002)
CCC Help Polish (x32 Version: 2010.0122.0857.16002)
CCC Help Portuguese (x32 Version: 2010.0122.0857.16002)
CCC Help Russian (x32 Version: 2010.0122.0857.16002)
CCC Help Spanish (x32 Version: 2010.0122.0857.16002)
CCC Help Swedish (x32 Version: 2010.0122.0857.16002)
CCC Help Thai (x32 Version: 2010.0122.0857.16002)
CCC Help Turkish (x32 Version: 2010.0122.0857.16002)
ccc-core-static (x32 Version: 2010.0122.858.16002)
ccc-utility64 (Version: 2010.0122.858.16002)
Cheat Engine 6.2 (x32)
Chicken Invaders 3 - Revenge of the Yolk (x32 Version: 2.2.0.82)
Complitly (x32)
Cross Fire En (x32)
D3DX10 (x32 Version: 15.4.2368.0902)
Das Rettungsteam 3 (x32 Version: 1.0.0.0)
DEUTSCHLAND SPIELT GAME CENTER (x32 Version: 1.0.0.46)
Druckerdeinstallation für EPSON SX210 Series
EPSON Scan (x32)
Escape Rosecliff Island (x32 Version: 2.2.0.82)
Faerie Solitaire (x32 Version: 2.2.0.82)
FATE - The Traitor Soul (x32 Version: 2.2.0.82)
FileZilla Client 3.7.1 (x32 Version: 3.7.1)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
Fishdom Spooky Splash (x32 Version: 1.0)
Fotogalerie (x32 Version: 16.4.3503.0728)
Free System Utilities (x32 Version: 1.1.0.80)
Free SystemUtilities (x32 Version: 1.1.0.80)
Free Video Converter V 3.1 (x32 Version: 3.1.0.0)
FUJIFILM MyFinePix Studio 2.0 (x32)
Gameforge Live 1.0 "Legend" (x32 Version: 1.1.1724)
Glitzerndes Troja (x32)
Golden Tiger Casino (x32 Version: 16.9.2.739)
Google Chrome (x32 Version: 31.0.1650.57)
Google Update Helper (x32 Version: 1.3.21.165)
Identity Card (x32 Version: 1.00.3003)
ImagXpress (x32 Version: 7.0.74.0)
iMesh (HKCU Version: 12.0.0.133554)
Insaniquarium Deluxe (x32 Version: 2.2.0.82)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Jewel Quest (x32 Version: 2.2.0.82)
Jewel Quest Solitaire 3 (x32 Version: 2.2.0.82)
Launch Manager (x32 Version: 4.0.12)
Lexmark 810 Series
Logitech Webcam Software (x32 Version: 2.0)
Lyrics Seeker (x32)
MAGIX Foto Designer 7 (x32 Version: 7.0.1.1)
MAGIX Foto Manager MX (x32 Version: 9.0.1.238)
MAGIX Music Maker 17 (x32 Version: 17.0.2.30)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
Mahjongg Artifacts (x32 Version: 2.2.0.82)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
Movie Maker (x32 Version: 16.4.3503.0728)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
MyAshampoo Toolbar (x32 Version: 6.9.0.16)
NCH DE Toolbar (x32 Version: 6.8.5.1)
Need For Speed™ World (x32 Version: 1.0.0.1229)
Nero 9 Essentials (x32)
Nero Backup Drivers (Version: 1.0.10000.1.0)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero DiscSpeed (x32 Version: 5.4.13.100)
Nero DiscSpeed Help (x32 Version: 5.4.4.100)
Nero DriveSpeed (x32 Version: 4.4.12.100)
Nero DriveSpeed Help (x32 Version: 4.4.4.100)
Nero Express Help (x32 Version: 9.6.2.101)
Nero InfoTool (x32 Version: 6.4.12.100)
Nero InfoTool Help (x32 Version: 6.4.4.100)
Nero Installer (x32 Version: 4.4.9.0)
Nero Online Upgrade (x32 Version: 1.3.0.0)
Nero StartSmart (x32 Version: 9.4.37.100)
