Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ungültiges Bild - Windows 7

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.02.2013, 00:48   #1
uli_lu
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7



Hallo Zusammen,

habe leider Töchterlein schon lange nicht mehr auf die Finger geschaut...
Beim Start von Chrome oder Firefox und mittlerweile von anderen Programmen kommt immer diese Meldung.
Ungültiges Bild - xxx.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder enthält einen Fehler ...
Darauf hin habe ich den Malwarebytes Anti-Malware laufen lassen und dort kamen dann (PUP.Funmoods) und 2 Rootviren zum Vorschein.
Habe anschliessend OTL und GERM geladen und die Logfiles erstellt.
Könnt ihr bitte mal drüberschauen und sagen, ob noch was zu retten ist? Ich habe zwar eine Recovery-CD, aber ich habe noch kein System neu aufgesetzt.

Vielen Dank und viele Grüße
Uli

OTL
Code:
ATTFilter
OTL logfile created on: 12.02.2013 00:22:45 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\xxxx\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,87 Gb Total Physical Memory | 2,90 Gb Available Physical Memory | 74,96% Memory free
7,73 Gb Paging File | 6,85 Gb Available in Paging File | 88,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581,42 Gb Total Space | 493,16 Gb Free Space | 84,82% Space Free | Partition Type: NTFS
 
Computer Name: xxxx-PC | User Name: xxxx| Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\xxxx\Downloads\OTL.com (OldTimer Tools)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll ()
MOD - C:\Users\xxxx\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\xxxx\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
MOD - C:\Users\xxxx\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (WebOptimizer) -- C:\Windows\SysNative\dmwu.exe ()
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
SRV - (vToolbarUpdater14.1.7) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (Web Assistant Updater) -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (FSORSPClient) -- C:\Program Files (x86)\M-net\Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (FSMA) -- C:\Program Files (x86)\M-net\Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (FSDFWD) -- C:\Program Files (x86)\M-net\Sicherheitspaket\FWES\Program\fsdfwd.exe (F-Secure Corporation)
SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (Maxtor Sync Service) -- C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe (Seagate Technology LLC)
SRV - (IGDCTRL) -- C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (avmaura) -- C:\Windows\SysNative\drivers\avmaura.sys (AVM Berlin)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (fsbts) -- C:\Windows\SysNative\drivers\fsbts.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (acedrv09) -- C:\Windows\SysNative\drivers\acedrv09.sys (Protect Software GmbH)
DRV:64bit: - (acehlp09) -- C:\Windows\SysNative\drivers\acehlp09.sys (Protect Software GmbH)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\avgidsfiltera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (avmaudio) -- C:\Windows\SysNative\drivers\avmaudio.sys (AVM Berlin)
DRV:64bit: - (FSES) -- C:\Windows\SysNative\drivers\fses.sys (F-Secure Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BcmVWL) -- C:\Windows\SysNative\drivers\bcmvwl64.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (FSFW) -- C:\Windows\SysNative\drivers\fsdfw.sys (F-Secure Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (F-Secure Gatekeeper) -- C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys ()
DRV - (fsbts) -- C:\Windows\SysWOW64\drivers\fsbts.sys ()
DRV - (F-Secure HIPS) -- C:\Program Files (x86)\M-net\Sicherheitspaket\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (fsvista) -- C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.funmoods.com/?f=1&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBzy0AyCtC0E0DzzyC0DyEtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2077873333
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBzy0AyCtC0E0DzzyC0DyEtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2077873333
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.funmoods.com/?f=1&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBzy0AyCtC0E0DzzyC0DyEtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2077873333
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6DC0B2DD-0FDB-82BC-95BE-6D953C4BB2C2}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10016&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBzy0AyCtC0E0DzzyC0DyEtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2077873333
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10016&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=114347&tt=090812_ppc_3212_7&babsrc=HP_ss&mntrId=7c4e86d4000000000000c0cb3813afb0
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?st=2&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\SearchScopes,Backup.Old.DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=114347&tt=090812_ppc_3212_7&babsrc=SP_ss&mntrId=7c4e86d4000000000000c0cb3813afb0
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\SearchScopes\{6DC0B2DD-0FDB-82BC-95BE-6D953C4BB2C2}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10016&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={48937519-2FCF-4CF4-8832-64F200E9A0AA}&mid=454a7ff0d5e247d0b7632104e47e881e-d3af78b1fd4e46e4f1cc12e6e04a0accfc389ce4&lang=de&ds=AVG&pr=pr&d=2012-08-11 20:18:59&v=12.2.0.5&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb155/?search={searchTerms}&loc=IB_DS&a=6R8BKlqZkq&i=26
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000.10016&st=1&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}&q={searchTerms}&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://home.sweetim.com/?crg=3.1010000.10016&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}"
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "SearchTheWeb"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.iminent.com/?appId=C7BBB885-60DD-411D-A3EA-677FCF3E14B1"
FF - prefs.js..extensions.enabledAddons: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..extensions.enabledAddons: {C9B68337-E93A-44EA-94DC-CB300EC06444}:5.30.4
FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: litmus-ff@f-secure.com:1.10
FF - prefs.js..extensions.enabledAddons: webbooster@iminent.com:5.49.4.0
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.9.0.0
FF - prefs.js..extensions.enabledAddons: avg@toolbar:14.1.0.10
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7Bfd9495a9-7b09-46a2-bbab-d7c3d5f196f7%7D&mid=454a7ff0d5e247d0b7632104e47e881e-d3af78b1fd4e46e4f1cc12e6e04a0accfc389ce4&ds=AVG&v=13.2.0.5&lang=de&pr=pr&d=2012-08-11%2020%3A18%3A59&sap=ku&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?affID=114347&tt=090812_ppc_3212_7&babsrc=HP_ss&mntrId=7c4e86d4000000000000c0cb3813afb0"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.defaultenginename: ""
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\xxxx\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\xxxx\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\xxxx\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.09.29 14:31:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\M-net\Sicherheitspaket\NRS\litmus-ff@f-secure.com [2013.01.03 18:40:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.09.29 14:31:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.1.0.10 [2013.02.08 20:46:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.04 20:55:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.04 20:55:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.04 20:55:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.05.01 13:33:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\Extensions
[2011.05.01 13:33:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.02.11 23:18:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\Firefox\Profiles\g2jbo56y.default\extensions
[2013.02.06 20:33:50 | 000,224,945 | ---- | M] () (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\firefox\profiles\g2jbo56y.default\extensions\gophoto@gophoto.it.xpi
[2012.12.13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\firefox\profiles\g2jbo56y.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013.02.11 20:36:16 | 000,190,000 | ---- | M] () (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\firefox\profiles\g2jbo56y.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012.12.10 18:15:30 | 000,003,978 | ---- | M] () -- C:\Users\xxxx\AppData\Roaming\mozilla\firefox\profiles\g2jbo56y.default\searchplugins\sweetim.xml
[2012.08.11 11:38:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.04.09 09:14:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.08.11 11:38:27 | 000,000,000 | ---D | M] (DealPly) -- C:\Program Files (x86)\mozilla firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IMINENT\WEBBOOSTER@IMINENT.COM
[2013.01.03 18:40:41 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:creator="(c) 2007 by F-Secure" em:description="Browsing Protection Toolbar" em:homepageURL="hxxp://www.f-secure.com/" em:iconURL="chrome://litmus-ff/skin/logo.png" em:id="litmus-ff@f-secure.com" em:name="Browsing Protection" em:updateURL="https://10.70.0.25/fireup/update.rdf" em:version="1.10">) -- C:\PROGRAM FILES (X86)\M-NET\SICHERHEITSPAKET\NRS\LITMUS-FF@F-SECURE.COM
[2013.02.08 20:46:47 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\14.1.0.10
File not found (No name found) -- C:\USERS\xxxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G2JBO56Y.DEFAULT\EXTENSIONS\{C9B68337-E93A-44EA-94DC-CB300EC06444}
File not found (No name found) -- C:\USERS\xxxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G2JBO56Y.DEFAULT\EXTENSIONS\PLUGIN@YONTOO.COM
[2012.07.31 10:27:56 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.05.16 13:34:55 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.08 20:46:02 | 000,003,592 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.08.11 11:32:20 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.05.16 13:34:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.05.16 13:34:55 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.05.16 13:34:55 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.05.16 13:34:55 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.05.16 13:34:55 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\xxxx\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\xxxx\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\xxxx\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\xxxx\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\xxxx\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\xxxx\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\xxxx\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Funmoods = C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\
CHR - Extension: SpeedDial = C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\4.0_0\
CHR - Extension: Babylon Toolbar = C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\
CHR - Extension: Web Assistant = C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\
CHR - Extension: DealPly = C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\
CHR - Extension: DealPly = C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.3.7.2_0\
CHR - Extension: AVG Security Toolbar = C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.1.0.10_0\
CHR - Extension: GoPhoto.it = C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.5_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (DivX) - {1E37A1FF-843E-4627-A8C4-00279C4ACDC2} - C:\Users\xxxx\AppData\Roaming\DivX\IE\DivX.dll (DivX, LLC. Rovi Corporation)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (NoScript) - {601369AE-97AF-4402-807D-7516155B484B} - C:\Users\xxxx\AppData\Roaming\NoScript\IE\NoScript.dll (Giorgio Maone)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll ()
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\M-net\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\M-net\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\M-net\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files (x86)\M-net\Sicherheitspaket\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001..\Run: [{E334E162-0A31-688C-E341-BBAE31151EFC}] C:\Users\xxxx\AppData\Roaming\Reymd\ebza.exe File not found
O4 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001..\Run: [AVMUSBFernanschluss] C:\Users\xxxx\AppData\Local\Apps\2.0\J678VH6P.L93\MYPC1L0P.HW7\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe (AVM Berlin)
O4 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001..\Run: [Facebook Update] C:\Users\xxxx\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe (Somoto)
O4 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001..\Run: [Spotify] C:\Users\xxxx\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001..\Run: [Spotify Web Helper] C:\Users\xxxx\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKLM..\RunOnce: [Del2199551] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001..\RunOnce: [Del2199551] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk =  File not found
O4 - Startup: C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found
O4 - Startup: C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000023 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 10.13.2)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02732CE3-ACE5-414B-AB9E-60A0EB2C3EA2}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C39A436-F746-4C31-99A0-2B839CAE794B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll ()
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\BROWSE~1.DLL ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.12 00:20:33 | 000,000,000 | ---D | C] -- C:\Users\xxxx\AppData\Roaming\DealPly
[2013.02.12 00:19:27 | 000,000,000 | ---D | C] -- C:\Users\xxxx\Documents\Virus
[2013.02.12 00:07:48 | 000,000,000 | ---D | C] -- C:\Users\xxxx\AppData\Roaming\Malwarebytes
[2013.02.12 00:07:39 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.12 00:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.12 00:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.12 00:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.12 00:07:19 | 000,000,000 | ---D | C] -- C:\Users\xxxx\AppData\Local\Programs
[2013.02.11 20:54:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.02.11 20:53:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013.02.11 20:53:26 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.02.11 20:53:26 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.11 20:52:39 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.11 20:52:39 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.11 20:52:39 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.11 20:25:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013.02.08 20:48:09 | 000,000,000 | ---D | C] -- C:\Users\xxxx\Documents\Simkarte
[2013.02.06 20:27:44 | 000,000,000 | ---D | C] -- C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
[2013.02.05 19:35:07 | 000,000,000 | ---D | C] -- C:\Users\xxxx\AppData\Roaming\vlc
[2013.02.05 19:35:06 | 000,000,000 | ---D | C] -- C:\Users\xxxx\Local Settings
[2013.02.05 19:34:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.02.05 19:33:25 | 000,000,000 | ---D | C] -- C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
[2013.02.05 19:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FilesFrog Update Checker
[2013.02.05 19:28:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gophoto.it
[2013.01.31 17:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013.01.17 18:32:58 | 000,116,480 | ---- | C] (AVM Berlin) -- C:\Windows\SysNative\drivers\avmaura.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.12 00:07:39 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.11 23:49:08 | 001,522,482 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.11 23:49:08 | 000,661,834 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.11 23:49:08 | 000,623,716 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.11 23:49:08 | 000,133,564 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.11 23:49:08 | 000,109,954 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.11 23:44:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.11 23:44:10 | 3113,238,528 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.11 23:30:19 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013.02.11 23:29:43 | 000,298,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.11 23:11:07 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3354740022-1682059011-2982652592-1001UA.job
[2013.02.11 23:09:14 | 000,000,866 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013.02.11 23:02:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.11 22:58:28 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3354740022-1682059011-2982652592-1001Core.job
[2013.02.11 22:53:05 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3354740022-1682059011-2982652592-1001UA.job
[2013.02.11 22:48:05 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.11 22:48:04 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.11 21:31:40 | 109,675,590 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2013.02.11 21:16:09 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2013.02.11 21:16:08 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2013.02.11 20:52:24 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.11 20:52:22 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.02.11 20:52:22 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.02.11 20:52:22 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.11 20:52:22 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.11 20:52:22 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.08 20:45:23 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.02.04 14:46:49 | 000,072,507 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2013.02.03 13:59:07 | 000,002,366 | ---- | M] () -- C:\Users\xxxx\Desktop\Google Chrome.lnk
[2013.01.28 18:43:32 | 422,348,078 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.01.17 18:32:42 | 000,116,480 | ---- | M] (AVM Berlin) -- C:\Windows\SysNative\drivers\avmaura.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.12 00:07:39 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.22 18:43:05 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2012.08.11 11:38:16 | 000,384,844 | ---- | C] () -- C:\Users\xxxx\AppData\Local\funmoods-speeddial.crx
[2012.08.11 11:38:16 | 000,031,465 | ---- | C] () -- C:\Users\xxxx\AppData\Local\funmoods.crx
[2011.11.03 16:57:35 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2011.05.23 17:18:58 | 000,027,648 | ---- | C] () -- C:\Users\xxxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.01 08:49:25 | 001,550,100 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.30 16:49:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.01.31 17:05:24 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.01.31 17:05:24 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012.08.11 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\AVG2012
[2012.08.11 11:32:08 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Babylon
[2012.08.11 11:33:20 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\BabylonToolbar
[2013.02.12 00:20:33 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\DealPly
[2012.06.17 09:50:36 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\EssentialPIM Pro
[2012.10.12 13:34:27 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\F-Secure
[2011.12.22 14:37:41 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\FRITZ!
[2011.09.16 18:09:30 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\go
[2012.02.16 15:46:24 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Idegun
[2012.05.13 11:55:21 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Klett
[2012.04.05 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Kytoih
[2012.07.14 09:49:31 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Nvu
[2011.07.03 12:57:50 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\OpenOffice.org
[2012.02.16 15:42:15 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Oxcu
[2011.05.01 18:50:36 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Phase6
[2012.02.18 12:59:36 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Reymd
[2012.12.22 19:38:38 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\SoftGrid Client
[2013.02.11 23:34:02 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Spotify
[2013.02.11 23:16:34 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Systweak
[2011.05.01 13:33:53 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Thunderbird
[2011.05.01 08:50:13 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\TP
[2011.07.02 16:34:22 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\WildTangent
[2011.04.30 16:53:47 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 

< End of report >
         
Extra
Code:
ATTFilter
OTL Extras logfile created on: 12.02.2013 00:22:45 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Vali\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,87 Gb Total Physical Memory | 2,90 Gb Available Physical Memory | 74,96% Memory free
7,73 Gb Paging File | 6,85 Gb Available in Paging File | 88,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581,42 Gb Total Space | 493,16 Gb Free Space | 84,82% Space Free | Partition Type: NTFS
 
