Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
coupondropdown lässt sich immer noch nicht unter Firefox entfernen

coupondropdown lässt sich immer noch nicht unter Firefox entfernen


Plagegeister aller Art und deren Bekämpfung: coupondropdown lässt sich immer noch nicht unter Firefox entfernen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 08.04.2013, 14:40   #1
DanGomes
 
coupondropdown lässt sich immer noch nicht unter Firefox entfernen - Standard

coupondropdown lässt sich immer noch nicht unter Firefox entfernen


Hallo Leute,
bin neue hier und in Sachen PC nicht gerade der fitteste. Also ich habe wie viele Vorgänger hier vor mir dieses lästige Problem mit dem coupondropdown unter Firefox. Habe, wie hier empfohlen, mehrere Programme bereist laufen lassen, aber das Problem hält sich weiterhin hartnäckig und macht mich langsam wahnsinnig.
Habe folgendes bereits durchgeführt:
adwcleaner
Code:
ATTFilter
# AdwCleaner v2.200 - Datei am 07/04/2013 um 19:37:45 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Administration - ADMINISTRATI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Administration\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\Administration\AppData\Roaming\Mozilla\Firefox\Profiles\cnmnilny.default\jetpack

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v20.0 (de)

Datei : C:\Users\Administration\AppData\Roaming\Mozilla\Firefox\Profiles\cnmnilny.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\zknox453.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [22996 octets] - [07/04/2013 18:51:57]
AdwCleaner[R2].txt - [23057 octets] - [07/04/2013 18:52:32]
AdwCleaner[S1].txt - [22942 octets] - [07/04/2013 18:53:51]
AdwCleaner[S2].txt - [1320 octets] - [07/04/2013 19:27:37]
AdwCleaner[S3].txt - [1249 octets] - [07/04/2013 19:37:45]

########## EOF - C:\AdwCleaner[S3].txt - [1309 octets] ##########
jtr
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Administration on 07.04.2013 at 19:41:54,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Administration\AppData\Roaming\mozilla\firefox\profiles\cnmnilny.default\prefs.js

user_pref("google.toolbar.button_option.cached.gtbSearchBlogs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBlogs\" t
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_CTK0Y7F4MTG6NKYH03WT-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
Emptied folder: C:\Users\Administration\AppData\Roaming\mozilla\firefox\profiles\cnmnilny.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.04.2013 at 19:44:20,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
otl
Code:
ATTFilter
OTL logfile created on: 07.04.2013 19:45:06 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Administration\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 62,65% Memory free
6,69 Gb Paging File | 5,45 Gb Available in Paging File | 81,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 241,09 Gb Total Space | 30,49 Gb Free Space | 12,65% Space Free | Partition Type: NTFS
Drive D: | 232,94 Gb Total Space | 223,98 Gb Free Space | 96,15% Space Free | Partition Type: NTFS
Drive E: | 19,99 Gb Total Space | 8,45 Gb Free Space | 42,26% Space Free | Partition Type: FAT32
Drive F: | 678,23 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive J: | 102,13 Gb Total Space | 72,89 Gb Free Space | 71,37% Space Free | Partition Type: NTFS
Drive K: | 102,54 Gb Total Space | 45,45 Gb Free Space | 44,33% Space Free | Partition Type: NTFS
Drive L: | 115,63 Gb Total Space | 115,53 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
Drive M: | 117,19 Gb Total Space | 43,83 Gb Free Space | 37,40% Space Free | Partition Type: NTFS
 