Nero StartSmart Help (x32 Version: 9.4.27.100)
Nero StartSmart OEM (x32 Version: 9.4.10.100)
NeroExpress (x32 Version: 9.4.33.100)
neroxml (x32 Version: 1.0.0)
No23 Recorder (x32 Version: 2.1.0.3)
Nokia Connectivity Cable Driver (x32 Version: 7.1.78.0)
Nokia Music Player (x32 Version: 2.5.11021)
Nokia Suite (x32 Version: 3.5.34.0)
Nokia_Multimedia_Common_Components_2_5 (x32 Version: 2.7.69)
Nostale(DE) (x32)
Notebook Hardware Control 2.0 Pre-Release-06 Bugfix (x32 Version: 2.0 Pre-Release-06 Bugfix)
Notepad++ (x32 Version: 6.1.5)
Open It! (x32 Version: 1.1.1)
OpenAL (x32)
OpenBVE (HKCU)
Opera 12.01 (x32 Version: 12.01.1532)
Overlord (x32 Version: 1.00.0606)
Packard Bell Game Console (x32)
Packard Bell Games (x32 Version: 1.0.0.80)
Packard Bell InfoCentre (x32 Version: 3.02.3000)
Packard Bell MyBackup (x32 Version: 2.0.0.60)
Packard Bell Power Management (x32 Version: 5.00.3004)
Packard Bell Recovery Management (x32 Version: 4.05.3011)
Packard Bell Registration (x32 Version: 1.03.3003)
Packard Bell ScreenSaver (x32 Version: 1.1.0330.2010)
Packard Bell Social Networks (x32 Version: 1.0.1517)
Packard Bell Updater (x32 Version: 1.02.3001)
Pando Media Booster (x32 Version: 2.6.0.9)
PC Connectivity Solution (x32 Version: 12.0.32.0)
Penguins! (x32 Version: 2.2.0.82)
Photo Gallery (x32 Version: 16.4.3503.0728)
Polar Bowler (x32 Version: 2.2.0.82)
Polar Golfer (x32 Version: 2.2.0.82)
Polar Pool (x32 Version: 2.2.0.82)
PunkBuster Services (x32 Version: 0.990)
QuickTime (x32 Version: 7.73.80.64)
RAF (x32 Version: 1.00.0001)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6000)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.10 (x32 Version: 6.10.104)
Slots Jungle Casino (x32 Version: 11.0.0)
Switch Audiodatei-Konverter (x32)
swMSM (x32 Version: 12.0.0.1)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
The Rise Of Atlantis (x32 Version: 1.0)
UltraISO Premium V9.52 (x32)
Unity Web Player (HKCU Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Zip Opener (HKCU)
Video Web Camera (x32 Version: 2.0.4.6)
Virtual Families (x32 Version: 2.2.0.82)
Virtual Villagers - A New Home (x32 Version: 2.2.0.82)
VLC media player 2.0.5 (Version: 2.0.5)
Voyage Puzzle (x32 Version: 1.0)
Welcome Center (x32 Version: 1.01.3002)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728)
Windows Live Essentials (x32 Version: 16.4.3503.0728)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3503.0728)
Windows Live Photo Common (x32 Version: 16.4.3503.0728)
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728)
Windows Live SOXE (x32 Version: 16.4.3503.0728)
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live UX Platform (x32 Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728)
Windows Movie Maker 2.6 (x32 Version: 2.6.4037.0)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
Wondershare Photo Collage Studio 4.2.9.2 (x32 Version: 4.2.9.2)
Yahtzee (x32 Version: 2.2.0.82)
Zuma Deluxe (x32 Version: 2.2.0.82)