Computer Name: xxxxPC | User Name: xxxx| Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F251030-5F36-46A2-A851-3A36248EE846}" = lport=139 | protocol=6 | dir=in | app=system | 
"{111B9EE6-D497-4937-99DB-2D9D9EC0326B}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{2D1988C8-C0E3-4F59-90B4-AEFFE64B0336}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2E984FFB-CABD-481A-B077-9D37562E1691}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{33D81A77-53A8-4DFB-B67E-D93BEE6E741D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{41FB7B46-6573-45FC-B687-EE68F8719435}" = rport=137 | protocol=17 | dir=out | app=system | 
"{460C1118-D497-4823-AC3F-EBCDBFBFC347}" = lport=445 | protocol=6 | dir=in | app=system | 
"{578F4F8B-5544-4E52-918E-1AAC402E8D40}" = lport=138 | protocol=17 | dir=in | app=system | 
"{59FD3F55-27C2-4025-81D6-811B1DE7CFA0}" = rport=445 | protocol=6 | dir=out | app=system | 
"{5BAD54CD-629B-4BAA-9E6A-B546E9701E3D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7C6A125A-ABF0-4D54-9110-2AFA134BD108}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{8415A67F-6C06-4867-95B3-9BD522B72F23}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{84DC0458-6B96-4640-A7EF-AEA8680B26BF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A28C0DB0-84FE-4B51-AC9C-ACE732565D10}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B7E6AD2C-176B-4C3E-813F-5581FF221A7A}" = lport=137 | protocol=17 | dir=in | app=system | 
"{B825A56C-50CD-4B88-AC8F-829A39681106}" = rport=139 | protocol=6 | dir=out | app=system | 
"{BC292893-3CCF-4D1C-8E40-ED002B2A2FB1}" = rport=138 | protocol=17 | dir=out | app=system | 
"{BE54001E-0AF9-4C76-B754-1C4E66A3DAA5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C5A59292-97B4-40D8-8221-E72640D4D6EB}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{D08E7550-A04A-4C15-8525-4CCB4C71FE5A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DA8274E5-F393-43BD-AE2C-0B81784FCC66}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{E23DA732-BCE3-4430-B4D9-D5B44BF39690}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{EE0DAD39-5E69-4876-9D3C-9E6690A1B016}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EF5C2752-5778-4978-B3D3-D2660DED4D2C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{F9FB1C55-FB4A-4C11-B958-3BDF8F879412}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02A4FC99-5968-4159-AD9E-6401AF8A386A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{050388FA-4372-4D8C-9E31-CC091207287A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{07E1C365-0920-4F0A-BE36-54E3E30093D8}" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!dsl\webwaigd.exe | 
"{098AFC7F-C50A-43BB-930E-EBE611040CCB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{0A93B689-619E-418E-AB75-5C1C8912DA4A}" = dir=in | app=c:\users\vali\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{120BF98B-63C3-4D83-B33E-7BA481782884}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{177170DD-0467-4FF6-8C73-31FCCD31E9AB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{1820A0E0-553D-4795-B2C0-A0C2C2F41E46}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{18456809-6293-430A-9B2A-6964C668664E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{18A8BFD7-FADA-4E9F-9B36-6F983367A684}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{1CD9058E-1E7A-4C43-9467-B7E607EAC49B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1D16D2B0-C282-4A8B-A75C-273DDBEDF42F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{1DC132F7-C2D8-4464-B859-4B16A4B6BA76}" = protocol=6 | dir=out | app=system | 
"{204A27DF-E692-4504-A769-E03D6DC3CFD8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{232DECA5-551C-4764-8775-97E7B53F1254}" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!dsl\igdctrl.exe | 
"{277327E9-C882-4F95-B955-0339217114F0}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{2874D7D5-F998-4FF1-A4E3-535DC4033083}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{36F8FA22-9174-43DC-A861-7404DE5435E8}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{39936E84-2360-4CE8-B0D1-45996B43DB0A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{3BCD9199-5C3F-443A-9477-83644462C4B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{40079DE9-3741-45C2-AB47-25E9382519D2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{426DC2BE-B4FB-405C-A906-14773FBD9BF0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{48194BFC-8187-4507-8B1A-9DE1D8E9FAF9}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{4969171C-35D3-414B-A5DA-C04E15B62817}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4EECDB24-C79E-4C2F-9DFD-77B80BD63355}" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!dsl\igdctrl.exe | 
"{5B5F3FDA-C766-4560-BDD4-1FF5CF70B8C2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5D87D3FE-520C-4072-A158-9FC84E3E2979}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{5FFFEB69-FB55-47F5-8402-2BAAD15D36A4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{61F445AA-E09F-49E0-84D1-B97874DF9FF7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{632638D0-7E09-4B16-B842-5F5FBE9DE286}" = protocol=6 | dir=in | app=c:\users\vali\appdata\local\apps\2.0\j678vh6p.l93\mypc1l0p.hw7\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{634B6336-6B75-4CF0-87D5-D27DC78EBEBA}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{67D6FDA9-EFE5-44D1-84F4-6D36C967AF87}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{68883797-1F7A-43DD-8F50-6D387141B4BB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{78F8489C-51B8-4284-BDB9-D8ADC52C15DB}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{7B8C371D-0202-4CCF-AF58-5A955FC58EF1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7CDB6E09-81CE-4578-9273-FC7A7253F665}" = protocol=17 | dir=in | app=c:\users\vali\appdata\local\apps\2.0\j678vh6p.l93\mypc1l0p.hw7\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{879B2610-26DE-41BA-ABE5-E53E32D2D6EB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8B4B4826-1B32-4B03-8FB5-BBE175616B14}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8CFB812A-8B9F-4E6E-AA58-C5B27DEFD8FC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8D357124-4CD3-49F8-8E90-64B507B698ED}" = protocol=6 | dir=in | app=c:\users\vali\appdata\local\apps\2.0\j678vh6p.l93\mypc1l0p.hw7\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{8E0DBA75-7466-44FB-AF1E-D97CC4BE69E2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{8FF6413D-BDB3-435D-B03C-718FCC3CF2D5}" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!dsl\fboxupd.exe | 
"{9655123F-CD2A-469C-BC24-6C99E085058C}" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!dsl\fboxupd.exe | 
"{97EC672A-AE99-4380-8831-ED25B4F5699B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{982D33C7-49F5-4628-93F9-EF9486EF6F4D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{98CFFFC8-8849-4155-9125-B27541AC8738}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9AE4D6F0-D91E-4CA3-96E8-9307A84166DB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9C085D26-9669-41FF-BC66-37297558D334}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{9CA34BE2-9B2C-43FB-8782-98B48CC00AC1}" = protocol=6 | dir=in | app=c:\users\vali\appdata\local\apps\2.0\j678vh6p.l93\mypc1l0p.hw7\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe | 
"{A50F0FF8-5CD4-4C50-B768-82128A1AE780}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{A60CC92F-5EF0-4BFD-86EB-861550986018}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{A917DC36-E8DD-4566-B39A-6D0F203B4F1F}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{B6345A83-2870-439F-86A9-F7EAE79E39EF}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{BC1C5B64-F88F-4486-83C5-5B5C240FF6EB}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{BC977599-F79F-49EA-98C3-3B522DF115E0}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{BE5310DE-60DE-4FE1-8090-8D8F5EAFD55F}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{BEAC434E-FC89-4A7C-9782-F7CBC9BBFD97}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{C2D29DD9-9079-424A-A1DB-73A52D75F41C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{CF9B1058-604C-42DE-9B4D-DF7074CC5733}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{DB09CB2D-468A-42A7-B9B4-A26DD06B72BB}" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!dsl\webwaigd.exe | 
"{DBD80052-152D-4A5A-8846-10542AEA6525}" = protocol=17 | dir=in | app=c:\users\vali\appdata\local\apps\2.0\j678vh6p.l93\mypc1l0p.hw7\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe | 
"{F01C4BD9-4CE9-4555-A3D6-FDB2EB613996}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{F3528BBD-8B9E-4540-A8FE-2BE3C097DBDF}" = protocol=17 | dir=in | app=c:\users\vali\appdata\local\apps\2.0\j678vh6p.l93\mypc1l0p.hw7\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"TCP Query User{85DBCF08-24C0-4998-A583-FC44474066C2}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"TCP Query User{91F93724-BF04-49E4-9449-7E7824096468}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"UDP Query User{43B54C9B-1B7C-47FD-9E16-8EAF1CCEB746}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"UDP Query User{AD91508B-BB41-4B8B-A34D-4531A17B50EE}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0B591597-EE32-F353-ECAA-FB4F58474691}" = ATI AVIVO64 Codecs
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86416018F0}" = Java(TM) 6 Update 18 (64-bit)
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.478
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{70AD2848-D236-459A-BF18-BF8E063D7BB2}" = AVG 2012
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F59A8AC-1D7B-8578-38F7-8F5166FA8580}" = ccc-utility64
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{EF5745D9-C0A7-4D40-2900-AD093F232827}" = ATI Catalyst Install Manager
"{F2A13695-0BD3-47E2-91E0-2F5DB86FA439}" = AVG 2012
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AF09E130E2FD4D1BEFD1B9132AE624BAE0364719" = Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (03/24/2010 6.3.0.2501)
"AVG" = AVG 2012
"DW WLAN Card Utility" = DW WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WNLT" = Web Optimizer
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1B2BDFB3-3786-A62F-F498-83F9EE3FBD0F}" = CCC Help Japanese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20068980-5702-5CA7-F335-6592852F7F59}" = CCC Help Italian
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2457326B-C110-40C3-89B0-889CC913871A}" = AVM FRITZ!DSL
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3D6F16CA-13B8-6425-A71A-B91DB3E14F51}" = CCC Help Danish
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE43CB4-9FB5-82E1-780C-9D38E2F1391E}" = CCC Help Dutch
"{4E92EA05-3171-42DA-91BF-88F96440B180}" = Découvertes 1 Sprachtrainer Kommunikation
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{597BBBD5-8A69-CF88-2DE3-67194CE5C071}" = Catalyst Control Center Graphics Previews Common
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E015CC-52DA-4536-AF0C-C643BA1E45FB}" = Catalyst Control Center - Branding
"{7677040A-E5AA-998C-8810-59F0B5D3E0A8}" = Catalyst Control Center InstallProxy
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CC90569-A7DB-5EA0-A9FE-0C5799A28B11}" = CCC Help Chinese Traditional
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DEB7DD7-FC6D-76C6-712D-40968A736963}" = CCC Help Swedish
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92531F24-21E5-C8EC-30E6-D56536FD61C7}" = CCC Help Finnish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9BC422FB-175A-0191-C141-B8B453DAF06E}" = Catalyst Control Center Graphics Previews Vista
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1C21906-351B-685E-7263-A4C30DF381E0}" = CCC Help German
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AB6EE148-B13E-C19D-2732-CD0EB23C39B8}" = CCC Help Portuguese
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE6A55A2-C71F-57DD-E498-7B8F317C0E15}" = ccc-core-static
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D11D2A79-78FA-EA15-CC16-8F24817EAED2}" = CCC Help Korean
"{D165A6B1-6985-072E-969E-333D759D6777}" = CCC Help Spanish
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DF28B648-9636-5DE8-A072-54A5323B0CDA}" = CCC Help Norwegian
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E8DEB138-8DAC-EB25-87CE-D38A2C1C35CE}" = CCC Help French
"{ED01D958-AEDC-40C8-93FD-0C08E8AA9530}" = Maxtor Manager
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F393B7C2-136F-2956-30A3-1099C8394B51}" = CCC Help Chinese Standard
"{F6F4AF75-109A-638B-80D5-87283B00CD5E}" = Catalyst Control Center Localization All
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB46EFDE-44F4-83F1-3044-68F5E95E3D4E}" = CCC Help English
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FBCCCFB0-D89D-C91F-B9B1-8AB1760C1DD0}" = CCC Help Russian
"{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}" = Sprachtrainer Fonts
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1" = Advanced System Protector
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AVG Secure Search" = AVG Security Toolbar
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"BabylonToolbar" = Babylon toolbar on IE
"bi_uninstaller" = Bundled software uninstaller
"DealPly" = DealPly
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"EADM" = EA Download Manager
"EssentialPIM Pro" = EssentialPIM Pro
"FilesFrog Update Checker" = FilesFrog Update Checker
"F-Secure Product 444" = M-net Sicherheitspaket
"funmoods" = Funmoods Web Search
"incredibar" = Incredibar Toolbar  on IE
"InstallShield_{ED01D958-AEDC-40C8-93FD-0C08E8AA9530}" = Maxtor Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird (6.0.2)" = Mozilla Thunderbird (6.0.2)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nvu_is1" = Nvu 1.0
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"phase-6" = phase-6 2.1.2.3a
"phase-6 Feeding Tool" = phase-6 Feeding Tool 1.1.4
"ProtectDisc Driver" = ProtectDisc Helper Driver
"Video Downloader" = Video Downloader
"WildTangent dell Master Uninstall" = WildTangent-Spiele
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3354740022-1682059011-2982652592-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DealPly" = unnm=Version Checker for Dealply
"f018cf21c0452c64" = FRITZ!Box USB-Fernanschluss
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 15.07.2012 10:39:19 | Computer Name = Vali-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 315  2012-07-15  16:39:18+02:00  VALI-PC  Vali-PC\Vali  F-Secure Anti-Virus

 Crash detected.    \Device\HarddiskVolume3\Program Files (x86)\Electronic Arts\Die
 Sims 3\Game\Bin\Sims3Launcher.exe  
 
Error - 15.07.2012 10:40:16 | Computer Name = Vali-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 316  2012-07-15  16:40:15+02:00  VALI-PC  Vali-PC\Vali  F-Secure Anti-Virus

 Crash detected.    \Device\HarddiskVolume3\Windows\System32\uxtheme.dll \Device\HarddiskVolume3\Program
 Files (x86)\M-net\Sicherheitspaket\Spam Control\fsscoepl_x64.dll  
 
Error - 15.07.2012 10:55:13 | Computer Name = Vali-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 317  2012-07-15  16:55:12+02:00  VALI-PC  Vali-PC\Vali  F-Secure Anti-Virus

 Crash detected.    \Device\HarddiskVolume3\Windows\System32\shell32.dll  
 
Error - 15.07.2012 10:55:23 | Computer Name = Vali-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 318  2012-07-15  16:55:22+02:00  VALI-PC  Vali-PC\Vali  F-Secure Anti-Virus

 Crash detected.    \Device\HarddiskVolume3\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

 
Error - 15.07.2012 10:57:04 | Computer Name = Vali-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 319  2012-07-15  16:57:03+02:00  VALI-PC  Vali-PC\Vali  F-Secure Anti-Virus

 Crash detected.    \Device\HarddiskVolume3\Windows\System32\charmap.exe  
 
Error - 15.07.2012 10:57:10 | Computer Name = Vali-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 320  2012-07-15  16:57:09+02:00  VALI-PC  Vali-PC\Vali  F-Secure Anti-Virus

 Crash detected.    \Device\HarddiskVolume3\Windows\System32\Dism.exe  
 
Error - 15.07.2012 10:57:19 | Computer Name = Vali-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 321  2012-07-15  16:57:18+02:00  VALI-PC  Vali-PC\Vali  F-Secure Anti-Virus

 Crash detected.    \Device\HarddiskVolume3\Windows\System32\ie4uinit.exe  
 
Error - 15.07.2012 10:57:47 | Computer Name = Vali-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 322  2012-07-15  16:57:46+02:00  VALI-PC  Vali-PC\Vali  F-Secure Anti-Virus

 Crash detected.    \Device\HarddiskVolume3\Windows\System32\poqexec.exe  
 
Error - 15.07.2012 10:57:52 | Computer Name = Vali-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 323  2012-07-15  16:57:51+02:00  VALI-PC  Vali-PC\Vali  F-Secure Anti-Virus

 Crash detected.    \Device\HarddiskVolume3\Windows\System32\regsvr32.exe  
 
Error - 15.07.2012 10:58:18 | Computer Name = Vali-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 324  2012-07-15  16:58:17+02:00  VALI-PC  Vali-PC\Vali  F-Secure Anti-Virus

 Crash detected.    \Device\HarddiskVolume3\Program Files\Windows Media Player\WMPDMCCore.dll

 
Error - 15.07.2012 10:58:23 | Computer Name = Vali-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 325  2012-07-15  16:58:22+02:00  VALI-PC  Vali-PC\Vali  F-Secure Anti-Virus

 Crash detected.    \Device\HarddiskVolume3\Program Files\Windows Mail\msoe.dll  
 
[ Media Center Events ]
Error - 23.04.2012 09:08:39 | Computer Name = Vali-PC | Source = MCUpdate | ID = 0
Description = 15:08:39 - Fehler beim Herstellen der Internetverbindung.  15:08:39 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 07.05.2012 10:20:40 | Computer Name = Vali-PC | Source = MCUpdate | ID = 0
Description = 16:17:42 - Fehler beim Herstellen der Internetverbindung.  16:17:58 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 07.05.2012 11:21:05 | Computer Name = Vali-PC | Source = MCUpdate | ID = 0
Description = 17:21:02 - Fehler beim Herstellen der Internetverbindung.  17:21:02 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 08.05.2012 09:49:49 | Computer Name = Vali-PC | Source = MCUpdate | ID = 0
Description = 15:48:08 - Fehler beim Herstellen der Internetverbindung.  15:48:16 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 09.05.2012 08:14:17 | Computer Name = Vali-PC | Source = MCUpdate | ID = 0
Description = 14:13:42 - Fehler beim Herstellen der Internetverbindung.  14:13:57 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14.05.2012 10:39:46 | Computer Name = Vali-PC | Source = MCUpdate | ID = 0
Description = 16:39:25 - Fehler beim Herstellen der Internetverbindung.  16:39:29 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14.05.2012 17:36:06 | Computer Name = Vali-PC | Source = MCUpdate | ID = 0
Description = 23:36:06 - Fehler beim Herstellen der Internetverbindung.  23:36:06 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 21.05.2012 18:28:08 | Computer Name = Vali-PC | Source = MCUpdate | ID = 0
Description = 00:28:08 - Fehler beim Herstellen der Internetverbindung.  00:28:08 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 22.05.2012 09:17:20 | Computer Name = Vali-PC | Source = MCUpdate | ID = 0
Description = 15:14:43 - Fehler beim Herstellen der Internetverbindung.  15:14:43 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 08.06.2012 17:48:53 | Computer Name = Vali-PC | Source = MCUpdate | ID = 0
Description = 23:48:40 - Fehler beim Herstellen der Internetverbindung.  23:48:40 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 11.02.2013 18:45:19 | Computer Name = Vali-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 11.02.2013 18:45:19 | Computer Name = Vali-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 11.02.2013 18:45:19 | Computer Name = Vali-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 11.02.2013 18:45:19 | Computer Name = Vali-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 11.02.2013 18:45:21 | Computer Name = Vali-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 11.02.2013 18:45:21 | Computer Name = Vali-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 11.02.2013 18:45:21 | Computer Name = Vali-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 11.02.2013 18:45:23 | Computer Name = Vali-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 11.02.2013 18:45:23 | Computer Name = Vali-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 11.02.2013 18:45:23 | Computer Name = Vali-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
 
< End of report >
         
malwarebytes
Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.11.10

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Vali :: VALI-PC [Administrator]

12.02.2013 00:08:41
MBAM-log-2013-02-12 (00-15-53).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 215186
Laufzeit: 3 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 33
HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\funmoods.funmoodsHlpr.1 (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\funmoods.funmoodsHlpr (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\escort.escortIEPane.1 (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\escort.escortIEPane (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\funmoods.dskBnd.1 (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\funmoods.dskBnd (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\f (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Funmoods (PUP.FunMoods) -> Keine Aktion durchgeführt.
HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\funmoods (PUP.FunMoods) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Daten: Funmoods Toolbar -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Daten:  -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{E334E162-0A31-688C-E341-BBAE31151EFC} (Trojan.ZbotR.Gen) -> Daten: C:\Users\Vali\AppData\Roaming\Reymd\ebza.exe -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 5
C:\Users\Vali\AppData\LocalLow\Funmoods (PUP.FunMoods) -> Keine Aktion durchgeführt.
C:\Users\Vali\AppData\LocalLow\Funmoods\Funmoods (PUP.FunMoods) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Funmoods (PUP.FunMoods) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Funmoods\1.5.23.22 (PUP.FunMoods) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Funmoods\1.5.23.22\bh (PUP.FunMoods) -> Keine Aktion durchgeführt.