Computer Name: ADMINISTRATI-PC | User Name: Administration | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.04.07 19:08:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administration\Desktop\OTL.exe
PRC - [2013.03.15 07:46:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.03.15 04:59:31 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013.03.15 04:59:30 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013.02.23 14:17:25 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.23 14:17:08 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.02.23 14:17:06 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.02.23 14:17:06 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.04.16 23:12:28 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Messenger\msnmsgr.exe
PRC - [2009.10.22 06:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
PRC - [2009.10.22 05:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) -- M:\Program Files\VMware\vmware-authd.exe
PRC - [2009.10.22 05:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
PRC - [2009.10.22 05:59:24 | 000,129,584 | ---- | M] (VMware, Inc.) -- M:\Program Files\VMware\vmware-tray.exe
PRC - [2009.10.22 04:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) -- C:\Programme\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.12.03 15:51:30 | 002,181,672 | ---- | M] (Gainward Co.) -- C:\Programme\EXPERTool\TBPANEL.exe
PRC - [2008.10.30 23:45:06 | 000,172,032 | ---- | M] (CyberLink Corp.) -- C:\Programme\HomeCinema\PlayMovie\PMVService.exe
PRC - [2008.10.05 10:10:02 | 000,185,632 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2008.05.16 18:30:30 | 000,091,432 | ---- | M] (cyberlink) -- C:\Programme\CyberLink\Shared Files\brs.exe
PRC - [2008.05.14 14:47:54 | 000,087,336 | ---- | M] (Cyberlink Corp.) -- C:\Programme\HomeCinema\PowerDVD\PDVDServ.exe
PRC - [2007.10.19 17:42:38 | 000,290,909 | ---- | M] () -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
PRC - [2007.10.19 17:42:38 | 000,114,779 | ---- | M] () -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
PRC - [2007.10.19 17:42:02 | 000,155,648 | ---- | M] (CyberLink Corp.) -- C:\Programme\HomeCinema\TV Enhance\TVEService.exe
PRC - [2007.10.09 00:19:22 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.10.09 00:19:20 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007.08.17 13:27:00 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.08.16 10:31:40 | 001,681,408 | ---- | M] (Buhl Data Service GmbH) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
PRC - [2007.06.27 10:18:40 | 000,215,256 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe
PRC - [2007.06.27 10:18:20 | 000,293,080 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\IntelDH\CCU\CCU_Engine.exe
PRC - [2007.06.27 10:18:08 | 000,223,448 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\IntelDH\CCU\AlertService.exe
PRC - [2007.06.27 10:14:40 | 000,439,512 | ---- | M] (Intel Corporation) -- C:\Programme\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
PRC - [2007.02.12 11:46:34 | 000,208,896 | ---- | M] () -- C:\Programme\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
PRC - [2005.10.24 16:13:06 | 000,278,528 | ---- | M] () -- m:\Program Files\Electronics Workbench\NLS\EWBNLSS.exe
PRC - [2005.10.11 15:00:24 | 000,053,248 | ---- | M] (National Instruments, Inc.) -- C:\Windows\System32\lktsrv.exe
PRC - [2005.10.11 15:00:22 | 000,045,056 | ---- | M] (National Instruments, Inc.) -- C:\Windows\System32\lkads.exe
PRC - [2005.10.10 14:08:32 | 000,049,152 | ---- | M] (National Instruments Corp.) -- C:\Windows\System32\nisvcloc.exe
PRC - [2005.08.25 14:43:14 | 000,688,190 | ---- | M] (National Instruments, Inc.) -- C:\Windows\System32\lkcitdl.exe
PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.13 12:09:04 | 000,036,864 | ---- | M] () -- C:\Users\ADMINI~1\AppData\Local\Temp\CmdLineExt02.dll
MOD - [2007.10.19 17:42:34 | 000,339,968 | ---- | M] () -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\CLTinyDB.dll
MOD - [2007.10.19 17:42:20 | 000,245,858 | ---- | M] () -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\CLCapEngine.dll
MOD - [2007.10.19 17:42:20 | 000,114,780 | ---- | M] () -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\CLSchMgr.dll
MOD - [2007.10.19 17:42:20 | 000,032,768 | ---- | M] () -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\CLCapSvcps.dll
MOD - [2007.05.22 11:59:22 | 000,128,512 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [1998.10.31 11:55:56 | 000,005,120 | ---- | M] () -- C:\Programme\EXPERTool\TBMANAGE.DLL
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Users\ADMINI~1\AppData\Local\Temp\hpdj.exe -- (hpdj)
SRV - [2013.03.27 04:16:39 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.15 07:46:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.03.14 10:49:32 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.23 14:17:25 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.23 14:17:06 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2009.10.22 06:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2009.10.22 05:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- M:\Program Files\VMware\vmware-authd.exe -- (VMAuthdService)
SRV - [2009.10.22 05:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009.10.22 04:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Programme\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2009.10.12 15:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- M:\Program Files\VMware\vmware-ufad.exe -- (ufad-ws60)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.10.19 17:42:38 | 000,290,909 | ---- | M] () [Auto | Running] -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe -- (TVECapSvc)
SRV - [2007.10.19 17:42:38 | 000,114,779 | ---- | M] () [Auto | Running] -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe -- (TVESched)
SRV - [2007.10.09 00:19:22 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007.08.16 10:31:40 | 001,681,408 | ---- | M] (Buhl Data Service GmbH) [Auto | Running] -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe -- (srvcPVR)