==================== Restore Points  =========================

18-10-2013 13:38:37 Windows Update
30-10-2013 12:53:19 Installed Java 7 Update 45
08-11-2013 20:27:54 Installed iTunes
13-11-2013 20:01:16 Windows Update
16-11-2013 19:53:39 Free System Utilities 16.11.2013 20:53:36

==================== Hosts content: ==========================

2009-07-14 03:34 - 2012-11-12 19:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {04D903A4-6977-41DE-85A6-94D23242F3EA} - System32\Tasks\{6F119A88-F4B3-4DB8-8F8D-B11F0D5DA94B} => C:\Users\MikeB57\Desktop\AFK Bot.exe
Task: {082D986B-56E5-4A88-8399-0F7F79C5BE33} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
Task: {11269392-B508-44DF-A7A9-504DADE45792} - System32\Tasks\{C929936D-E6DA-43C6-B2D1-268DA2663659} => C:\Program Files (x86)\Opera\opera.exe [2012-08-05] (Opera Software)
Task: {1BA38CCC-C571-4DFE-80DB-770DFE556FE8} - System32\Tasks\{1DE4086D-68BE-4297-AF6F-AAA18CC7EEA6} => C:\Users\MikeB57\Desktop\AFK Bot.exe
Task: {2132BD41-3801-4B81-904C-D55BB1AA3405} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Covus Freemium\Free System Utilities\1Click.exe [2013-05-22] ()
Task: {21E40B44-96F6-442A-BEF2-A2E54F553F8E} - System32\Tasks\{0B77D68F-7A59-4211-BC0F-7ECC9EF7202F} => C:\Users\MikeB57\Desktop\AFK Bot.exe
Task: {245EA8E4-4843-46A5-AF72-8ABB02590E59} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {262EABDD-E786-4BAE-BCD9-5B15E8D6ECCF} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-07-05] ()
Task: {30767712-18BE-4E4D-AE9B-C801CA0BDBC2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-24] (Adobe Systems Incorporated)
Task: {50274238-D1BE-4756-815D-5636F149C994} - System32\Tasks\{CA833378-11CA-4067-AA2B-4000CEC2E0CC} => C:\Users\MikeB57\Desktop\gta_sa.exe
Task: {517618E2-B8B7-419B-BC72-5065E7D8232F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-24] (Google Inc.)
Task: {718AB00F-F672-45D7-893E-DD41578A971D} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1535645014-3109994127-20261425-1000 => Rundll32.exe portabledeviceapi.dll,#1
Task: {74610858-7416-4A79-88F0-7A11C9C05E38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-24] (Google Inc.)
Task: {80A015C7-E9E8-4A3E-8CC5-9906AB5664F9} - System32\Tasks\{2E1D4EEA-08C2-48A6-9571-A174909B3BB6} => C:\Users\MikeB57\Desktop\AFK Bot.exe
Task: {8C52CDC6-5498-42CF-9DD1-26EFA460C01E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8D356C38-288E-4B2F-A0B3-D0BAB0BB5833} - System32\Tasks\BackgroundContainer Startup Task => C:\Users\MikeB57\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll [2013-10-14] (Conduit Ltd.)
Task: {91F36DD0-85AC-42C4-8709-67120A2014F5} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => Rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => Rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
Task: {A0548A18-ED33-4A08-A83E-D0CC1449CD7F} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe aepdu.dll,AePduRunUpdate
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {D29AD45C-EE46-49F3-8E9E-2121A8764D79} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-07-08] ()
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => Rundll32.exe /d acproxy.dll,PerformAutochkOperations
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => Rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E85A4301-BBB2-4884-91D4-2F62659BFDC9} - System32\Tasks\DSite => C:\Users\MikeB57\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-09-01] ()
Task: {F86C1A97-33E9-4454-9BE0-B78F016C91B0} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe
Task: {FDCD7DE3-0B67-4C84-85E2-78A9586A2442} - System32\Tasks\EPUpdater => C:\Users\MikeB57\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DSite.job => C:\Users\MikeB57\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-08-04 12:49 - 2011-05-28 21:05 - 00164864 _____ () C:\Programme\WinRAR\rarext.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2010-01-07 13:42 - 2010-01-07 13:42 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-12 00:08 - 2010-09-12 00:08 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-06-20 13:48 - 2013-06-20 13:44 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\ACE.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 08506792 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 02353576 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 01013672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00363944 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 02480552 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 01346472 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00205736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 02652584 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00032680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00035240 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00206760 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 11166120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2012-08-03 15:07 - 2012-08-03 15:07 - 00276392 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2012-07-02 10:29 - 2012-07-02 10:29 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2012-07-02 10:29 - 2012-07-02 10:29 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00445864 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00520104 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00720296 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2012-08-03 15:05 - 2012-08-03 15:05 - 00604072 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00437672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2012-07-02 10:28 - 2012-07-02 10:28 - 00110080 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
2010-09-12 09:44 - 2009-05-20 23:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-11-15 20:45 - 2013-11-15 20:45 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-24 17:52 - 2013-11-24 17:52 - 16237448 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
2012-12-18 15:28 - 2012-12-18 15:28 - 00056832 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_de\brdlang32.DEU
2011-08-10 15:23 - 2013-01-14 14:34 - 09390592 _____ () C:\Users\MikeB57\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu
2012-12-18 15:28 - 2012-12-18 15:28 - 00305880 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
2011-08-10 15:24 - 2013-04-17 19:01 - 01319424 _____ () C:\Users\MikeB57\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.DEU
2011-08-10 15:24 - 2013-04-17 19:01 - 00316416 _____ () C:\Users\MikeB57\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.DEU
2011-08-10 15:24 - 2013-01-14 14:34 - 01180160 _____ () C:\Users\MikeB57\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.DEU
2011-08-10 15:24 - 2013-01-14 14:34 - 00100352 _____ () C:\Users\MikeB57\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.DEU
2011-08-10 15:24 - 2013-01-14 14:34 - 02682880 _____ () C:\Users\MikeB57\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.DEU
2011-08-10 15:24 - 2013-01-14 14:35 - 00014336 _____ () C:\Users\MikeB57\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/27/2013 05:36:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11653