Infizierte Dateien: 18
C:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll (PUP.Funmoods) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Funmoods\1.5.23.22\funmoodssrv.exe (PUP.Funmoods) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll (PUP.Funmoods) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Funmoods\1.5.23.22\escortApp.dll (PUP.Funmoods) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Funmoods\1.5.23.22\escortEng.dll (PUP.Funmoods) -> Keine Aktion durchgeführt.
C:\Users\Vali\AppData\Local\Temp\R1tv_gBa.exe.part (PUP.BundleInstaller.VG) -> Keine Aktion durchgeführt.
C:\Users\Vali\Downloads\the_vampire_diaries_staffel_1_folge1.exe (PUP.Adware.Agent) -> Keine Aktion durchgeführt.
C:\Users\Vali\Downloads\video_downloader (1).exe (PUP.BundleInstaller.VG) -> Keine Aktion durchgeführt.
C:\Users\Vali\Downloads\video_downloader (2).exe (PUP.BundleInstaller.VG) -> Keine Aktion durchgeführt.
C:\Users\Vali\Downloads\video_downloader (3).exe (PUP.BundleInstaller.VG) -> Keine Aktion durchgeführt.
C:\Users\Vali\Downloads\video_downloader.exe (PUP.BundleInstaller.VG) -> Keine Aktion durchgeführt.
C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Keine Aktion durchgeführt.
C:\Users\Vali\AppData\Local\funmoods.crx (PUP.Funmoods) -> Keine Aktion durchgeführt.
C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.9183528705332796.exe.lnk (Backdoor.Agent) -> Keine Aktion durchgeführt.
C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage (PUP.FunMoods) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Funmoods\1.5.23.22\escortShld.dll (PUP.FunMoods) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Funmoods\1.5.23.22\FavIcon.ico (PUP.FunMoods) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Funmoods\1.5.23.22\uninstall.exe (PUP.FunMoods) -> Keine Aktion durchgeführt.

(Ende)
         

Alt 12.02.2013, 07:00   #2
t'john
/// Helfer-Team
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7





Die Bereinigung besteht aus mehreren Schritten, die ausgefuehrt werden muessen.
Diese Nacheinander abarbeiten und die 3 Logs, die dabei erstellt werden bitte in deine naechste Antwort einfuegen.

Sollte der OTL-FIX nicht richig durchgelaufen sein. Fahre nicht fort, sondern melde dies bitte.

1. Schritt

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:
  • Der Fix fängt mit :OTL an. Vergewissere dich, dass du ihn richtig kopiert hast.

Ersetze die *** Sternchen wieder in den Benutzernamen zurück!
Code:
ATTFilter
:OTL

SRV:64bit: - (WebOptimizer) -- C:\Windows\SysNative\dmwu.exe () 
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 
IE - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local 
O4 - HKU\S-1-5-21-3354740022-1682059011-2982652592-1001..\Run: [{E334E162-0A31-688C-E341-BBAE31151EFC}] C:\Users\xxxx\AppData\Roaming\Reymd\ebza.exe File not found 

:Files 
C:\ProgramData\*.exe
C:\ProgramData\*.dll
C:\ProgramData\*.tmp
C:\ProgramData\TEMP
C:\Users\xxxx\*.tmp
C:\Users\xxxx\AppData\Local\Temp\*.exe
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache
ipconfig /flushdns /c
:Commands
[emptytemp]
         
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!



2. Schritt
Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


danach:

3. Schritt
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________

__________________

Alt 12.02.2013, 20:42   #3
uli_lu
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7



Hallo t'john,
vielen Dank für Deine Hilfe!

otl

Code:
ATTFilter
 All processes killed
========== OTL ==========
Service WebOptimizer stopped successfully!
Service WebOptimizer deleted successfully!
C:\Windows\SysNative\dmwu.exe moved successfully.
HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-3354740022-1682059011-2982652592-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3354740022-1682059011-2982652592-1001\Software\Microsoft\Windows\CurrentVersion\Run\\{E334E162-0A31-688C-E341-BBAE31151EFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E334E162-0A31-688C-E341-BBAE31151EFC}\ not found.
========== FILES ==========
File\Folder C:\ProgramData\*.exe not found.
File\Folder C:\ProgramData\*.dll not found.
File\Folder C:\ProgramData\*.tmp not found.
File\Folder C:\ProgramData\TEMP not found.
File\Folder C:\Users\Vali\*.tmp not found.
C:\Users\Vali\AppData\Local\Temp\CommonInstaller.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1064.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD10F0.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD11AC.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD11CB.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1296.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1351.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1498.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD14B8.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD157.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1708.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1747.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1776.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD193A.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD19C6.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1B4C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1B8B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1BC9.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1C46.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1C84.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1D30.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1D7E.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1DBC.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1EF4.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1F71.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD1FCF.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD203C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD207A.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2210.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2211.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD223F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD22DB.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2348.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2413.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2442.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2490.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD252C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD254B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD25B8.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2828.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD28A5.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2960.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD29DD.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD29DE.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2AF6.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2B24.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2B44.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2D37.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2DD3.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2E5F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2E8E.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD2F49.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3052.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD317B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3448.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3458.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3513.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3514.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD369.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3793.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD37E1.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3800.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD381F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD38FA.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3996.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3997.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3A8F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3B7.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3CB1.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3F40.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3F6F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3FEC.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD3FFC.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD40B7.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD424C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD42F8.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD4356.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD43D2.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD4440.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD44FE.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD47A9.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD47F7.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD48F1.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD4B13.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD4C0.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD4E0.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD4E00.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD4E4E.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD4E6D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD4EF.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD4F38.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD4FF3.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD5002.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD50E.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD50F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD52E0.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD537C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD53E9.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD5437.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD54D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD5697.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD57C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD58F8.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD5946.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD5A10.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD5A4F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD5BA.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD5F6D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD5F8.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD6038.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD6363.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD63B1.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD656.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD6569.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD65F3.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD667F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD694.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD694D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD6AE2.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD6C4B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD7020.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD7454.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD76F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD7D1B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD7E33.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD7EA1.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD82A.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD83BF.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD84B9.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD8709.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD897.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD8D31.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD908D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD91A4.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD933.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD94DF.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD97EC.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD980A.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD98F4.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD991.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EAD9E7F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADA3C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADA3D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADA8A.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADA9A6.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADAAA.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADACA3.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADAE77.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADAEE4.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB17.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB2BB.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB309.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB3C4.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB6EF.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB77B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB7F8.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB817.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB84.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB856.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB88.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADB940.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADBB.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADBB23.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADBD84.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADBE10.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADC254.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADC283.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADC3EA.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADC995.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADCBD6.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADCD0E.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADCDC.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADCE8B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADCFA.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADCFAD.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD1EE.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD22D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD25B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD393.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD538.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD567.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD789.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD854.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD873.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD8A2.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD8FF.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD93E.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADD95D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADDAD3.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADDC59.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADDC69.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADDCB7.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADDCC7.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADDCE6.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADDDB1.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADDE2D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADDF08.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADDF09.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADDF46.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE0DC.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE0DD.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE0FB.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE10B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE10C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE178.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE1C6.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE1F5.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE214.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE262.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE263.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE32D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE38A.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE39A.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE3C9.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE436.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE493.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE52.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE520.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE59D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE5BC.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE6D5.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE751.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE780.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE781.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE79F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE7ED.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE81C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE8B8.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE8E7.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADE973.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADEA6D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADEBC4.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADEC12.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADEC22.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADECBF.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADECCD.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADED1B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADED2B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADED3B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADED6A.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADEE53.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADEE73.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADEF3D.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADEFBA.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADEFD.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF047.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF075.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF18E.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF1AD.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF391.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF3C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF3C0.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF3DF.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF44C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF45C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF527.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF528.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF64F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF70A.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF7A6.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF7A7.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF7E5.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF804.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF842.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF843.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF95B.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADF99A.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADFA64.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADFB00.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADFB5F.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADFBFA.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADFC29.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADFD42.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADFD80.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADFE1C.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADFED7.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\EADFFA2.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\FacebookUpdateSetup_v1.2.205.0.exe45addf6 moved successfully.
C:\Users\Vali\AppData\Local\Temp\GoogleUpdateSetup.exe1418fd7a moved successfully.
C:\Users\Vali\AppData\Local\Temp\GoogleUpdateSetup.exe983ee moved successfully.
C:\Users\Vali\AppData\Local\Temp\GoogleUpdateSetup.exeb9626 moved successfully.
C:\Users\Vali\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\MachineIdCreator.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\msg84DB.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\oi_{C2855587-BFCB-450C-9C0D-C30789109BDD}.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\Setup.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\Shortcut_setup.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\simbo.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\SIMEEIInstaller.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\ToolbarInstaller.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\UpdateCheckerSetup.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\vlc-2.0.2-win32.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\vlc-2.0.5-win32.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\YontooSetup-S.exe moved successfully.
C:\Users\Vali\AppData\Local\Temp\_3D80.exe moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Vali\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Vali\Desktop\cmd.bat deleted successfully.
C:\Users\Vali\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Vali
->Temp folder emptied: 1057182810 bytes
->Temporary Internet Files folder emptied: 81234489 bytes
->FireFox cache emptied: 66254699 bytes
->Google Chrome cache emptied: 365921379 bytes
->Flash cache emptied: 42352 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 436281799 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36181 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 53478943 bytes
 
Total Files Cleaned = 1.965,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 02122013_123006

Files\Folders moved on Reboot...
C:\Users\Vali\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
otl-scan
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.02.2013 12:40:45 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Vali\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,87 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 49,57% Memory free
7,73 Gb Paging File | 5,31 Gb Available in Paging File | 68,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581,42 Gb Total Space | 494,61 Gb Free Space | 85,07% Space Free | Partition Type: NTFS
 