SRV - [2007.06.27 10:18:08 | 000,223,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2007.06.27 10:17:26 | 000,272,600 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe -- (QualityManager)
SRV - [2007.06.27 10:17:12 | 000,446,680 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2007.06.27 10:16:02 | 000,157,912 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2007.06.27 10:15:28 | 000,039,640 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Intel\IntelDH\bin\DHTraceController.exe -- (DHTRACE)
SRV - [2007.06.27 10:15:14 | 000,059,096 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2007.06.27 10:14:46 | 000,317,656 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe -- (NMSCore)
SRV - [2007.06.27 10:13:56 | 000,268,504 | ---- | M] () [Auto | Stopped] -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2007.04.13 18:14:26 | 000,036,864 | ---- | M] (Empolis GmbH) [Auto | Stopped] -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe -- (GnabService)
SRV - [2007.02.12 11:46:34 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005.10.24 16:13:06 | 000,278,528 | ---- | M] () [Auto | Running] -- m:\Program Files\Electronics Workbench\NLS\EWBNLSS.exe -- (EWBNLSS)
SRV - [2005.10.11 15:00:24 | 000,053,248 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\System32\lktsrv.exe -- (lkTimeSync)
SRV - [2005.10.11 15:00:22 | 000,045,056 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\System32\lkads.exe -- (lkClassAds)
SRV - [2005.10.10 14:08:32 | 000,049,152 | ---- | M] (National Instruments Corp.) [Auto | Running] -- C:\Windows\System32\nisvcloc.exe -- (niSvcLoc)
SRV - [2005.08.25 14:43:14 | 000,688,190 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\System32\lkcitdl.exe -- (LkCitadelServer)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DDMI2.sys -- (SDDMI2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013.03.15 07:46:27 | 008,952,608 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.02.23 14:17:35 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.02.23 14:17:35 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.02.23 14:17:35 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.02.23 14:17:35 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.10.22 06:00:46 | 000,853,936 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2009.10.22 06:00:44 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2009.10.22 06:00:44 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2009.10.22 06:00:44 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2009.10.22 04:47:52 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2009.10.22 01:13:36 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmusb.sys -- (vmusb)
DRV - [2009.10.22 01:13:32 | 000,036,400 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2009.10.22 01:13:32 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2009.10.12 15:31:52 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- M:\Program Files\VMware\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2009.06.10 12:23:04 | 000,036,992 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SaiBus.sys -- (SaiNtBus)
DRV - [2009.06.10 12:23:04 | 000,014,080 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SaiMini.sys -- (SaiMini)
DRV - [2008.10.30 23:45:24 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\HomeCinema\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008.10.23 23:39:00 | 000,031,824 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxUSB.sys -- (VBoxUSB)
DRV - [2008.05.16 18:29:58 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\HomeCinema\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2008.05.02 11:49:30 | 000,099,264 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2007.09.21 10:38:22 | 000,554,496 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2007.08.22 11:01:58 | 001,242,976 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2007.06.27 10:17:46 | 000,014,552 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2007.06.19 11:37:58 | 000,229,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007.05.01 16:49:42 | 000,132,232 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SaiH5F0D.sys -- (SaiH5F0D)
DRV - [2007.05.01 16:49:42 | 000,028,416 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SaiU5F0D.sys -- (SaiU5F0D)
DRV - [2007.03.16 11:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007.02.18 20:34:50 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nmsunidr.sys -- (nmsunidr)
DRV - [2007.02.16 02:56:49 | 000,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2006.11.30 15:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006.11.17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2006.07.24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2005.06.10 10:01:00 | 000,007,140 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cvintdrv.sys -- (cvintdrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 5D 4C 46 EA 09 CE 01  [binary data]
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA_de
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-792228030-1338267176-3048093723-1012\..\SearchScopes,DefaultScope = 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.freenet.de"
FF - prefs.js..extensions.enabledAddons: foxsaver%40www.foxsaver.com:2.2.8
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: %7Bc50ca3c4-5656-43c2-a061-13e717f73fc8%7D:4.2.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.2
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.13.0.6
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.1.3
FF - prefs.js..extensions.enabledItems: foxsaver@www.foxsaver.com:2.2.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledItems: {3EC9C995-8072-4fc0-953E-4F30620D17F3}:2.0.0.4
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.02.12 09:28:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.07 19:36:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.11 11:32:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.08.03 11:56:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.02.21 19:18:27 | 000,000,000 | ---D | M]
 