Error: (11/27/2013 05:36:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11653

Error: (11/27/2013 05:36:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/27/2013 05:36:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10608

Error: (11/27/2013 05:36:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10608

Error: (11/27/2013 05:36:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/27/2013 05:36:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9563

Error: (11/27/2013 05:36:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9563

Error: (11/27/2013 05:36:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/27/2013 05:36:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8549


System errors:
=============
Error: (11/27/2013 07:20:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (11/27/2013 05:21:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (11/27/2013 04:26:10 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06

Error: (11/27/2013 04:25:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (11/27/2013 04:25:24 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst System Store erreicht.

Error: (11/27/2013 04:24:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (11/26/2013 02:47:57 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06

Error: (11/26/2013 02:46:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (11/26/2013 02:46:21 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎26.‎11.‎2013 um 14:40:48 unerwartet heruntergefahren.

Error: (11/26/2013 02:32:13 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06


Microsoft Office Sessions:
=========================
Error: (11/27/2013 05:36:05 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11653

Error: (11/27/2013 05:36:05 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11653

Error: (11/27/2013 05:36:05 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/27/2013 05:36:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10608

Error: (11/27/2013 05:36:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10608

Error: (11/27/2013 05:36:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/27/2013 05:36:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9563

Error: (11/27/2013 05:36:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9563

Error: (11/27/2013 05:36:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/27/2013 05:36:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8549


==================== Memory info ===========================

Percentage of memory in use: 63%
Total physical RAM: 3956.5 MB
Available physical RAM: 1438.51 MB
Total Pagefile: 7911.18 MB
Available Pagefile: 4622.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:452.97 GB) (Free:276.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 4B584B57)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 28.11.2013 13:13
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