Computer Name: VALI-PC | User Name: Vali | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Vali\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe (Somoto)
PRC - C:\Users\Vali\AppData\Local\Apps\2.0\J678VH6P.L93\MYPC1L0P.HW7\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe (AVM Berlin)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Vali\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\fssm32.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\FSGK32.EXE (F-Secure Corporation)
PRC - C:\Programme\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (Systweak)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - C:\Program Files (x86)\M-net\Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\M-net\Sicherheitspaket\Common\FSLAUNCH.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe (Seagate Technology LLC)
PRC - C:\Program Files (x86)\Maxtor\OneTouch Status\MaxMenuMgr.exe (Maxtor Corporation)
PRC - C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\fbc05b5b05dc6366b02b8e2f77d080f1\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\20008c75bb41e2febf84d4d4aea5b4e8\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\be74d258a0daa0e11197e1dcb1b3b0b9\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\02d5be8209f0eac6f7725f8d83b87df6\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\887ef2648686aad19feff405eddbffd2\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\ad18f93fc713db2c4b29b25116c13bd8\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1e85062785e286cd9eae9c26d2c61f73\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\SiteSafety.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e43f80b6a3a40323520dd89cb77500a8\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Advanced System Protector\aspsys.dll ()
MOD - C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll ()
MOD - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
SRV - (vToolbarUpdater14.1.7) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (Web Assistant Updater) -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (FSORSPClient) -- C:\Program Files (x86)\M-net\Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (FSMA) -- C:\Program Files (x86)\M-net\Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (FSDFWD) -- C:\Program Files (x86)\M-net\Sicherheitspaket\FWES\Program\fsdfwd.exe (F-Secure Corporation)
SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (Maxtor Sync Service) -- C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe (Seagate Technology LLC)
SRV - (IGDCTRL) -- C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (avmaura) -- C:\Windows\SysNative\drivers\avmaura.sys (AVM Berlin)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (fsbts) -- C:\Windows\SysNative\drivers\fsbts.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (acedrv09) -- C:\Windows\SysNative\drivers\acedrv09.sys (Protect Software GmbH)
DRV:64bit: - (acehlp09) -- C:\Windows\SysNative\drivers\acehlp09.sys (Protect Software GmbH)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\avgidsfiltera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (avmaudio) -- C:\Windows\SysNative\drivers\avmaudio.sys (AVM Berlin)
DRV:64bit: - (FSES) -- C:\Windows\SysNative\drivers\fses.sys (F-Secure Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BcmVWL) -- C:\Windows\SysNative\drivers\bcmvwl64.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (FSFW) -- C:\Windows\SysNative\drivers\fsdfw.sys (F-Secure Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (F-Secure Gatekeeper) -- C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys ()
DRV - (fsbts) -- C:\Windows\SysWOW64\drivers\fsbts.sys ()
DRV - (F-Secure HIPS) -- C:\Program Files (x86)\M-net\Sicherheitspaket\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (fsvista) -- C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.funmoods.com/?f=1&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBzy0AyCtC0E0DzzyC0DyEtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2077873333
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBzy0AyCtC0E0DzzyC0DyEtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2077873333
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.funmoods.com/?f=1&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBzy0AyCtC0E0DzzyC0DyEtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2077873333
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6DC0B2DD-0FDB-82BC-95BE-6D953C4BB2C2}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10016&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBzy0AyCtC0E0DzzyC0DyEtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2077873333
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10016&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=114347&tt=090812_ppc_3212_7&babsrc=HP_ss&mntrId=7c4e86d4000000000000c0cb3813afb0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?st=2&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=114347&tt=090812_ppc_3212_7&babsrc=SP_ss&mntrId=7c4e86d4000000000000c0cb3813afb0
IE - HKCU\..\SearchScopes\{6DC0B2DD-0FDB-82BC-95BE-6D953C4BB2C2}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10016&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={48937519-2FCF-4CF4-8832-64F200E9A0AA}&mid=454a7ff0d5e247d0b7632104e47e881e-d3af78b1fd4e46e4f1cc12e6e04a0accfc389ce4&lang=de&ds=AVG&pr=pr&d=2012-08-11 20:18:59&v=12.2.0.5&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb155/?search={searchTerms}&loc=IB_DS&a=6R8BKlqZkq&i=26
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000.10016&st=1&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}&q={searchTerms}&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://home.sweetim.com/?crg=3.1010000.10016&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED}"
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "SearchTheWeb"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.iminent.com/?appId=C7BBB885-60DD-411D-A3EA-677FCF3E14B1"
FF - prefs.js..extensions.enabledAddons: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..extensions.enabledAddons: {C9B68337-E93A-44EA-94DC-CB300EC06444}:5.30.4
FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: litmus-ff@f-secure.com:1.10
FF - prefs.js..extensions.enabledAddons: webbooster@iminent.com:5.49.4.0
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.9.0.0
FF - prefs.js..extensions.enabledAddons: avg@toolbar:14.1.0.10
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7Bfd9495a9-7b09-46a2-bbab-d7c3d5f196f7%7D&mid=454a7ff0d5e247d0b7632104e47e881e-d3af78b1fd4e46e4f1cc12e6e04a0accfc389ce4&ds=AVG&v=13.2.0.5&lang=de&pr=pr&d=2012-08-11%2020%3A18%3A59&sap=ku&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?affID=114347&tt=090812_ppc_3212_7&babsrc=HP_ss&mntrId=7c4e86d4000000000000c0cb3813afb0"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.defaultenginename: ""
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Vali\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vali\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vali\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.09.29 14:31:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\M-net\Sicherheitspaket\NRS\litmus-ff@f-secure.com [2013.01.03 18:40:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.09.29 14:31:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.1.0.10 [2013.02.08 20:46:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.04 20:55:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.04 20:55:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.04 20:55:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.05.01 13:33:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vali\AppData\Roaming\mozilla\Extensions
[2011.05.01 13:33:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vali\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.02.11 23:18:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vali\AppData\Roaming\mozilla\Firefox\Profiles\g2jbo56y.default\extensions
[2013.02.06 20:33:50 | 000,224,945 | ---- | M] () (No name found) -- C:\Users\Vali\AppData\Roaming\mozilla\firefox\profiles\g2jbo56y.default\extensions\gophoto@gophoto.it.xpi
[2012.12.13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\Vali\AppData\Roaming\mozilla\firefox\profiles\g2jbo56y.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013.02.11 20:36:16 | 000,190,000 | ---- | M] () (No name found) -- C:\Users\Vali\AppData\Roaming\mozilla\firefox\profiles\g2jbo56y.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012.12.10 18:15:30 | 000,003,978 | ---- | M] () -- C:\Users\Vali\AppData\Roaming\mozilla\firefox\profiles\g2jbo56y.default\searchplugins\sweetim.xml
[2012.08.11 11:38:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.04.09 09:14:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.08.11 11:38:27 | 000,000,000 | ---D | M] (DealPly) -- C:\Program Files (x86)\mozilla firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IMINENT\WEBBOOSTER@IMINENT.COM
[2013.01.03 18:40:41 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:creator="(c) 2007 by F-Secure" em:description="Browsing Protection Toolbar" em:homepageURL="hxxp://www.f-secure.com/" em:iconURL="chrome://litmus-ff/skin/logo.png" em:id="litmus-ff@f-secure.com" em:name="Browsing Protection" em:updateURL="https://10.70.0.25/fireup/update.rdf" em:version="1.10">) -- C:\PROGRAM FILES (X86)\M-NET\SICHERHEITSPAKET\NRS\LITMUS-FF@F-SECURE.COM
[2013.02.08 20:46:47 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\14.1.0.10
File not found (No name found) -- C:\USERS\VALI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G2JBO56Y.DEFAULT\EXTENSIONS\{C9B68337-E93A-44EA-94DC-CB300EC06444}
File not found (No name found) -- C:\USERS\VALI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G2JBO56Y.DEFAULT\EXTENSIONS\PLUGIN@YONTOO.COM
[2012.07.31 10:27:56 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.05.16 13:34:55 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.08 20:46:02 | 000,003,592 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.08.11 11:32:20 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.05.16 13:34:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.05.16 13:34:55 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.05.16 13:34:55 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.05.16 13:34:55 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.05.16 13:34:55 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vali\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vali\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vali\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vali\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Vali\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Vali\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Vali\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Funmoods = C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\
CHR - Extension: SpeedDial = C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\4.0_0\
CHR - Extension: Babylon Toolbar = C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\
CHR - Extension: Web Assistant = C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\
CHR - Extension: DealPly = C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.3.7.2_0\
CHR - Extension: AVG Security Toolbar = C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.1.0.10_0\
CHR - Extension: GoPhoto.it = C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.5_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (DivX) - {1E37A1FF-843E-4627-A8C4-00279C4ACDC2} - C:\Users\Vali\AppData\Roaming\DivX\IE\DivX.dll (DivX, LLC. Rovi Corporation)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (NoScript) - {601369AE-97AF-4402-807D-7516155B484B} - C:\Users\Vali\AppData\Roaming\NoScript\IE\NoScript.dll (Giorgio Maone)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll ()
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\M-net\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\M-net\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\M-net\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files (x86)\M-net\Sicherheitspaket\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Users\Vali\AppData\Local\Apps\2.0\J678VH6P.L93\MYPC1L0P.HW7\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe (AVM Berlin)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Vali\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe (Somoto)
O4 - HKCU..\Run: [Spotify] C:\Users\Vali\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Vali\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found
O4 - Startup: C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000023 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files (x86)\M-net\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 10.13.2)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02732CE3-ACE5-414B-AB9E-60A0EB2C3EA2}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C39A436-F746-4C31-99A0-2B839CAE794B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll ()
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\BROWSE~1.DLL ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.12 12:30:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.02.12 12:26:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vali\Desktop\OTL.exe
[2013.02.12 00:20:33 | 000,000,000 | ---D | C] -- C:\Users\Vali\AppData\Roaming\DealPly
[2013.02.12 00:19:27 | 000,000,000 | ---D | C] -- C:\Users\Vali\Documents\Virus
[2013.02.12 00:07:48 | 000,000,000 | ---D | C] -- C:\Users\Vali\AppData\Roaming\Malwarebytes
[2013.02.12 00:07:39 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.12 00:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.12 00:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.12 00:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.12 00:07:19 | 000,000,000 | ---D | C] -- C:\Users\Vali\AppData\Local\Programs
[2013.02.11 20:54:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.02.11 20:53:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013.02.11 20:53:26 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.02.11 20:53:26 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.11 20:52:39 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.11 20:52:39 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.11 20:52:39 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.11 20:25:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013.02.08 20:48:09 | 000,000,000 | ---D | C] -- C:\Users\Vali\Documents\Simkarte
[2013.02.06 20:27:44 | 000,000,000 | ---D | C] -- C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
[2013.02.05 19:35:07 | 000,000,000 | ---D | C] -- C:\Users\Vali\AppData\Roaming\vlc
[2013.02.05 19:35:06 | 000,000,000 | ---D | C] -- C:\Users\Vali\Local Settings
[2013.02.05 19:34:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.02.05 19:33:25 | 000,000,000 | ---D | C] -- C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
[2013.02.05 19:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FilesFrog Update Checker
[2013.02.05 19:28:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gophoto.it
[2013.01.31 17:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013.01.17 18:32:58 | 000,116,480 | ---- | C] (AVM Berlin) -- C:\Windows\SysNative\drivers\avmaura.sys
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.12 12:43:37 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.12 12:43:37 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.12 12:42:35 | 001,522,482 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.12 12:42:35 | 000,662,084 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.12 12:42:35 | 000,623,926 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.12 12:42:35 | 000,133,782 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.12 12:42:35 | 000,110,164 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.12 12:35:09 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013.02.12 12:34:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.12 12:34:52 | 3113,238,528 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.12 12:25:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vali\Desktop\OTL.exe
[2013.02.12 12:21:20 | 109,704,950 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2013.02.12 02:11:02 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3354740022-1682059011-2982652592-1001UA.job
[2013.02.12 02:02:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.12 00:07:39 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.11 23:29:43 | 000,298,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.11 23:09:14 | 000,000,866 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013.02.11 22:58:28 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3354740022-1682059011-2982652592-1001Core.job
[2013.02.11 22:53:05 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3354740022-1682059011-2982652592-1001UA.job
[2013.02.11 21:16:09 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2013.02.11 21:16:08 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2013.02.11 20:52:24 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.11 20:52:22 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.02.11 20:52:22 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.02.11 20:52:22 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.11 20:52:22 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.11 20:52:22 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.08 20:45:23 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.02.04 14:46:49 | 000,072,507 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2013.02.03 13:59:07 | 000,002,366 | ---- | M] () -- C:\Users\Vali\Desktop\Google Chrome.lnk
[2013.01.28 18:43:32 | 422,348,078 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.01.17 18:32:42 | 000,116,480 | ---- | M] (AVM Berlin) -- C:\Windows\SysNative\drivers\avmaura.sys
 
========== Files Created - No Company Name ==========
 
[2013.02.12 00:07:39 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.22 18:43:05 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2012.08.11 11:38:16 | 000,384,844 | ---- | C] () -- C:\Users\Vali\AppData\Local\funmoods-speeddial.crx
[2012.08.11 11:38:16 | 000,031,465 | ---- | C] () -- C:\Users\Vali\AppData\Local\funmoods.crx
[2011.11.03 16:57:35 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2011.05.23 17:18:58 | 000,027,648 | ---- | C] () -- C:\Users\Vali\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.01 08:49:25 | 001,550,100 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.30 16:49:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---
[/CODE]

mbar-log
Code:
ATTFilter
 Malwarebytes Anti-Rootkit BETA 1.01.0.1020
www.malwarebytes.org

Database version: v2013.02.12.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Vali :: VALI-PC [administrator]

12.02.2013 20:42:38
mbar-log-2013-02-12 (20-42-38).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30683
Time elapsed: 10 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 77
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TYPELIB\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\esrv.funmoodsESrvc (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.funmoodsESrvc (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\escort.escortIEPane.1 (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\escort.escortIEPane (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\escort.escortIEPane (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\escort.escortIEPane.1 (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\funmoods.funmoodsHlpr.1 (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\funmoods.funmoodsHlpr (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\funmoods.funmoodsHlpr (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\funmoods.funmoodsHlpr.1 (PUP.FunMoods) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TYPELIB\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\funmoods.dskBnd.1 (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\funmoods.dskBnd (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\funmoods.dskBnd (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\funmoods.dskBnd.1 (PUP.Funmoods) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TYPELIB\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\funmoodsApp.appCore.1 (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\funmoodsApp.appCore (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\funmoodsApp.appCore (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\funmoodsApp.appCore.1 (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\f (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\f (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TYPELIB\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{23C70BCA-6E23-4A65-AD2E-1389062074F1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{295CACB4-51F5-46FD-914E-C72BAAE1B672} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{C0585B2F-74D7-4734-88DE-6C150C5D4036} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{EF0588D6-1621-4A75-B8BE-F4BC34794136} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{23C70BCA-6E23-4A65-AD2E-1389062074F1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{295CACB4-51F5-46FD-914E-C72BAAE1B672} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C0585B2F-74D7-4734-88DE-6C150C5D4036} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EF0588D6-1621-4A75-B8BE-F4BC34794136} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Delete on reboot.
HKCU\SOFTWARE\Funmoods (PUP.FunMoods) -> Delete on reboot.
HKCU\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Delete on reboot.
HKCU\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\funmoods (PUP.FunMoods) -> Delete on reboot.

Registry Values Detected: 2
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: Funmoods Toolbar -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data:  -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 5
c:\Users\Vali\AppData\LocalLow\Funmoods (PUP.FunMoods) -> Delete on reboot.
c:\Users\Vali\AppData\LocalLow\Funmoods\Funmoods (PUP.FunMoods) -> Delete on reboot.
c:\Program Files (x86)\Funmoods (PUP.FunMoods) -> Delete on reboot.
c:\Program Files (x86)\Funmoods\1.5.23.22 (PUP.FunMoods) -> Delete on reboot.
c:\Program Files (x86)\Funmoods\1.5.23.22\bh (PUP.FunMoods) -> Delete on reboot.

Files Detected: 17
c:\Program Files (x86)\Funmoods\1.5.23.22\funmoodssrv.exe (PUP.Funmoods) -> Delete on reboot.
c:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll (PUP.FunMoods) -> Delete on reboot.
c:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll (PUP.Funmoods) -> Delete on reboot.
c:\Program Files (x86)\Funmoods\1.5.23.22\escortApp.dll (PUP.Funmoods) -> Delete on reboot.
c:\Program Files (x86)\Funmoods\1.5.23.22\escortEng.dll (PUP.Funmoods) -> Delete on reboot.
c:\Users\Vali\Downloads\the_vampire_diaries_staffel_1_folge1.exe (PUP.Adware.Agent) -> Delete on reboot.
c:\Users\Vali\Downloads\video_downloader (1).exe (PUP.BundleInstaller.VG) -> Delete on reboot.
c:\Users\Vali\Downloads\video_downloader (2).exe (PUP.BundleInstaller.VG) -> Delete on reboot.
c:\Users\Vali\Downloads\video_downloader (3).exe (PUP.BundleInstaller.VG) -> Delete on reboot.
c:\Users\Vali\Downloads\video_downloader.exe (PUP.BundleInstaller.VG) -> Delete on reboot.
c:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Delete on reboot.
c:\Users\Vali\AppData\Local\funmoods.crx (PUP.Funmoods) -> Delete on reboot.
c:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.9183528705332796.exe.lnk (Backdoor.Agent) -> Delete on reboot.
c:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage (PUP.FunMoods) -> Delete on reboot.
c:\Program Files (x86)\Funmoods\1.5.23.22\escortShld.dll (PUP.FunMoods) -> Delete on reboot.
c:\Program Files (x86)\Funmoods\1.5.23.22\FavIcon.ico (PUP.FunMoods) -> Delete on reboot.
c:\Program Files (x86)\Funmoods\1.5.23.22\uninstall.exe (PUP.FunMoods) -> Delete on reboot.

(end)
         
mbar-2
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1020
www.malwarebytes.org

Database version: v2013.02.12.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Vali :: VALI-PC [administrator]

12.02.2013 21:19:42
mbar-log-2013-02-12 (21-19-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30563
Time elapsed: 10 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         

Schaut ganz gut aus oder?

Viele Grüße aus München
Uli
__________________

Alt 12.02.2013, 20:45   #4
uli_lu
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7



oops, protokoll vom adwCleaner vergessen..

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.112 - Datei am 12/02/2013 um 21:23:02 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Vali - VALI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Vali\Desktop\adwcleaner0.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : Browser Manager
Gestoppt & Gelöscht : SProtection
Gestoppt & Gelöscht : Web Assistant Updater

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Users\Vali\AppData\Local\funmoods-speeddial.crx
Datei Gelöscht : C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\g2jbo56y.default\BrowserMngr_extensions.sqlite
Datei Gelöscht : C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\g2jbo56y.default\browsermngr_prefs.js
Datei Gelöscht : C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\g2jbo56y.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gelöscht : C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\g2jbo56y.default\searchplugins\SweetIm.xml
Gelöscht mit Neustart : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\BabylonToolbar
Ordner Gelöscht : C:\Program Files (x86)\DealPly
Ordner Gelöscht : C:\Program Files (x86)\FilesFrog Update Checker
Ordner Gelöscht : C:\Program Files (x86)\incredibar.com
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files\Web Assistant
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Vali\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Ordner Gelöscht : C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Ordner Gelöscht : C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Ordner Gelöscht : C:\Users\Vali\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Vali\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Vali\AppData\LocalLow\incredibar.com
Ordner Gelöscht : C:\Users\Vali\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\Vali\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\Vali\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Vali\AppData\Roaming\BabylonToolbar
Ordner Gelöscht : C:\Users\Vali\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Ordner Gelöscht : C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\g2jbo56y.default\SweetPacksToolbarData
Ordner Gelöscht : C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Ordner Gelöscht : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Ordner Gelöscht : C:\Windows\SysWOW64\WNLT

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\BrowserMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\DealPly
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKCU\Software\IGearSettings
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\incredibar.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKCU\Software\Somoto
Schlüssel Gelöscht : HKCU\Software\WNLT
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\Software\AVG Secure Search
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\BrowserMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\b
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\I
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\incredibar.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\Software\Web Assistant
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?st=2&barid={669FDFF8-E3A0-11E1-987F-F04DA29A61ED} --> hxxp://www.google.com
Gelöscht : [HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page]
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.funmoods.com/?f=2&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBzy0AyCtC0E0DzzyC0DyEtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2077873333 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBzy0AyCtC0E0DzzyC0DyEtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2077873333 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBzy0AyCtC0E0DzzyC0DyEtN0D0Tzu0CtBtByEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2077873333 --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (de)

Datei : C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\g2jbo56y.default\prefs.js

C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\g2jbo56y.default\user.js ... Gelöscht !