[2008.09.14 11:11:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administration\AppData\Roaming\mozilla\Extensions
[2013.04.07 19:04:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administration\AppData\Roaming\mozilla\Firefox\Profiles\cnmnilny.default\extensions
[2011.06.08 13:07:55 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Administration\AppData\Roaming\mozilla\Firefox\Profiles\cnmnilny.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.07.05 15:03:37 | 000,000,000 | ---D | M] (FoxSaver) -- C:\Users\Administration\AppData\Roaming\mozilla\Firefox\Profiles\cnmnilny.default\extensions\foxsaver@www.foxsaver.com
[2013.02.14 20:06:19 | 000,216,743 | ---- | M] () (No name found) -- C:\Users\Administration\AppData\Roaming\mozilla\firefox\profiles\cnmnilny.default\extensions\freehdsport@freehdsport.tv.xpi
[2012.12.12 12:26:03 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Administration\AppData\Roaming\mozilla\firefox\profiles\cnmnilny.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.01.15 21:01:49 | 000,316,778 | ---- | M] () (No name found) -- C:\Users\Administration\AppData\Roaming\mozilla\firefox\profiles\cnmnilny.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi
[2013.02.14 15:44:33 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Administration\AppData\Roaming\mozilla\firefox\profiles\cnmnilny.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2009.01.22 21:08:03 | 000,002,108 | ---- | M] () -- C:\Users\Administration\AppData\Roaming\mozilla\firefox\profiles\cnmnilny.default\searchplugins\youtube-videosuche.xml
[2013.04.07 19:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.03.27 04:17:36 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2005.10.12 16:04:02 | 000,020,480 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\NPLV80Win32.dll
[2013.03.27 05:32:09 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.27 05:32:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.03.27 05:32:09 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.27 05:32:09 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.27 05:32:09 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.27 05:32:09 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BDRegion] C:\Programme\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\HomeCinema\PlayMovie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TVEService] C:\Program Files\HomeCinema\TV Enhance\TVEService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vmware-tray] M:\Program Files\VMware\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-792228030-1338267176-3048093723-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-792228030-1338267176-3048093723-1004..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe (Gainward Co.)
O4 - HKU\S-1-5-21-792228030-1338267176-3048093723-1004..\Run: [Sidebar] C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-792228030-1338267176-3048093723-1012..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 8.lnk = C:\Programme\Sun\StarOffice 8\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =   [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =   [binary data]
O8 - Extra context menu item: Free YouTube Download - C:\Users\Administration\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Administration\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-15/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-15/4 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - M:\Program Files\VMware\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - M:\Program Files\VMware\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{004DD726-7D49-47A4-9D03-9F5507481DF3}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{365D6CE8-3EB7-4D59-9B24-20AA50C5C322}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A68A3AF-40A7-46E5-ADB3-202921C38410}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FA6207C-FA60-4C3B-A1C0-165D0EA7E675}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Administration\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Administration\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001.08.24 04:21:18 | 000,000,067 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{045a22e9-d27e-11dc-814a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{045a22e9-d27e-11dc-814a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\_Autorun\Autorun.exe -- [2002.06.28 20:18:56 | 000,065,536 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-792228030-1338267176-3048093723-1004\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.07 19:40:12 | 000,000,000 | ---D | C] -- C:\Users\Administration\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2013.04.07 19:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.04.07 19:08:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Administration\Desktop\OTL.exe
[2013.04.07 19:01:57 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.04.07 19:01:49 | 000,000,000 | ---D | C] -- C:\JRT
[2013.04.07 19:01:38 | 000,551,587 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Administration\Desktop\JRT.exe
[2013.04.07 16:18:45 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.04.07 16:17:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.04.06 19:34:20 | 000,000,000 | ---D | C] -- C:\Users\Administration\AppData\Local\Koox System Optimizer
[2013.04.06 19:33:55 | 001,122,304 | ---- | C] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\Windows\System32\libeay32.dll
[2013.04.06 19:33:55 | 000,356,352 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateEngine.dll