darkrider78 29.11.2013 13:59
Code:
ComboFix 13-11-27.01 - MikeB57 29.11.2013  13:42:46.2.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3956.2664 [GMT 1:00]
ausgeführt von:: c:\users\MikeB57\Desktop\ComboFix1.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\EPLog.txt
c:\cflog\Host.txt
c:\program files (x86)\Complitly
c:\program files (x86)\Complitly\chrome\ComplitlyChrome.crx
c:\program files (x86)\Complitly\InstallHelper.dll
c:\program files (x86)\Complitly\InstallHelperNet4.dll
c:\program files (x86)\Complitly\Interop.IWshRuntimeLibrary.dll
c:\program files (x86)\Complitly\support@Complitly.com\,MaheshmadhukardhondAcPro.xpi
c:\program files (x86)\Complitly\support@Complitly.com\chrome.manifest
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\appIcon.png
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.xul
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files (x86)\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files (x86)\Complitly\support@Complitly.com\install.rdf
c:\program files (x86)\Complitly\System.Data.SQLite.dll
c:\program files (x86)\Complitly\ToolbarUninstall.exe
c:\program files (x86)\Complitly\unins000.dat
c:\program files (x86)\Complitly\unins000.exe
c:\users\MikeB57\AppData\Roaming\mIRC\logs\status.log
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome.manifest
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\asyncDB.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\background.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\browserAction.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\contextMenu.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\dbManager.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\dom_bg.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\fileManager.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\firefox.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\firefoxNotifications.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\firefoxOmnibox.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\message.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\pageAction.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\request.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\tabs.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api\webRequest.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\background.html
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\baseObject.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\browser.xul
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\console.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\consts.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\delegate.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\extensionDataStore.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\folderIOWrapper.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\httpObserver.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\IDBWrapper.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\installer.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\logFile.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\prefs.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\progressListenerObserver.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\registry.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\reloadObserver.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\reports.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\requestObject.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\searchSettings.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\uninstallObserver.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\updateManager.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\utils.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core\xhr.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\dialog.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\main.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\options.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\options.xul
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\search_dialog.xul
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\defaults\preferences\prefs.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\manifest.xml
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins.json
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\1_base.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\101_cortica_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\102_dealply_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\103_intext_5_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\104_jollywallet_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\105_corticas_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\108_icm_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\116_ads_only_5_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\119_similar_web_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\120_luck_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\123_intext_adv_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\125_arcadi2_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\126_revizer_ws_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\127_revizer_p_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\128_superfish_pricora_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\129_widdit_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\135_arcadi3_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\138_getdeal_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\142_intext_fa_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\159_cortica_rollover_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\17_jQuery.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\170_icm1_5_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\175_coolmirage_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\189_active_sanity.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\190_pops_5_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\191_ciuvo_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\194_retargeting_bi_m.js.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\21_debug.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\22_resources.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\28_initializer.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\47_resources_background.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\64_appApiMessage.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\7_hooks.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\72_appApiValidation.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\9_search_engine_hook.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\92_superfish_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\plugins\98_omniCommands.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\userCode\background.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\extensionData\userCode\extension.js