Gelöscht : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.1.0.10")[...]
Gelöscht : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=114347&tt=090812_ppc_3212_[...]
Gelöscht : user_pref("backup.old.browser.startup.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10016&barid[...]
Gelöscht : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb155?a=6R8BKlqZkq&loc=FF_NT");
Gelöscht : user_pref("browser.search.defaultenginename", "SweetIM Search");
Gelöscht : user_pref("browser.search.order.1", "Search the web (Babylon)");
Gelöscht : user_pref("browser.search.selectedEngine", "SearchTheWeb");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.iminent.com/?appId=C7BBB885-60DD-411D-A3EA-677F[...]
Gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gelöscht : user_pref("extensions.BabylonToolbar.id", "7c4e86d4000000000000c0cb3813afb0");
Gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15563");
Gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=114347&tt=090812_ppc_3212_7");
Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.612:32:33");
Gelöscht : user_pref("extensions.funmoods.aflt", "bndlr");
Gelöscht : user_pref("extensions.funmoods.autoRvrt", false);
Gelöscht : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Gelöscht : user_pref("extensions.funmoods.cntry", "DE");
Gelöscht : user_pref("extensions.funmoods.cv", "cv5");
Gelöscht : user_pref("extensions.funmoods.dfltLng", "");
Gelöscht : user_pref("extensions.funmoods.dfltSrch", true);
Gelöscht : user_pref("extensions.funmoods.dfltlng", "en");
Gelöscht : user_pref("extensions.funmoods.dfltsrch", true);
Gelöscht : user_pref("extensions.funmoods.dnsErr", true);
Gelöscht : user_pref("extensions.funmoods.envrmnt", "production");
Gelöscht : user_pref("extensions.funmoods.excTlbr", false);
Gelöscht : user_pref("extensions.funmoods.hdrMd5", "9B67AEF134B759E8F4B1785708DE3AA7");
Gelöscht : user_pref("extensions.funmoods.hmpg", true);
Gelöscht : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=bndlr&chnl=bndlr&cd=2Xzuy[...]
Gelöscht : user_pref("extensions.funmoods.hrdid", "F04DA29A61ED86D4");
Gelöscht : user_pref("extensions.funmoods.id", "F04DA29A61ED86D4");
Gelöscht : user_pref("extensions.funmoods.instlDay", "15563");
Gelöscht : user_pref("extensions.funmoods.instlRef", "bndlr");
Gelöscht : user_pref("extensions.funmoods.instlday", "15563");
Gelöscht : user_pref("extensions.funmoods.instlref", "bndlr");
Gelöscht : user_pref("extensions.funmoods.isDcmntCmplt", false);
Gelöscht : user_pref("extensions.funmoods.isdcmntcmplt", true);
Gelöscht : user_pref("extensions.funmoods.keywordurl", "");
Gelöscht : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2212:38:5");
Gelöscht : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Gelöscht : user_pref("extensions.funmoods.newTab", true);
Gelöscht : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=bndlr&chnl=bndlr&cd=2Xz[...]
Gelöscht : user_pref("extensions.funmoods.newtab", true);
Gelöscht : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=bndlr&chnl=bndlr&cd=2Xz[...]
Gelöscht : user_pref("extensions.funmoods.prdct", "funmoods");
Gelöscht : user_pref("extensions.funmoods.prtnrId", "funmoods");
Gelöscht : user_pref("extensions.funmoods.prtnrid", "funmoods");
Gelöscht : user_pref("extensions.funmoods.sg", "none");
Gelöscht : user_pref("extensions.funmoods.smplGrp", "none");
Gelöscht : user_pref("extensions.funmoods.smplgrp", "none");
Gelöscht : user_pref("extensions.funmoods.srch", "");
Gelöscht : user_pref("extensions.funmoods.srchPrvdr", "Search");
Gelöscht : user_pref("extensions.funmoods.srchprvdr", "Search");
Gelöscht : user_pref("extensions.funmoods.tlbrId", "base");
Gelöscht : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=bndlr&chnl=bndlr&cd=2[...]
Gelöscht : user_pref("extensions.funmoods.tlbrid", "base");
Gelöscht : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/?f=3&a=bndlr&chnl=bndlr&cd=2[...]
Gelöscht : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Gelöscht : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2212:38:5");
Gelöscht : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Gelöscht : user_pref("extensions.funmoods.vrsnts", "1.5.23.2212:38:5");
Gelöscht : user_pref("extensions.funmoods_i.newTab", true);
Gelöscht : user_pref("extensions.funmoods_i.smplGrp", "none");
Gelöscht : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2212:38:5");
Gelöscht : user_pref("extensions.incredibar.actvtyRptTime", "1344683974445");
Gelöscht : user_pref("extensions.incredibar.admin", false);
Gelöscht : user_pref("extensions.incredibar.aflt", "orgnl");
Gelöscht : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Gelöscht : user_pref("extensions.incredibar.cntry", "DE");
Gelöscht : user_pref("extensions.incredibar.dfltLng", "");
Gelöscht : user_pref("extensions.incredibar.dfltSrch", false);
Gelöscht : user_pref("extensions.incredibar.dfltlng", "en");
Gelöscht : user_pref("extensions.incredibar.dfltsrch", "false");
Gelöscht : user_pref("extensions.incredibar.did", "10657");
Gelöscht : user_pref("extensions.incredibar.envrmnt", "production");
Gelöscht : user_pref("extensions.incredibar.excTlbr", false);
Gelöscht : user_pref("extensions.incredibar.hdrMd5", "FAE22D877DD8D1B290032FD3259C7AD3");
Gelöscht : user_pref("extensions.incredibar.hmpg", false);
Gelöscht : user_pref("extensions.incredibar.hrdid", "7c4e86d4000000000000c0cb3813afb0");
Gelöscht : user_pref("extensions.incredibar.id", "7c4e86d4000000000000c0cb3813afb0");
Gelöscht : user_pref("extensions.incredibar.installerproductid", "26");
Gelöscht : user_pref("extensions.incredibar.instlDay", "15563");
Gelöscht : user_pref("extensions.incredibar.instlRef", "");
Gelöscht : user_pref("extensions.incredibar.instlday", "15563");
Gelöscht : user_pref("extensions.incredibar.instlref", "");
Gelöscht : user_pref("extensions.incredibar.isDcmntCmplt", true);
Gelöscht : user_pref("extensions.incredibar.isdcmntcmplt", "false");
Gelöscht : user_pref("extensions.incredibar.keywordurl", "");
Gelöscht : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1412:30:45");
Gelöscht : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Gelöscht : user_pref("extensions.incredibar.newTab", false);
Gelöscht : user_pref("extensions.incredibar.newtab", "false");
Gelöscht : user_pref("extensions.incredibar.newtaburl", "");
Gelöscht : user_pref("extensions.incredibar.noFFXTlbr", false);
Gelöscht : user_pref("extensions.incredibar.ppd", "");
Gelöscht : user_pref("extensions.incredibar.prdct", "incredibar");
Gelöscht : user_pref("extensions.incredibar.productid", "26");
Gelöscht : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Gelöscht : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Gelöscht : user_pref("extensions.incredibar.sg", "none");
Gelöscht : user_pref("extensions.incredibar.smplGrp", "none");
Gelöscht : user_pref("extensions.incredibar.smplgrp", "none");
Gelöscht : user_pref("extensions.incredibar.srch", "");
Gelöscht : user_pref("extensions.incredibar.srchprvdr", "");
Gelöscht : user_pref("extensions.incredibar.tlbrId", "base");
Gelöscht : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8BKlqZkq&loc=IB_T[...]
Gelöscht : user_pref("extensions.incredibar.tlbrid", "base");
Gelöscht : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6R8BKlqZkq&loc=IB_T[...]
Gelöscht : user_pref("extensions.incredibar.upn2", "6R8BKlqZkq");
Gelöscht : user_pref("extensions.incredibar.upn2n", "92824861857992678");
Gelöscht : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Gelöscht : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1412:30:45");
Gelöscht : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Gelöscht : user_pref("extensions.incredibar.vrsnts", "1.5.11.1412:30:45");
Gelöscht : user_pref("extensions.incredibar_i.aflt", "orgnl");
Gelöscht : user_pref("extensions.incredibar_i.dfltLng", "");
Gelöscht : user_pref("extensions.incredibar_i.did", "10657");
Gelöscht : user_pref("extensions.incredibar_i.excTlbr", false);
Gelöscht : user_pref("extensions.incredibar_i.id", "7c4e86d4000000000000c0cb3813afb0");
Gelöscht : user_pref("extensions.incredibar_i.installerproductid", "26");
Gelöscht : user_pref("extensions.incredibar_i.instlDay", "15563");
Gelöscht : user_pref("extensions.incredibar_i.instlRef", "");
Gelöscht : user_pref("extensions.incredibar_i.ms_url_id", "");
Gelöscht : user_pref("extensions.incredibar_i.newTab", false);
Gelöscht : user_pref("extensions.incredibar_i.ppd", "");
Gelöscht : user_pref("extensions.incredibar_i.prdct", "incredibar");
Gelöscht : user_pref("extensions.incredibar_i.productid", "26");
Gelöscht : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Gelöscht : user_pref("extensions.incredibar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.incredibar_i.tlbrId", "base");
Gelöscht : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8BKlqZkq&loc=IB[...]
Gelöscht : user_pref("extensions.incredibar_i.upn2", "6R8BKlqZkq");
Gelöscht : user_pref("extensions.incredibar_i.upn2n", "92824861857992678");
Gelöscht : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Gelöscht : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1412:30:45");
Gelöscht : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Gelöscht : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bfd9495a9-7b09-46a2-bbab-d7c3d5f196f7%[...]
Gelöscht : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Gelöscht : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Gelöscht : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Gelöscht : user_pref("sweetim.toolbar.Visibility.enable", "true");
Gelöscht : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Gelöscht : user_pref("sweetim.toolbar.cargo", "3.1010000.10016");
Gelöscht : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Gelöscht : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Gelöscht : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Gelöscht : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Gelöscht : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Gelöscht : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Gelöscht : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Gelöscht : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Gelöscht : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
Gelöscht : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Gelöscht : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Gelöscht : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Gelöscht : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Gelöscht : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Gelöscht : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Gelöscht : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Gelöscht : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Gelöscht : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Gelöscht : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Gelöscht : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Gelöscht : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Gelöscht : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Gelöscht : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Gelöscht : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Gelöscht : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Gelöscht : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Gelöscht : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Gelöscht : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Gelöscht : user_pref("sweetim.toolbar.mode.debug", "false");
Gelöscht : user_pref("sweetim.toolbar.newtab.created", "false");
Gelöscht : user_pref("sweetim.toolbar.newtab.enable", "true");
Gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");
Gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Search the web (Babylon)");
Gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://search.babylon.com/?affID=114[...]
Gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Gelöscht : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...]
Gelöscht : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Gelöscht : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Gelöscht : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Gelöscht : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Gelöscht : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Gelöscht : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Gelöscht : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Gelöscht : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.callback", "");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.predictad.com/scripts/publishers/sweetim/pre[...]
Gelöscht : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "true");
Gelöscht : user_pref("sweetim.toolbar.scripts.2.callback", "simVerification");
Gelöscht : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", "");
Gelöscht : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Gelöscht : user_pref("sweetim.toolbar.scripts.2.elementid", "id_script_sim_fb");
Gelöscht : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Gelöscht : user_pref("sweetim.toolbar.scripts.2.id", "id_script_fb_hxxpS");
Gelöscht : user_pref("sweetim.toolbar.scripts.2.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Gelöscht : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Gelöscht : user_pref("sweetim.toolbar.search.history.capacity", "10");
Gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "false");
Gelöscht : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Gelöscht : user_pref("sweetim.toolbar.simapp_id", "{669FDFF8-E3A0-11E1-987F-F04DA29A61ED}");
Gelöscht : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?st=2&barid={669FDFF8-E3A0-11E1-[...]
Gelöscht : user_pref("sweetim.toolbar.version", "1.9.0.0");
Gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://search.babylon.c[...]
Gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://isearch.avg.[...]
Gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v24.0.1312.57

Datei : C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [64123 octets] - [12/02/2013 21:23:02]

########## EOF - C:\AdwCleaner[S1].txt - [64184 octets] ##########
         
--- --- ---


Uli

Alt 13.02.2013, 15:20   #5
t'john
/// Helfer-Team
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7



Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



danach:

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).


__________________
Mfg, t'john
Das TB unterstützen

Alt 13.02.2013, 19:53   #6
uli_lu
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7



Hi,
hier die beiden files

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.3 (02.12.2013:1)
OS: Windows 7 Home Premium x64
Ran by Vali on 13.02.2013 at 20:01:44,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-3354740022-1682059011-2982652592-1001\software\web assistant"
Successfully deleted: [Registry Key] hkey_current_user\software\systweak
Successfully deleted: [Registry Key] hkey_local_machine\software\systweak



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\systweak"
Successfully deleted: [Folder] "C:\Users\Vali\AppData\Roaming\dealply"
Successfully deleted: [Folder] "C:\Users\Vali\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Program Files (x86)\advanced system protector"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.02.2013 at 20:12:30,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-13 20:16:08
-----------------------------
20:16:08.793    OS Version: Windows x64 6.1.7601 Service Pack 1
20:16:08.793    Number of processors: 4 586 0x2505
20:16:08.795    ComputerName: VALI-PC  UserName: Vali
20:16:10.264    Initialize success
20:18:13.637    AVAST engine defs: 13021300
20:19:15.636    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:19:15.639    Disk 0 Vendor: SAMSUNG_ 2AK1 Size: 610480MB BusType: 3
20:19:15.690    Disk 0 MBR read successfully
20:19:15.695    Disk 0 MBR scan
20:19:15.704    Disk 0 Windows 7 default MBR code
20:19:15.713    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      100 MB offset 2048
20:19:15.731    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 206848
20:19:15.752    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       595378 MB offset 30926848
20:19:15.850    Disk 0 scanning C:\Windows\system32\drivers
20:19:29.228    Service scanning
20:19:54.944    Modules scanning
20:19:54.959    Disk 0 trace - called modules:
20:19:54.978    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
20:19:54.990    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bde060]
20:19:55.000    3 CLASSPNP.SYS[fffff88001af543f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004950050]
20:19:55.807    AVAST engine scan C:\Windows
20:19:59.531    AVAST engine scan C:\Windows\system32
20:22:52.621    AVAST engine scan C:\Windows\system32\drivers
20:23:07.711    AVAST engine scan C:\Users\Vali
20:25:00.613    Disk 0 MBR has been saved successfully to "C:\Users\Vali\Desktop\MBR.dat"
20:25:00.619    The log file has been saved successfully to "C:\Users\Vali\Desktop\aswMBR.txt"
         
Vielen Dank und Grüße aus München

ULi

Alt 14.02.2013, 05:01   #7
t'john
/// Helfer-Team
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7



Sehr gut!

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


danach:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




danach:

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
Mfg, t'john
Das TB unterstützen

Alt 14.02.2013, 23:13   #8
uli_lu
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7