[2013.04.06 19:33:55 | 000,274,432 | ---- | C] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\Windows\System32\ssleay32.dll
[2013.04.06 19:33:55 | 000,081,920 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateControl350.dll
[2013.04.06 19:33:55 | 000,000,000 | ---D | C] -- C:\Program Files\Coupon Drop Down Removal Tool
[2013.04.06 13:26:51 | 000,000,000 | ---D | C] -- C:\Users\Administration\Desktop\Diverse Dokumente
[2013.04.02 10:56:06 | 000,000,000 | ---D | C] -- C:\Users\Administration\AppData\Roaming\Malwarebytes
[2013.04.02 10:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.02 10:23:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.03.28 13:36:49 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2013.03.11 11:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.07 19:40:55 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013.04.07 19:40:09 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.07 19:39:58 | 000,005,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.07 19:39:58 | 000,005,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.07 19:39:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.07 19:39:49 | 3487,748,096 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.07 19:36:18 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.07 19:22:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.07 19:08:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administration\Desktop\OTL.exe
[2013.04.07 19:01:39 | 000,551,587 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Administration\Desktop\JRT.exe
[2013.04.07 18:49:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.07 18:41:26 | 000,613,083 | ---- | M] () -- C:\Users\Administration\Desktop\adwcleaner.exe
[2013.04.06 15:34:17 | 000,641,432 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.06 15:34:17 | 000,132,104 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.06 15:34:17 | 000,008,878 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.06 15:34:17 | 000,006,488 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.06 14:12:38 | 000,380,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.04.05 12:32:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2013.04.05 10:47:02 | 000,008,240 | ---- | M] () -- C:\Users\Administration\AppData\Local\d3d9caps.dat
[2013.04.02 10:23:50 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.03.22 18:29:44 | 000,015,426 | ---- | M] () -- C:\Users\Administration\Documents\Discounter Strom3.odt
[2013.03.15 07:46:27 | 000,013,625 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.07 18:41:26 | 000,613,083 | ---- | C] () -- C:\Users\Administration\Desktop\adwcleaner.exe
[2013.03.28 13:31:33 | 000,013,625 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2013.03.22 18:29:43 | 000,015,426 | ---- | C] () -- C:\Users\Administration\Documents\Discounter Strom3.odt
[2013.01.31 14:37:46 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013.01.31 14:05:05 | 000,008,240 | ---- | C] () -- C:\Users\Administration\AppData\Local\d3d9caps.dat
[2013.01.31 13:22:50 | 000,000,569 | ---- | C] () -- C:\Windows\eReg.dat
[2012.03.17 18:49:22 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2012.03.17 18:40:08 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008.04.21 22:24:47 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.04.12 09:14:12 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008.02.04 16:43:49 | 000,223,744 | ---- | C] () -- C:\Users\Administration\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.04 14:48:17 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2008.02.03 20:07:02 | 000,000,102 | ---- | C] () -- C:\Users\Administration\AppData\Local\fusioncache.dat
[2008.02.03 16:04:32 | 000,000,101 | ---- | C] () -- C:\Users\Administration\AppData\Roaming\default.pls
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.05.02 15:03:43 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\Amazon
[2010.06.03 12:44:29 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\Azureus
[2009.01.13 17:42:34 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\Canon
[2009.02.22 04:20:45 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\DataDesign
[2012.02.19 11:40:19 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\DVDVideoSoft
[2008.02.03 19:50:02 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\FRITZ!
[2009.12.09 16:13:57 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\GetRightToGo
[2009.05.12 12:13:31 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\gtk-2.0
[2008.12.12 15:16:51 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\OpenArena
[2013.04.06 14:09:53 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\Samsung
[2009.01.06 16:31:06 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\Sonavis
[2013.04.05 11:52:24 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\StarOffice8
[2009.09.22 18:33:30 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\Subversion
[2008.11.26 16:38:22 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\Thunderbird
[2008.04.09 16:45:52 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\Ulead Systems
[2009.09.22 18:59:41 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\JavaEditor
[2013.01.19 14:40:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\StarOffice8
[2009.09.22 19:07:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Subversion
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:F8D65F32
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >
esetsmartinstaller war unauffällig