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\install.rdf
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\locale\en-US\translations.dtd
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\button1.png
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\button2.png
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\button3.png
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\button4.png
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\button5.png
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\crossrider_statusbar.png
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\icon128.png
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\icon16.png
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\icon24.png
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\icon48.png
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\panelarrow-up.png
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\popup.html
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\skin.css
c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin\update.css
c:\windows\IsUn0407.exe
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-10-28 bis 2013-11-29  ))))))))))))))))))))))))))))))
.
.
2013-11-29 12:54 . 2013-11-29 12:54        --------        d-----w-        c:\users\Public\AppData\Local\temp
2013-11-29 12:54 . 2013-11-29 12:54        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-11-28 16:53 . 2013-11-28 16:53        --------        d-----w-        C:\Casino
2013-11-27 22:32 . 2013-11-27 22:32        --------        d-----w-        c:\users\MikeB57\AppData\Local\Logitech
2013-11-27 22:31 . 2013-11-27 22:31        18960        ----a-w-        c:\windows\system32\drivers\LNonPnP.sys
2013-11-27 22:30 . 2013-11-27 22:32        --------        d-----w-        c:\program files\Logitech Gaming Software
2013-11-27 22:29 . 2013-11-27 22:29        --------        d-----w-        c:\users\MikeB57\AppData\Roaming\Logitech
2013-11-27 22:29 . 2013-11-27 22:29        --------        d-----w-        c:\users\MikeB57\AppData\Roaming\Logishrd
2013-11-27 18:30 . 2013-11-27 18:30        --------        d-----w-        C:\FRST
2013-11-13 15:43 . 2013-10-05 20:25        1474048        ----a-w-        c:\windows\system32\crypt32.dll
2013-11-13 15:42 . 2013-10-04 02:28        190464        ----a-w-        c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-13 15:42 . 2013-10-04 02:25        197120        ----a-w-        c:\windows\system32\credui.dll
2013-11-13 15:42 . 2013-10-04 02:24        1930752        ----a-w-        c:\windows\system32\authui.dll
2013-11-13 15:42 . 2013-10-04 01:58        152576        ----a-w-        c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-13 15:42 . 2013-10-04 01:56        168960        ----a-w-        c:\windows\SysWow64\credui.dll
2013-11-13 15:42 . 2013-10-04 01:56        1796096        ----a-w-        c:\windows\SysWow64\authui.dll
2013-11-13 15:42 . 2013-10-12 02:29        859648        ----a-w-        c:\windows\system32\IKEEXT.DLL
2013-11-13 15:42 . 2013-10-12 02:30        830464        ----a-w-        c:\windows\system32\nshwfp.dll
2013-11-13 15:42 . 2013-10-12 02:29        324096        ----a-w-        c:\windows\system32\FWPUCLNT.DLL
2013-11-13 15:42 . 2013-10-12 02:03        656896        ----a-w-        c:\windows\SysWow64\nshwfp.dll
2013-11-13 15:42 . 2013-10-12 02:01        216576        ----a-w-        c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-08 20:31 . 2013-11-08 20:31        --------        d-----w-        c:\program files (x86)\Audible
2013-11-08 20:29 . 2013-11-08 20:29        --------        d-----w-        c:\users\MikeB57\AppData\Local\Apple Computer
2013-11-08 20:29 . 2012-08-21 12:01        33240        ----a-w-        c:\windows\system32\drivers\GEARAspiWDM.sys
2013-11-08 20:28 . 2013-11-08 20:28        --------        d-----w-        c:\program files\iPod
2013-11-08 20:28 . 2013-11-08 21:17        --------        d-----w-        c:\program files (x86)\iTunes
2013-11-08 20:28 . 2013-11-08 20:29        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-08 20:28 . 2013-11-08 20:29        --------        d-----w-        c:\program files\iTunes
2013-11-08 20:27 . 2013-11-08 20:27        --------        d-----w-        c:\program files\Common Files\Apple
2013-11-08 20:27 . 2013-11-08 20:27        --------        d-----w-        c:\program files\Bonjour
2013-11-08 20:27 . 2013-11-08 20:27        --------        d-----w-        c:\program files (x86)\Bonjour
2013-11-02 22:03 . 2013-11-02 22:16        --------        d-----w-        c:\users\MikeB57\AppData\Roaming\CasinoOnNet
2013-11-02 22:02 . 2013-11-02 22:03        --------        d-----w-        c:\program files (x86)\CasinoOnNet
2013-11-02 21:18 . 2013-11-02 21:18        --------        d-----w-        c:\programdata\MGS
2013-11-02 21:18 . 2013-11-02 21:18        --------        d-----w-        C:\Microgaming
2013-10-30 12:55 . 2013-10-30 12:55        --------        d-----w-        c:\programdata\Oracle
2013-10-30 12:55 . 2013-10-30 12:55        --------        d-----w-        c:\program files (x86)\Common Files\Java
2013-10-30 12:55 . 2013-10-08 06:50        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-25 16:42 . 2013-06-21 07:38        83160        ----a-w-        c:\windows\system32\drivers\avnetflt.sys
2013-11-25 16:42 . 2013-06-20 12:48        28600        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2013-11-25 16:42 . 2013-06-20 12:48        132600        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2013-11-25 16:42 . 2013-06-20 12:48        106904        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2013-11-24 16:52 . 2011-08-08 22:38        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-20 14:53 . 2011-09-23 18:01        282296        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2013-11-20 14:53 . 2011-09-23 16:06        282296        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2013-11-20 14:52 . 2011-09-23 16:06        270240        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2013-11-13 20:02 . 2011-08-13 21:01        82896128        ----a-w-        c:\windows\system32\MRT.exe