Hallo,

Code:
ATTFilter
17:45:22.0915 7960  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:45:23.0332 7960  ============================================================
17:45:23.0332 7960  Current date / time: 2013/02/14 17:45:23.0332
17:45:23.0332 7960  SystemInfo:
17:45:23.0332 7960  
17:45:23.0332 7960  OS Version: 6.1.7601 ServicePack: 1.0
17:45:23.0332 7960  Product type: Workstation
17:45:23.0333 7960  ComputerName: VALI-PC
17:45:23.0333 7960  UserName: Vali
17:45:23.0333 7960  Windows directory: C:\Windows
17:45:23.0333 7960  System windows directory: C:\Windows
17:45:23.0333 7960  Running under WOW64
17:45:23.0333 7960  Processor architecture: Intel x64
17:45:23.0333 7960  Number of processors: 4
17:45:23.0333 7960  Page size: 0x1000
17:45:23.0333 7960  Boot type: Normal boot
17:45:23.0333 7960  ============================================================
17:45:24.0493 7960  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:45:24.0499 7960  ============================================================
17:45:24.0499 7960  \Device\Harddisk0\DR0:
17:45:24.0499 7960  MBR partitions:
17:45:24.0499 7960  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
17:45:24.0499 7960  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
17:45:24.0499 7960  ============================================================
17:45:24.0528 7960  C: <-> \Device\Harddisk0\DR0\Partition2
17:45:24.0528 7960  ============================================================
17:45:24.0528 7960  Initialize success
17:45:24.0528 7960  ============================================================
17:45:29.0023 6700  ============================================================
17:45:29.0023 6700  Scan started
17:45:29.0023 6700  Mode: Manual; 
17:45:29.0023 6700  ============================================================
17:45:29.0190 6700  ================ Scan system memory ========================
17:45:29.0190 6700  System memory - ok
17:45:29.0190 6700  ================ Scan services =============================
17:45:29.0355 6700  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:45:29.0382 6700  1394ohci - ok
17:45:29.0488 6700  [ D8CA98E813D08E267E7E140BD22E073E ] acedrv09        C:\Windows\system32\drivers\acedrv09.sys
17:45:29.0506 6700  acedrv09 - ok
17:45:29.0535 6700  [ F535D9CF9AB68DF08D92AEB6D697EBDB ] acehlp09        C:\Windows\system32\drivers\acehlp09.sys
17:45:29.0545 6700  acehlp09 - ok
17:45:29.0619 6700  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:45:29.0635 6700  ACPI - ok
17:45:29.0667 6700  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:45:29.0672 6700  AcpiPmi - ok
17:45:29.0780 6700  [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:45:29.0793 6700  AdobeFlashPlayerUpdateSvc - ok
17:45:29.0841 6700  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:45:29.0859 6700  adp94xx - ok
17:45:29.0887 6700  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:45:29.0901 6700  adpahci - ok
17:45:29.0909 6700  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:45:29.0919 6700  adpu320 - ok
17:45:29.0944 6700  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:45:29.0948 6700  AeLookupSvc - ok
17:45:30.0027 6700  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
17:45:30.0077 6700  AESTFilters - ok
17:45:30.0141 6700  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:45:30.0161 6700  AFD - ok
17:45:30.0227 6700  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:45:30.0237 6700  agp440 - ok
17:45:30.0269 6700  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:45:30.0285 6700  ALG - ok
17:45:30.0330 6700  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:45:30.0339 6700  aliide - ok
17:45:30.0384 6700  [ 388E79AF1C9E4D84A8559FA77F804CF6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:45:30.0416 6700  AMD External Events Utility - ok
17:45:30.0457 6700  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:45:30.0465 6700  amdide - ok
17:45:30.0505 6700  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:45:30.0512 6700  AmdK8 - ok
17:45:30.0670 6700  [ 79A11CB10FF02A8425DABBB040249F7D ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:45:30.0826 6700  amdkmdag - ok
17:45:30.0908 6700  [ 6F6D47246FBB0CF65619684A0F89179E ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:45:30.0925 6700  amdkmdap - ok
17:45:30.0989 6700  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:45:31.0002 6700  AmdPPM - ok
17:45:31.0107 6700  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:45:31.0129 6700  amdsata - ok
17:45:31.0192 6700  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:45:31.0216 6700  amdsbs - ok
17:45:31.0272 6700  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:45:31.0291 6700  amdxata - ok
17:45:31.0394 6700  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:45:31.0443 6700  AppID - ok
17:45:31.0480 6700  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:45:31.0496 6700  AppIDSvc - ok
17:45:31.0558 6700  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
17:45:31.0574 6700  Appinfo - ok
17:45:31.0896 6700  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:45:31.0904 6700  Apple Mobile Device - ok
17:45:31.0980 6700  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:45:32.0004 6700  arc - ok
17:45:32.0038 6700  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:45:32.0048 6700  arcsas - ok
17:45:32.0074 6700  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:45:32.0082 6700  AsyncMac - ok
17:45:32.0208 6700  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:45:32.0226 6700  atapi - ok
17:45:32.0352 6700  [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
17:45:32.0365 6700  AtiHdmiService - ok
17:45:32.0469 6700  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:45:32.0529 6700  AudioEndpointBuilder - ok
17:45:32.0559 6700  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:45:32.0566 6700  AudioSrv - ok
17:45:33.0047 6700  [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
17:45:33.0086 6700  AVGIDSAgent - ok
17:45:33.0169 6700  [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:45:33.0226 6700  AVGIDSDriver - ok
17:45:33.0260 6700  [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter    C:\Windows\system32\DRIVERS\avgidsfiltera.sys
17:45:33.0273 6700  AVGIDSFilter - ok
17:45:33.0386 6700  [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
17:45:33.0463 6700  AVGIDSHA - ok
17:45:33.0554 6700  [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
17:45:33.0626 6700  Avgldx64 - ok
17:45:33.0696 6700  [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
17:45:33.0748 6700  Avgmfx64 - ok
17:45:33.0801 6700  [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
17:45:33.0828 6700  Avgrkx64 - ok
17:45:33.0937 6700  [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
17:45:34.0087 6700  Avgtdia - ok
17:45:34.0130 6700  [ B4FBFADDA6B39AB24456C45C03EF3991 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
17:45:34.0152 6700  avgtp - ok
17:45:34.0246 6700  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:45:34.0258 6700  avgwd - ok
17:45:34.0366 6700  [ BD39D7CFD9D6A73396B618113A8E8D57 ] avmaudio        C:\Windows\system32\DRIVERS\avmaudio.sys
17:45:34.0372 6700  avmaudio - ok
17:45:34.0462 6700  [ 6A300AD0E23A155B2C3A7FAB0D4AABD1 ] avmaura         C:\Windows\system32\DRIVERS\avmaura.sys
17:45:34.0472 6700  avmaura - ok
17:45:34.0535 6700  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:45:34.0547 6700  AxInstSV - ok
17:45:34.0623 6700  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:45:34.0666 6700  b06bdrv - ok
17:45:34.0726 6700  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:45:34.0746 6700  b57nd60a - ok
17:45:35.0057 6700  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
17:45:35.0073 6700  BBSvc - ok
17:45:35.0198 6700  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
17:45:35.0234 6700  BBUpdate - ok
17:45:35.0324 6700  [ AC4E2D84DE54CD3A013AEFF0CC56095C ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
17:45:35.0335 6700  BCM42RLY - ok
17:45:35.0631 6700  [ 8B5D16D20774FC3727F44E161BE2C0AC ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
17:45:35.0717 6700  BCM43XX - ok
17:45:35.0792 6700  [ D224B2E6BB543F1D8F1177D57FEC2950 ] BcmVWL          C:\Windows\system32\DRIVERS\bcmvwl64.sys
17:45:35.0809 6700  BcmVWL - ok
17:45:35.0853 6700  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:45:35.0860 6700  BDESVC - ok
17:45:35.0891 6700  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:45:35.0897 6700  Beep - ok
17:45:35.0965 6700  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:45:35.0989 6700  BFE - ok
17:45:36.0046 6700  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:45:36.0097 6700  BITS - ok
17:45:36.0136 6700  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:45:36.0143 6700  blbdrive - ok
17:45:36.0205 6700  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:45:36.0223 6700  Bonjour Service - ok
17:45:36.0312 6700  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:45:36.0319 6700  bowser - ok
17:45:36.0395 6700  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:45:36.0401 6700  BrFiltLo - ok
17:45:36.0407 6700  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:45:36.0412 6700  BrFiltUp - ok
17:45:36.0460 6700  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:45:36.0482 6700  Browser - ok
17:45:36.0511 6700  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:45:36.0541 6700  Brserid - ok
17:45:36.0549 6700  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:45:36.0556 6700  BrSerWdm - ok
17:45:36.0562 6700  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:45:36.0566 6700  BrUsbMdm - ok
17:45:36.0572 6700  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:45:36.0576 6700  BrUsbSer - ok
17:45:36.0657 6700  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
17:45:36.0661 6700  BthEnum - ok
17:45:36.0676 6700  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:45:36.0681 6700  BTHMODEM - ok
17:45:36.0717 6700  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
17:45:36.0724 6700  BthPan - ok
17:45:36.0766 6700  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
17:45:36.0785 6700  BTHPORT - ok
17:45:36.0823 6700  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:45:36.0830 6700  bthserv - ok
17:45:36.0866 6700  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
17:45:36.0871 6700  BTHUSB - ok
17:45:36.0918 6700  [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
17:45:36.0926 6700  btusbflt - ok
17:45:36.0958 6700  [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
17:45:36.0966 6700  btwaudio - ok
17:45:37.0006 6700  [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
17:45:37.0017 6700  btwavdt - ok
17:45:37.0105 6700  [ 10FFB5FA51D5713D872B41A59DFC2213 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
17:45:37.0145 6700  btwdins - ok
17:45:37.0175 6700  [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
17:45:37.0181 6700  btwl2cap - ok
17:45:37.0227 6700  [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
17:45:37.0234 6700  btwrchid - ok
17:45:37.0258 6700  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:45:37.0265 6700  cdfs - ok
17:45:37.0313 6700  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
17:45:37.0320 6700  cdrom - ok
17:45:37.0372 6700  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:45:37.0379 6700  CertPropSvc - ok
17:45:37.0417 6700  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:45:37.0422 6700  circlass - ok
17:45:37.0448 6700  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:45:37.0462 6700  CLFS - ok
17:45:37.0533 6700  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:45:37.0545 6700  clr_optimization_v2.0.50727_32 - ok
17:45:37.0600 6700  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:45:37.0611 6700  clr_optimization_v2.0.50727_64 - ok
17:45:37.0677 6700  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:45:37.0727 6700  clr_optimization_v4.0.30319_32 - ok
17:45:37.0755 6700  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:45:37.0777 6700  clr_optimization_v4.0.30319_64 - ok
17:45:37.0802 6700  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:45:37.0806 6700  CmBatt - ok
17:45:37.0819 6700  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:45:37.0825 6700  cmdide - ok
17:45:37.0861 6700  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
17:45:37.0930 6700  CNG - ok
17:45:37.0960 6700  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:45:37.0967 6700  Compbatt - ok
17:45:38.0000 6700  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:45:38.0004 6700  CompositeBus - ok
17:45:38.0019 6700  COMSysApp - ok
17:45:38.0067 6700  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:45:38.0075 6700  crcdisk - ok
17:45:38.0108 6700  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:45:38.0124 6700  CryptSvc - ok
17:45:38.0166 6700  [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
17:45:38.0176 6700  CtClsFlt - ok
17:45:38.0258 6700  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:45:38.0298 6700  cvhsvc - ok
17:45:38.0338 6700  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:45:38.0352 6700  DcomLaunch - ok
17:45:38.0386 6700  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:45:38.0396 6700  defragsvc - ok
17:45:38.0447 6700  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:45:38.0456 6700  DfsC - ok
17:45:38.0528 6700  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:45:38.0542 6700  Dhcp - ok
17:45:38.0575 6700  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:45:38.0581 6700  discache - ok
17:45:38.0618 6700  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:45:38.0636 6700  Disk - ok
17:45:38.0670 6700  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:45:38.0679 6700  Dnscache - ok
17:45:38.0745 6700  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
17:45:38.0780 6700  DockLoginService - ok
17:45:38.0824 6700  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:45:38.0833 6700  dot3svc - ok
17:45:38.0862 6700  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:45:38.0869 6700  DPS - ok
17:45:38.0891 6700  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:45:38.0895 6700  drmkaud - ok
17:45:38.0953 6700  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:45:38.0980 6700  DXGKrnl - ok
17:45:39.0016 6700  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:45:39.0025 6700  EapHost - ok
17:45:39.0120 6700  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:45:39.0189 6700  ebdrv - ok
17:45:39.0219 6700  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:45:39.0224 6700  EFS - ok
17:45:39.0290 6700  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:45:39.0328 6700  ehRecvr - ok
17:45:39.0355 6700  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:45:39.0362 6700  ehSched - ok
17:45:39.0393 6700  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:45:39.0412 6700  elxstor - ok
17:45:39.0449 6700  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:45:39.0454 6700  ErrDev - ok
17:45:39.0485 6700  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:45:39.0498 6700  EventSystem - ok
17:45:39.0512 6700  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:45:39.0521 6700  exfat - ok
17:45:39.0574 6700  F-Secure BlackLight Sensor - ok
17:45:39.0699 6700  [ 02B4F8124E6F1CD6B16ACA7B848C762C ] F-Secure Gatekeeper C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys
17:45:39.0703 6700  F-Secure Gatekeeper - ok
17:45:39.0752 6700  [ 2346842F07E2AB64D1DC83A67FCCDFA1 ] F-Secure Gatekeeper Handler Starter C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\fsgk32st.exe
17:45:39.0757 6700  F-Secure Gatekeeper Handler Starter - ok
17:45:39.0807 6700  [ 0923C7370D08AA0E167F24FDEE24A333 ] F-Secure HIPS   C:\Program Files (x86)\M-net\Sicherheitspaket\HIPS\drivers\fshs.sys
17:45:39.0812 6700  F-Secure HIPS - ok
17:45:39.0836 6700  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:45:39.0845 6700  fastfat - ok
17:45:39.0896 6700  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:45:39.0921 6700  Fax - ok
17:45:39.0939 6700  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:45:39.0944 6700  fdc - ok
17:45:39.0970 6700  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:45:39.0975 6700  fdPHost - ok
17:45:39.0986 6700  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:45:39.0992 6700  FDResPub - ok
17:45:40.0042 6700  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:45:40.0053 6700  FileInfo - ok
17:45:40.0073 6700  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:45:40.0078 6700  Filetrace - ok
17:45:40.0094 6700  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:45:40.0099 6700  flpydisk - ok
17:45:40.0117 6700  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:45:40.0143 6700  FltMgr - ok
17:45:40.0193 6700  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
17:45:40.0237 6700  FontCache - ok
17:45:40.0279 6700  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:45:40.0289 6700  FontCache3.0.0.0 - ok
17:45:40.0315 6700  fsbl - ok
17:45:40.0373 6700  [ F59F2C574AA5D84477EB89F87C938F16 ] fsbts           C:\Windows\system32\Drivers\fsbts.sys
17:45:40.0382 6700  fsbts - ok
17:45:40.0390 6700  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:45:40.0399 6700  FsDepends - ok
17:45:40.0466 6700  [ D40A0EE11B934E0472AB8A4BBF46D6D8 ] FSDFWD          C:\Program Files (x86)\M-net\Sicherheitspaket\FWES\Program\fsdfwd.exe
17:45:40.0483 6700  FSDFWD - ok
17:45:40.0507 6700  [ 06C487127857CA7DD0BB6051D454DD90 ] FSES            C:\Windows\system32\drivers\fses.sys
17:45:40.0529 6700  FSES - ok
17:45:40.0544 6700  [ F68D7041A3A6F4707237891D476DD412 ] FSFW            C:\Windows\system32\drivers\fsdfw.sys
17:45:40.0553 6700  FSFW - ok
17:45:40.0592 6700  [ 8A556A81E9FF95BD9EB7207783E8FCF4 ] FSMA            C:\Program Files (x86)\M-net\Sicherheitspaket\Common\FSMA32.EXE
17:45:40.0596 6700  FSMA - ok
17:45:40.0637 6700  [ 42AEF6A385354ACA65FC210CE7CE4D7C ] FSORSPClient    C:\Program Files (x86)\M-net\Sicherheitspaket\ORSP Client\fsorsp.exe
17:45:40.0639 6700  FSORSPClient - ok
17:45:40.0684 6700  [ 2BF3B36B96D015AF666B6AA63AE2E38F ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
17:45:40.0703 6700  fssfltr - ok
17:45:40.0805 6700  [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:45:40.0829 6700  fsssvc - ok
17:45:40.0874 6700  [ CA7903A77FE92A11045DAB462574009F ] fsvista         C:\Program Files (x86)\M-net\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys
17:45:40.0877 6700  fsvista - ok
17:45:40.0908 6700  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:45:40.0927 6700  Fs_Rec - ok
17:45:40.0986 6700  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:45:41.0003 6700  fvevol - ok
17:45:41.0051 6700  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:45:41.0060 6700  gagp30kx - ok
17:45:41.0144 6700  [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
17:45:41.0182 6700  GameConsoleService - ok
17:45:41.0222 6700  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:45:41.0272 6700  GEARAspiWDM - ok
17:45:41.0334 6700  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:45:41.0361 6700  gpsvc - ok
17:45:41.0387 6700  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:45:41.0391 6700  hcw85cir - ok
17:45:41.0429 6700  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:45:41.0439 6700  HdAudAddService - ok
17:45:41.0469 6700  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:45:41.0491 6700  HDAudBus - ok
17:45:41.0533 6700  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
17:45:41.0541 6700  HECIx64 - ok
17:45:41.0559 6700  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:45:41.0569 6700  HidBatt - ok
17:45:41.0575 6700  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:45:41.0581 6700  HidBth - ok
17:45:41.0595 6700  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:45:41.0600 6700  HidIr - ok
17:45:41.0624 6700  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
17:45:41.0630 6700  hidserv - ok
17:45:41.0665 6700  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:45:41.0753 6700  HidUsb - ok
17:45:41.0791 6700  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:45:41.0817 6700  hkmsvc - ok
17:45:41.0867 6700  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:45:41.0893 6700  HomeGroupListener - ok
17:45:41.0926 6700  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:45:41.0939 6700  HomeGroupProvider - ok
17:45:41.0977 6700  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:45:41.0989 6700  HpSAMD - ok
17:45:42.0093 6700  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:45:42.0117 6700  HTTP - ok
17:45:42.0150 6700  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:45:42.0178 6700  hwpolicy - ok
17:45:42.0222 6700  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:45:42.0230 6700  i8042prt - ok
17:45:42.0266 6700  [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
17:45:42.0287 6700  iaStor - ok
17:45:42.0336 6700  [ A9BE186ABF28B3D3D698CB855EDF457E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:45:42.0342 6700  IAStorDataMgrSvc - ok
17:45:42.0372 6700  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:45:42.0388 6700  iaStorV - ok
17:45:42.0440 6700  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:45:42.0480 6700  idsvc - ok
17:45:42.0532 6700  [ E28602C9E17B0DDCE9F5DEB3B3E2A635 ] IGDCTRL         C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE
17:45:42.0540 6700  IGDCTRL - ok
17:45:42.0694 6700  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:45:42.0783 6700  igfx - ok
17:45:42.0802 6700  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:45:42.0813 6700  iirsp - ok
17:45:42.0864 6700  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:45:42.0893 6700  IKEEXT - ok
17:45:42.0930 6700  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:45:42.0938 6700  intelide - ok
17:45:42.0960 6700  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:45:42.0965 6700  intelppm - ok
17:45:42.0989 6700  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:45:42.0997 6700  IPBusEnum - ok
17:45:43.0060 6700  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:45:43.0068 6700  IpFilterDriver - ok
17:45:43.0114 6700  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:45:43.0132 6700  iphlpsvc - ok
17:45:43.0165 6700  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:45:43.0171 6700  IPMIDRV - ok
17:45:43.0189 6700  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:45:43.0197 6700  IPNAT - ok
17:45:43.0293 6700  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:45:43.0379 6700  iPod Service - ok
17:45:43.0417 6700  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:45:43.0422 6700  IRENUM - ok
17:45:43.0454 6700  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:45:43.0463 6700  isapnp - ok
17:45:43.0500 6700  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:45:43.0513 6700  iScsiPrt - ok
17:45:43.0556 6700  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:45:43.0584 6700  kbdclass - ok
17:45:43.0616 6700  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:45:43.0621 6700  kbdhid - ok
17:45:43.0636 6700  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:45:43.0639 6700  KeyIso - ok
17:45:43.0666 6700  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:45:43.0690 6700  KSecDD - ok
17:45:43.0732 6700  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:45:43.0746 6700  KSecPkg - ok
17:45:43.0773 6700  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:45:43.0778 6700  ksthunk - ok
17:45:43.0808 6700  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:45:43.0846 6700  KtmRm - ok
17:45:43.0888 6700  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:45:43.0899 6700  LanmanServer - ok
17:45:43.0929 6700  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:45:43.0958 6700  LanmanWorkstation - ok
17:45:44.0003 6700  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:45:44.0010 6700  lltdio - ok
17:45:44.0079 6700  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:45:44.0092 6700  lltdsvc - ok
17:45:44.0106 6700  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:45:44.0125 6700  lmhosts - ok
17:45:44.0216 6700  [ 5460828F8951D310B42B442877603B8D ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:45:44.0250 6700  LMS - ok
17:45:44.0284 6700  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:45:44.0294 6700  LSI_FC - ok
17:45:44.0307 6700  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:45:44.0316 6700  LSI_SAS - ok
17:45:44.0331 6700  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:45:44.0339 6700  LSI_SAS2 - ok
17:45:44.0355 6700  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:45:44.0364 6700  LSI_SCSI - ok
17:45:44.0385 6700  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:45:44.0392 6700  luafv - ok
17:45:44.0486 6700  [ 3E6C47A46BDDE1B6B084012B5B69C069 ] Maxtor Sync Service C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe
17:45:44.0498 6700  Maxtor Sync Service - ok
17:45:44.0550 6700  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:45:44.0560 6700  Mcx2Svc - ok
17:45:44.0593 6700  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:45:44.0600 6700  megasas - ok
17:45:44.0614 6700  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:45:44.0627 6700  MegaSR - ok
17:45:44.0653 6700  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:45:44.0665 6700  MMCSS - ok
17:45:44.0680 6700  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:45:44.0686 6700  Modem - ok
17:45:44.0721 6700  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:45:44.0726 6700  monitor - ok
17:45:44.0770 6700  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
17:45:44.0778 6700  mouclass - ok
17:45:44.0816 6700  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:45:44.0821 6700  mouhid - ok
17:45:44.0853 6700  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:45:44.0862 6700  mountmgr - ok
17:45:44.0922 6700  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:45:44.0932 6700  MozillaMaintenance - ok
17:45:44.0965 6700  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:45:44.0976 6700  mpio - ok
17:45:45.0002 6700  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:45:45.0008 6700  mpsdrv - ok
17:45:45.0059 6700  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:45:45.0086 6700  MpsSvc - ok
17:45:45.0129 6700  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:45:45.0137 6700  MRxDAV - ok
17:45:45.0169 6700  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:45:45.0177 6700  mrxsmb - ok
17:45:45.0203 6700  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:45:45.0215 6700  mrxsmb10 - ok
17:45:45.0233 6700  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:45:45.0268 6700  mrxsmb20 - ok
17:45:45.0297 6700  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:45:45.0305 6700  msahci - ok
17:45:45.0332 6700  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:45:45.0341 6700  msdsm - ok
17:45:45.0368 6700  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:45:45.0376 6700  MSDTC - ok
17:45:45.0401 6700  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:45:45.0407 6700  Msfs - ok
17:45:45.0439 6700  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:45:45.0443 6700  mshidkmdf - ok
17:45:45.0462 6700  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:45:45.0470 6700  msisadrv - ok
17:45:45.0495 6700  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:45:45.0504 6700  MSiSCSI - ok
17:45:45.0508 6700  msiserver - ok
17:45:45.0535 6700  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:45:45.0549 6700  MSKSSRV - ok
17:45:45.0567 6700  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:45:45.0571 6700  MSPCLOCK - ok
17:45:45.0583 6700  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:45:45.0587 6700  MSPQM - ok
17:45:45.0631 6700  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:45:45.0650 6700  MsRPC - ok
17:45:45.0671 6700  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:45:45.0679 6700  mssmbios - ok
17:45:45.0713 6700  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:45:45.0718 6700  MSTEE - ok
17:45:45.0738 6700  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:45:45.0742 6700  MTConfig - ok
17:45:45.0771 6700  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:45:45.0793 6700  Mup - ok
17:45:45.0837 6700  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:45:45.0858 6700  napagent - ok
17:45:45.0891 6700  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:45:45.0905 6700  NativeWifiP - ok
17:45:46.0007 6700  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:45:46.0035 6700  NDIS - ok
17:45:46.0062 6700  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:45:46.0067 6700  NdisCap - ok
17:45:46.0097 6700  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:45:46.0102 6700  NdisTapi - ok
17:45:46.0135 6700  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:45:46.0140 6700  Ndisuio - ok
17:45:46.0180 6700  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:45:46.0195 6700  NdisWan - ok
17:45:46.0232 6700  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:45:46.0238 6700  NDProxy - ok
17:45:46.0261 6700  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:45:46.0267 6700  NetBIOS - ok
17:45:46.0290 6700  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:45:46.0300 6700  NetBT - ok
17:45:46.0321 6700  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:45:46.0323 6700  Netlogon - ok
17:45:46.0363 6700  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:45:46.0379 6700  Netman - ok
17:45:46.0390 6700  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:45:46.0405 6700  netprofm - ok
17:45:46.0427 6700  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:45:46.0436 6700  NetTcpPortSharing - ok
17:45:46.0461 6700  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:45:46.0468 6700  nfrd960 - ok
17:45:46.0507 6700  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:45:46.0519 6700  NlaSvc - ok
17:45:46.0538 6700  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:45:46.0555 6700  Npfs - ok
17:45:46.0586 6700  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:45:46.0592 6700  nsi - ok
17:45:46.0603 6700  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:45:46.0608 6700  nsiproxy - ok
17:45:46.0684 6700  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:45:46.0741 6700  Ntfs - ok
17:45:46.0772 6700  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:45:46.0776 6700  Null - ok
17:45:46.0854 6700  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:45:46.0881 6700  nvraid - ok
17:45:46.0911 6700  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:45:46.0936 6700  nvstor - ok
17:45:46.0988 6700  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:45:47.0002 6700  nv_agp - ok
17:45:47.0057 6700  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:45:47.0077 6700  ohci1394 - ok
17:45:47.0124 6700  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:45:47.0168 6700  ose - ok
17:45:47.0309 6700  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:45:47.0385 6700  osppsvc - ok
17:45:47.0425 6700  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:45:47.0441 6700  p2pimsvc - ok
17:45:47.0461 6700  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:45:47.0492 6700  p2psvc - ok
17:45:47.0522 6700  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:45:47.0529 6700  Parport - ok
17:45:47.0554 6700  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:45:47.0576 6700  partmgr - ok
17:45:47.0586 6700  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:45:47.0598 6700  PcaSvc - ok
17:45:47.0627 6700  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:45:47.0636 6700  pci - ok
17:45:47.0662 6700  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:45:47.0668 6700  pciide - ok
17:45:47.0685 6700  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:45:47.0703 6700  pcmcia - ok
17:45:47.0728 6700  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:45:47.0736 6700  pcw - ok
17:45:47.0762 6700  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:45:47.0780 6700  PEAUTH - ok
17:45:47.0851 6700  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:45:47.0857 6700  PerfHost - ok
17:45:47.0927 6700  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:45:47.0961 6700  pla - ok
17:45:48.0048 6700  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:45:48.0068 6700  PlugPlay - ok
17:45:48.0109 6700  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:45:48.0116 6700  PNRPAutoReg - ok
17:45:48.0136 6700  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:45:48.0142 6700  PNRPsvc - ok
17:45:48.0163 6700  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:45:48.0178 6700  PolicyAgent - ok
17:45:48.0208 6700  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:45:48.0218 6700  Power - ok
17:45:48.0252 6700  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:45:48.0259 6700  PptpMiniport - ok
17:45:48.0287 6700  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:45:48.0293 6700  Processor - ok
17:45:48.0320 6700  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:45:48.0329 6700  ProfSvc - ok
17:45:48.0342 6700  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:45:48.0345 6700  ProtectedStorage - ok
17:45:48.0393 6700  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:45:48.0403 6700  Psched - ok
17:45:48.0440 6700  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
17:45:48.0449 6700  PxHlpa64 - ok
17:45:48.0520 6700  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:45:48.0560 6700  ql2300 - ok
17:45:48.0586 6700  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:45:48.0595 6700  ql40xx - ok
17:45:48.0625 6700  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:45:48.0650 6700  QWAVE - ok
17:45:48.0667 6700  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:45:48.0674 6700  QWAVEdrv - ok
17:45:48.0696 6700  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:45:48.0701 6700  RasAcd - ok
17:45:48.0727 6700  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:45:48.0733 6700  RasAgileVpn - ok
17:45:48.0749 6700  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:45:48.0756 6700  RasAuto - ok
17:45:48.0796 6700  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:45:48.0806 6700  Rasl2tp - ok
17:45:48.0846 6700  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:45:48.0859 6700  RasMan - ok
17:45:48.0883 6700  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:45:48.0889 6700  RasPppoe - ok
17:45:48.0901 6700  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:45:48.0907 6700  RasSstp - ok
17:45:48.0943 6700  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:45:48.0972 6700  rdbss - ok
17:45:49.0002 6700  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:45:49.0007 6700  rdpbus - ok
17:45:49.0052 6700  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:45:49.0057 6700  RDPCDD - ok
17:45:49.0094 6700  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:45:49.0113 6700  RDPENCDD - ok
17:45:49.0132 6700  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:45:49.0136 6700  RDPREFMP - ok
17:45:49.0189 6700  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:45:49.0193 6700  RdpVideoMiniport - ok
17:45:49.0226 6700  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:45:49.0265 6700  RDPWD - ok
17:45:49.0293 6700  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:45:49.0305 6700  rdyboost - ok
17:45:49.0335 6700  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:45:49.0355 6700  RemoteAccess - ok
17:45:49.0384 6700  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:45:49.0393 6700  RemoteRegistry - ok
17:45:49.0432 6700  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
17:45:49.0441 6700  RFCOMM - ok
17:45:49.0467 6700  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:45:49.0474 6700  RpcEptMapper - ok
17:45:49.0485 6700  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:45:49.0490 6700  RpcLocator - ok
17:45:49.0532 6700  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:45:49.0539 6700  RpcSs - ok
17:45:49.0588 6700  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:45:49.0614 6700  rspndr - ok
17:45:49.0668 6700  [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
17:45:49.0718 6700  RSUSBSTOR - ok
17:45:49.0755 6700  [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:45:49.0798 6700  RTL8167 - ok
17:45:49.0815 6700  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:45:49.0818 6700  SamSs - ok
17:45:49.0867 6700  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:45:49.0876 6700  sbp2port - ok
17:45:49.0923 6700  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:45:49.0936 6700  SCardSvr - ok
17:45:49.0967 6700  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:45:49.0973 6700  scfilter - ok
17:45:50.0038 6700  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:45:50.0071 6700  Schedule - ok
17:45:50.0145 6700  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:45:50.0148 6700  SCPolicySvc - ok
17:45:50.0203 6700  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:45:50.0230 6700  SDRSVC - ok
17:45:50.0268 6700  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:45:50.0274 6700  secdrv - ok
17:45:50.0309 6700  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:45:50.0316 6700  seclogon - ok
17:45:50.0349 6700  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:45:50.0369 6700  SENS - ok
17:45:50.0385 6700  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:45:50.0392 6700  SensrSvc - ok
17:45:50.0405 6700  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:45:50.0424 6700  Serenum - ok
17:45:50.0484 6700  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:45:50.0493 6700  Serial - ok
17:45:50.0540 6700  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:45:50.0545 6700  sermouse - ok
17:45:50.0588 6700  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:45:50.0610 6700  SessionEnv - ok
17:45:50.0637 6700  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:45:50.0642 6700  sffdisk - ok
17:45:50.0658 6700  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:45:50.0663 6700  sffp_mmc - ok
17:45:50.0674 6700  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:45:50.0693 6700  sffp_sd - ok
17:45:50.0714 6700  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:45:50.0718 6700  sfloppy - ok
17:45:50.0790 6700  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
17:45:50.0819 6700  Sftfs - ok
17:45:50.0892 6700  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:45:50.0938 6700  sftlist - ok
17:45:50.0956 6700  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:45:50.0982 6700  Sftplay - ok
17:45:51.0003 6700  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:45:51.0009 6700  Sftredir - ok
17:45:51.0102 6700  [ CF53DCCE55E500F51089774E851E7363 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:45:51.0120 6700  SftService - ok
17:45:51.0136 6700  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
17:45:51.0143 6700  Sftvol - ok
17:45:51.0175 6700  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:45:51.0212 6700  sftvsa - ok
17:45:51.0252 6700  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:45:51.0268 6700  SharedAccess - ok
17:45:51.0301 6700  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:45:51.0318 6700  ShellHWDetection - ok
17:45:51.0342 6700  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:45:51.0350 6700  SiSRaid2 - ok
17:45:51.0377 6700  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:45:51.0386 6700  SiSRaid4 - ok
17:45:51.0461 6700  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:45:51.0473 6700  SkypeUpdate - ok
17:45:51.0498 6700  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:45:51.0505 6700  Smb - ok
17:45:51.0546 6700  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:45:51.0560 6700  SNMPTRAP - ok
17:45:51.0576 6700  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:45:51.0585 6700  spldr - ok
17:45:51.0620 6700  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:45:51.0637 6700  Spooler - ok
17:45:51.0749 6700  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:45:51.0824 6700  sppsvc - ok
17:45:51.0836 6700  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:45:51.0843 6700  sppuinotify - ok
17:45:51.0919 6700  [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
17:45:51.0942 6700  sprtsvc_DellSupportCenter - ok
17:45:51.0990 6700  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:45:52.0009 6700  srv - ok
17:45:52.0042 6700  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:45:52.0070 6700  srv2 - ok
17:45:52.0093 6700  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:45:52.0101 6700  srvnet - ok
17:45:52.0134 6700  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:45:52.0143 6700  SSDPSRV - ok
17:45:52.0162 6700  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:45:52.0170 6700  SstpSvc - ok
17:45:52.0217 6700  [ 463E33B1EA7AF1E6EB87B66B831DB41A ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
17:45:52.0240 6700  STacSV - ok
17:45:52.0262 6700  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:45:52.0269 6700  stexstor - ok
17:45:52.0310 6700  [ 4304B75094E106FB5423A290C95841E5 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
17:45:52.0332 6700  STHDA - ok
17:45:52.0381 6700  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:45:52.0403 6700  stisvc - ok
17:45:52.0428 6700  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:45:52.0435 6700  swenum - ok
17:45:52.0463 6700  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:45:52.0480 6700  swprv - ok
17:45:52.0528 6700  [ 8A3FBCB3D6D4710730D27DA4392A4863 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:45:52.0546 6700  SynTP - ok
17:45:52.0613 6700  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:45:52.0654 6700  SysMain - ok
17:45:52.0687 6700  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:45:52.0695 6700  TabletInputService - ok
17:45:52.0735 6700  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:45:52.0753 6700  TapiSrv - ok
17:45:52.0786 6700  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:45:52.0796 6700  TBS - ok
17:45:52.0878 6700  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:45:52.0925 6700  Tcpip - ok
17:45:52.0957 6700  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:45:52.0975 6700  TCPIP6 - ok
17:45:53.0008 6700  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:45:53.0014 6700  tcpipreg - ok
17:45:53.0069 6700  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:45:53.0076 6700  TDPIPE - ok
17:45:53.0111 6700  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:45:53.0116 6700  TDTCP - ok
17:45:53.0150 6700  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:45:53.0167 6700  tdx - ok
17:45:53.0197 6700  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:45:53.0205 6700  TermDD - ok
17:45:53.0252 6700  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:45:53.0276 6700  TermService - ok
17:45:53.0300 6700  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:45:53.0306 6700  Themes - ok
17:45:53.0329 6700  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:45:53.0333 6700  THREADORDER - ok
17:45:53.0352 6700  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:45:53.0360 6700  TrkWks - ok
17:45:53.0420 6700  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:45:53.0445 6700  TrustedInstaller - ok
17:45:53.0479 6700  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:45:53.0485 6700  tssecsrv - ok
17:45:53.0523 6700  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:45:53.0604 6700  TsUsbFlt - ok
17:45:53.0663 6700  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:45:53.0672 6700  tunnel - ok
17:45:53.0699 6700  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:45:53.0720 6700  uagp35 - ok
17:45:53.0749 6700  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:45:53.0761 6700  udfs - ok
17:45:53.0791 6700  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:45:53.0797 6700  UI0Detect - ok
17:45:53.0832 6700  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:45:53.0841 6700  uliagpkx - ok
17:45:53.0898 6700  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
17:45:53.0904 6700  umbus - ok
17:45:53.0919 6700  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:45:53.0924 6700  UmPass - ok
17:45:54.0036 6700  [ 9E89C2D6945389270DE067CE51FF7425 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:45:54.0091 6700  UNS - ok
17:45:54.0114 6700  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:45:54.0128 6700  upnphost - ok
17:45:54.0166 6700  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
17:45:54.0171 6700  USBAAPL64 - ok
17:45:54.0206 6700  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:45:54.0214 6700  usbccgp - ok
17:45:54.0263 6700  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:45:54.0271 6700  usbcir - ok
17:45:54.0304 6700  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:45:54.0309 6700  usbehci - ok
17:45:54.0338 6700  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:45:54.0349 6700  usbhub - ok
17:45:54.0374 6700  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:45:54.0379 6700  usbohci - ok
17:45:54.0418 6700  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:45:54.0422 6700  usbprint - ok
17:45:54.0469 6700  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:45:54.0475 6700  usbscan - ok
17:45:54.0483 6700  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:45:54.0492 6700  USBSTOR - ok
17:45:54.0514 6700  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:45:54.0541 6700  usbuhci - ok
17:45:54.0582 6700  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:45:54.0591 6700  usbvideo - ok
17:45:54.0620 6700  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:45:54.0627 6700  UxSms - ok
17:45:54.0645 6700  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:45:54.0648 6700  VaultSvc - ok
17:45:54.0679 6700  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:45:54.0688 6700  vdrvroot - ok
17:45:54.0744 6700  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:45:54.0768 6700  vds - ok
17:45:54.0791 6700  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:45:54.0796 6700  vga - ok
17:45:54.0815 6700  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:45:54.0820 6700  VgaSave - ok
17:45:54.0856 6700  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:45:54.0872 6700  vhdmp - ok
17:45:54.0903 6700  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:45:54.0910 6700  viaide - ok
17:45:54.0931 6700  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:45:54.0939 6700  volmgr - ok
17:45:54.0983 6700  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:45:55.0003 6700  volmgrx - ok
17:45:55.0063 6700  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:45:55.0081 6700  volsnap - ok
17:45:55.0113 6700  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:45:55.0124 6700  vsmraid - ok
17:45:55.0202 6700  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:45:55.0244 6700  VSS - ok
17:45:55.0370 6700  [ 87C57CBE385E00726A2113614F6C6BD2 ] vToolbarUpdater14.1.7 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe
17:45:55.0403 6700  vToolbarUpdater14.1.7 - ok
17:45:55.0423 6700  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:45:55.0428 6700  vwifibus - ok
17:45:55.0438 6700  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:45:55.0444 6700  vwififlt - ok
17:45:55.0479 6700  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:45:55.0490 6700  vwifimp - ok
17:45:55.0522 6700  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:45:55.0536 6700  W32Time - ok
17:45:55.0555 6700  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:45:55.0560 6700  WacomPen - ok
17:45:55.0614 6700  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:45:55.0622 6700  WANARP - ok
17:45:55.0628 6700  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:45:55.0632 6700  Wanarpv6 - ok
17:45:55.0708 6700  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:45:55.0752 6700  WatAdminSvc - ok
17:45:55.0817 6700  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:45:55.0853 6700  wbengine - ok
17:45:55.0877 6700  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:45:55.0907 6700  WbioSrvc - ok
17:45:55.0956 6700  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:45:55.0970 6700  wcncsvc - ok
17:45:56.0002 6700  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:45:56.0008 6700  WcsPlugInService - ok
17:45:56.0064 6700  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:45:56.0073 6700  Wd - ok
17:45:56.0112 6700  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:45:56.0136 6700  Wdf01000 - ok
17:45:56.0150 6700  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:45:56.0158 6700  WdiServiceHost - ok
17:45:56.0162 6700  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:45:56.0167 6700  WdiSystemHost - ok
17:45:56.0199 6700  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:45:56.0209 6700  WebClient - ok
17:45:56.0228 6700  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:45:56.0239 6700  Wecsvc - ok
17:45:56.0253 6700  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:45:56.0260 6700  wercplsupport - ok
17:45:56.0295 6700  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:45:56.0303 6700  WerSvc - ok
17:45:56.0334 6700  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:45:56.0358 6700  WfpLwf - ok
17:45:56.0403 6700  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
17:45:56.0414 6700  WimFltr - ok
17:45:56.0439 6700  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:45:56.0448 6700  WIMMount - ok
17:45:56.0486 6700  WinDefend - ok
17:45:56.0495 6700  WinHttpAutoProxySvc - ok
17:45:56.0566 6700  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:45:56.0578 6700  Winmgmt - ok
17:45:56.0671 6700  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:45:56.0721 6700  WinRM - ok
17:45:56.0772 6700  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:45:56.0778 6700  WinUsb - ok
17:45:56.0826 6700  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:45:56.0851 6700  Wlansvc - ok
17:45:56.0891 6700  [ DE816A0624D54D68E1FB8A9028DCF81A ] wltrysvc        C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
17:45:56.0898 6700  wltrysvc - ok
17:45:56.0949 6700  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:45:56.0954 6700  WmiAcpi - ok
17:45:56.0987 6700  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:45:56.0998 6700  wmiApSrv - ok
17:45:57.0064 6700  WMPNetworkSvc - ok
17:45:57.0076 6700  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:45:57.0083 6700  WPCSvc - ok
17:45:57.0107 6700  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:45:57.0115 6700  WPDBusEnum - ok
17:45:57.0150 6700  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:45:57.0156 6700  ws2ifsl - ok
17:45:57.0174 6700  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:45:57.0182 6700  wscsvc - ok
17:45:57.0186 6700  WSearch - ok
17:45:57.0269 6700  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:45:57.0323 6700  wuauserv - ok
17:45:57.0351 6700  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:45:57.0355 6700  WudfPf - ok
17:45:57.0392 6700  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:45:57.0399 6700  WUDFRd - ok
17:45:57.0441 6700  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:45:57.0451 6700  wudfsvc - ok
17:45:57.0483 6700  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:45:57.0494 6700  WwanSvc - ok
17:45:57.0516 6700  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
17:45:57.0528 6700  yukonw7 - ok
17:45:57.0560 6700  ================ Scan global ===============================
17:45:57.0581 6700  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:45:57.0609 6700  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:45:57.0625 6700  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:45:57.0655 6700  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:45:57.0694 6700  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:45:57.0704 6700  [Global] - ok
17:45:57.0705 6700  ================ Scan MBR ==================================
17:45:57.0710 6700  [ C3220EB08ADD62E3ED9F72A1F4E4B1BB ] \Device\Harddisk0\DR0
17:45:57.0858 6700  \Device\Harddisk0\DR0 - ok
17:45:57.0858 6700  ================ Scan VBR ==================================
17:45:57.0863 6700  [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
17:45:57.0865 6700  \Device\Harddisk0\DR0\Partition1 - ok
17:45:57.0878 6700  [ 723FFEBDE086355CE5F5C8E20D4FDB4A ] \Device\Harddisk0\DR0\Partition2
17:45:57.0881 6700  \Device\Harddisk0\DR0\Partition2 - ok
17:45:57.0882 6700  ============================================================
17:45:57.0882 6700  Scan finished
17:45:57.0882 6700  ============================================================
17:45:57.0896 10800  Detected object count: 0
17:45:57.0896 10800  Actual detected object count: 0
17:47:23.0885 7080  Deinitialize success
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=476790b890690f4cb97f026ed2bae42e
# engine=13159
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-14 10:34:05
# local_time=2013-02-14 11:34:05 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1035 16777213 100 98 42222 46688717 0 0
# compatibility_mode=5893 16776574 100 94 270648 112511095 0 0
# scanned=296094
# found=0
# cleaned=0
# scan_time=5240
         