2013-09-08 02:30 . 2013-10-12 14:34        1903552        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-12 14:34        327168        ----a-w-        c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-12 14:34        231424        ----a-w-        c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-18 01:11        343040        ----a-w-        c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-18 01:11        325120        ----a-w-        c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-18 01:11        99840        ----a-w-        c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-18 01:11        52736        ----a-w-        c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-18 01:11        30720        ----a-w-        c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-18 01:11        25600        ----a-w-        c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-18 01:11        7808        ----a-w-        c:\windows\system32\drivers\usbd.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files (x86)\MyAshampoo\prxtbMyA2.dll" [2013-10-14 226592]
"{b106b661-3e1b-4015-af5c-195e909f35c6}"= "c:\program files (x86)\NCH_DE\prxtbNCH2.dll" [2013-10-14 226592]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_CLASSES_ROOT\clsid\{b106b661-3e1b-4015-af5c-195e909f35c6}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2013-10-14 14:04        226592        ----a-w-        c:\program files (x86)\MyAshampoo\prxtbMyA2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{b106b661-3e1b-4015-af5c-195e909f35c6}]
2013-10-14 14:04        226592        ----a-w-        c:\program files (x86)\NCH_DE\prxtbNCH2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files (x86)\MyAshampoo\prxtbMyA2.dll" [2013-10-14 226592]
"{b106b661-3e1b-4015-af5c-195e909f35c6}"= "c:\program files (x86)\NCH_DE\prxtbNCH2.dll" [2013-10-14 226592]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_CLASSES_ROOT\clsid\{b106b661-3e1b-4015-af5c-195e909f35c6}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-08-03 1086376]
"BackgroundContainer"="c:\users\MikeB57\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll" [2013-10-14 319264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-03-08 258560]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-11-25 683576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
.
c:\users\MikeB57\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Produktregistrierung.lnk - c:\program files\Logitech Gaming Software\EReg\eReg.exe /remind /language=DEU /_WFM="." [2013-11-27 517384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Audible Download Manager.lnk - c:\program files (x86)\Audible\Bin\AudibleDownloadHelper.exe /Startup [2011-3-14 2125472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R1 acedrv06;acedrv06;c:\windows\system32\drivers\acedrv06.sys;c:\windows\SYSNATIVE\drivers\acedrv06.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SystemStoreService;System Store;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\users\MikeB57\AppData\Local\Temp\EverestDriver.sys;c:\users\MikeB57\AppData\Local\Temp\EverestDriver.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 hxctlflt;hxctlflt;c:\windows\system32\Drivers\hxctlflt.sys;c:\windows\SYSNATIVE\Drivers\hxctlflt.sys [x]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C615(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 SpeedBoosterSvc;AppBooster 2.0 Service;c:\program files (x86)\Common Files\MC Common\BoostService.exe;c:\program files (x86)\Common Files\MC Common\BoostService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 X6va005;X6va005;c:\users\MikeB57\AppData\Local\Temp\0055C77.tmp;c:\users\MikeB57\AppData\Local\Temp\0055C77.tmp [x]
R3 X6va006;X6va006;c:\users\MikeB57\AppData\Local\Temp\00615F0.tmp;c:\users\MikeB57\AppData\Local\Temp\00615F0.tmp [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va013;X6va013;c:\windows\SysWOW64\Drivers\X6va013;c:\windows\SysWOW64\Drivers\X6va013 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys;c:\windows\SYSNATIVE\Drivers\LGPBTDD.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-24 17:05        1210320        ----a-w-        c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-26 16:52]
.
2013-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-24 16:53]
.
2013-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-24 16:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-04-23 861216]
"LXBSCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXBStime.dll" [2007-02-22 28672]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-08-01 8290584]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801937&CUI=UN36506250126661762
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>;*.local
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 83.169.185.225 192.168.0.1
FF - ProfilePath - c:\users\MikeB57\AppData\Roaming\Mozilla\Firefox\Profiles\ctceoxf8.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 96f8d35800000000000070f1a1f78fcf
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15949
FF - user.js: extensions.delta.vrsn - 1.8.24.6
FF - user.js: extensions.delta.vrsni - 1.8.24.6
FF - user.js: extensions.delta.vrsnTs - 1.8.24.616:48
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119357&tsp=4992
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\MikeB57\AppData\Local\Akamai\netsession_win.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file)
WebBrowser-{B106B661-3E1B-4015-AF5C-195E909F35C6} - (no file)
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files (x86)\Complitly\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\MikeB57\AppData\Local\Temp\0055C77.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va006]
"ImagePath"="\??\c:\users\MikeB57\AppData\Local\Temp\00615F0.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va013]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va013"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FotoManagerDeluxe.9.alb"
.
[HKEY_USERS\S-1-5-21-1535645014-3109994127-20261425-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1535645014-3109994127-20261425-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{722b3793-5367-4446-b6bb-db89b05c1f24}\LocalServer32]
@DACL=(02 0000)
@=expand:"%SystemRoot%\\System32\\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {722b3793-5367-4446-b6bb-db89b05c1f24}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-11-29  13:57:47
ComboFix-quarantined-files.txt  2013-11-29 12:57
ComboFix2.txt  2012-11-12 18:45
.
Vor Suchlauf: 27 Verzeichnis(se), 292.520.886.272 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 293.311.242.240 Bytes frei
.
- - End Of File - - AB9E5E9E716872E1BDD5B60329C7A7EB


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:24 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27