Code:
ATTFilter
  Results of screen317's Security Check version 0.99.57  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
M-net Sicherheitspaket 9.12        
AVG Anti-Virus Free Edition 2012   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.70.0.1100  
 Java 7 Update 13  
 Java version out of Date! 
  Adobe Flash Player 11.1.102.63 Flash Player out of Date!  
 Adobe Reader 9 Adobe Reader out of Date! 
 Mozilla Firefox 14.0.1 Firefox out of Date!  
 Mozilla Thunderbird (6.0.2) Thunderbird out of Date!  
 Google Chrome 24.0.1312.56  
 Google Chrome 24.0.1312.57  
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
 AVG avgtray.exe 
 M-net Sicherheitspaket Anti-Virus fsgk32st.exe 
 M-net Sicherheitspaket Anti-Virus FSGK32.EXE 
 M-net Sicherheitspaket Anti-Virus fssm32.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Vielen Dank und Viele Grüße
Uli

Alt 15.02.2013, 12:13   #9
t'john
/// Helfer-Team
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7



Aktualisiere:

Adobe Reader: Adobe Reader - Download - Filepony (Alternativen: PDF Tools)
Firefox: Firefox - Download - Filepony
Thunderbird: Thunderbird - Download - Filepony
VLC Player: VLC Media Player

Java aktualisieren

Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die .exe-Datei
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 13 ) herunter laden.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Hacken gesetzt ist und klicke OK.
  • Klicke erneut OK.


Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html

Danach poste (kopieren und einfuegen) mir, was du hier angezeigt bekommst: PluginCheck



Java deaktivieren

Aufgrund derezeitigen Sicherheitsluecke:

http://www.trojaner-board.de/122961-...ktivieren.html

Danach poste mir (kopieren und einfuegen), was du hier angezeigt bekommst: PluginCheck
__________________
Mfg, t'john
Das TB unterstützen

Alt 15.02.2013, 21:55   #10
uli_lu
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7



Hallo t`john,

Code:
ATTFilter
PluginCheck

Der PluginCheck hilft die größten Sicherheitslücken beim Surfen im Internet zu schliessen.
Überprüft wird: Browser, Flash, Java und Adobe Reader Version.
Chrome 24.0.1312.57 ist aktuell
Flash (11,6,602,167) ist aktuell.
Java (1,7,0,13) ist aktuell.
Adobe Reader ist nicht installiert oder aktiviert.
         

Kann ich eigentlich das Verzeichnis _OTL/MovedFiles wieder löschen ?

Vielen Dank und viele Grüße
Uli

Alt 16.02.2013, 01:09   #11
t'john
/// Helfer-Team
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7



Sehr gut!

damit bist Du sauber und entlassen!

adwCleaner entfernen

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Uninstall.
  • Bestätige mit Ja.




Tool-Bereinigung mit OTL


Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
  • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
  • Speichere es auf Deinem Desktop.
  • Doppelklick auf OTL.exe um das Programm auszuführen.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Klicke auf den Button "Bereinigung"
  • OTL fragt eventuell nach einem Neustart.
    Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.


Zurücksetzen der Sicherheitszonen

Lasse die Sicherheitszonen wieder zurücksetzen, da diese manipuliert wurden um den Browser für weitere Angriffe zu öffnen.
Gehe dabei so vor: http://www.trojaner-board.de/111805-...ecksetzen.html


Systemwiederherstellungen leeren

Damit der Rechner nicht mit einer infizierten Systemwiederherstellung erneut infiziert werden kann, muessen wir diese leeren. Dazu schalten wir sie einmal aus und dann wieder ein:
Systemwiederherstellung deaktivieren Tutorial fuer Windows XP, Windows Vista, Windows 7
Danach wieder aktivieren.



Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html
http://www.trojaner-board.de/109844-...ren-seite.html
PC wird immer langsamer - was tun?
__________________
Mfg, t'john
Das TB unterstützen

Alt 16.02.2013, 18:58   #12
uli_lu
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7



Supi, Danke schön!
Mein Dank wird Dir ewig nachschleichen!!!
uli

Alt 16.02.2013, 20:22   #13
t'john
/// Helfer-Team
 
Ungültiges Bild - Windows 7 - Standard

Ungültiges Bild - Windows 7





wuensche eine virenfreie Zeit
__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu Ungültiges Bild - Windows 7
autorun, avg secure search, avg security toolbar, babylontoolbar, bho, bingbar, bonjour, browser manager, cid, dealply, desktop, dsl, error, fehler, firefox, flash player, format, google, gophoto, helper, home, install.exe, intranet, limited.com/facebook, microsoft office starter 2010, msiexec.exe, object, realtek, registry, rundll, scan, search the web, secure search, security, somoto, spam, spotify web helper, svchost.exe, sweetpacks, system, system neu, ungültiges, ungültiges bild, viren, visual studio, vtoolbarupdater, windows



Ähnliche Themen: Ungültiges Bild - Windows 7


  1. Windows 10: Fehlermeldung "Ungültiges Bild" bei diversen Programmen
    Alles rund um Windows - 07.11.2015 (3)
  2. Windows 7: Fehlermeldung "ungültiges Bild" bei Chrome und Dropbox
    Log-Analyse und Auswertung - 11.08.2015 (4)
  3. Windows 8.1 - Ungültiges Bild C:\PROGRA~2\SEARCH~1\bin\VC64LO~.DLL
    Plagegeister aller Art und deren Bekämpfung - 30.07.2015 (11)
  4. Windows 7: Beim Öffnen von Programmen erscheint die Fehlermeldung "ungültiges Bild"
    Log-Analyse und Auswertung - 22.06.2015 (7)
  5. Windows 7: Ungültiges Bild (error) VC32LO
    Log-Analyse und Auswertung - 17.04.2015 (11)
  6. Windows 7: .exe ungültiges Bild
    Log-Analyse und Auswertung - 31.03.2015 (9)
  7. Windows-Fehlermeldung: ...\...\..dll: Ungültiges Bild
    Log-Analyse und Auswertung - 21.03.2015 (16)
  8. Windows 7 / Fehlermeldung - Ungültiges Bild
    Plagegeister aller Art und deren Bekämpfung - 19.03.2015 (5)
  9. Beim Windows Hochfahren zahlreiche ".exe Ungültiges Bild" Meldungen
    Plagegeister aller Art und deren Bekämpfung - 14.03.2015 (6)
  10. Auch bei mir: Windows 7: Ungültiges Bild (error meldung) VC32LO
    Plagegeister aller Art und deren Bekämpfung - 16.02.2015 (12)
  11. Windows 7: Ungültiges Bild (error meldung)
    Plagegeister aller Art und deren Bekämpfung - 11.02.2015 (18)
  12. Windows 7: ungültiges Bild (Error Meldung)
    Plagegeister aller Art und deren Bekämpfung - 11.02.2015 (11)
  13. Windows 7: Ungültiges Bild (error meldung)
    Plagegeister aller Art und deren Bekämpfung - 10.02.2015 (13)
  14. WICHTIGIGES PROBLEM! Windows 7 Error (ungültiges bild)
    Plagegeister aller Art und deren Bekämpfung - 05.02.2015 (5)
  15. Windows 7 64bit: Programmname - ungültiges Bild Problem
    Plagegeister aller Art und deren Bekämpfung - 30.08.2014 (3)
  16. Windows 7 / 64Bit : Ungültiges Bild Error / Fehlermeldung
    Log-Analyse und Auswertung - 20.04.2014 (7)
  17. Windows Vista: xxxxx.xxx - Ungültiges Bild
    Log-Analyse und Auswertung - 30.11.2013 (29)

Zum Thema Ungültiges Bild - Windows 7 - Hallo Zusammen, habe leider Töchterlein schon lange nicht mehr auf die Finger geschaut... Beim Start von Chrome oder Firefox und mittlerweile von anderen Programmen kommt immer diese Meldung. Ungültiges Bild - Ungültiges Bild - Windows 7...
Archiv
Du betrachtest: Ungültiges Bild - Windows 7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.