security check
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.61  
 Windows Vista Service Pack 2 x86   
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 EasyEclipse Desktop Java 1.3.1.1  
 Java(TM) 6 Update 15  
 Java 7 Update 9  
 Java 7 Update 17  
 Java(TM) SE Development Kit 6 Update 14 
 Java(TM) SE Development Kit 6 Update 16 
 JavaFX(TM) 1.2 SDK   
 Java DB 10.4.2.1   
 Adobe Flash Player 	11.6.602.180  
 Adobe Reader 9 Adobe Reader out of Date! 
 Mozilla Firefox (for.) 
 Mozilla Thunderbird (2.0.0 Thunderbird out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
defogger disable
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:22 on 08/04/2013 (Administration)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
defogger enable
Code:
ATTFilter
defogger_enable by jpshortstuff (23.02.10.1)
Log created at 15:24 on 08/04/2013 (Administration)

Parsing file...


-=E.O.F=-
Wäre cool, wenn mir hier jemand helfen könnte.

 

Themen zu coupondropdown lässt sich immer noch nicht unter Firefox entfernen
antivir, avira, bho, browser, converter, desktop, enigma, entfernen, error, firefox, flash player, helper, home, installation, internet browser, intranet, langsam, logfile, mozilla, mp3, national, plug-in, problem, realtek, registrierungsdatenbank, registry, senden, server, software, vista, windows


« Bundestrojaner April 2013 | Avira Rescue CD - 177 Warnungen - Base und Factory.wim »


Ähnliche Themen: coupondropdown lässt sich immer noch nicht unter Firefox entfernen


  1. Firefox spielt verrückt. Mit Adware infiziert. Lässt sich nicht entfernen.
    Plagegeister aller Art und deren Bekämpfung - 29.10.2015 (15)
  2. Windows 8, Mozilla Firefox: Feven 2.2 lässt sich nicht deinstallieren, re-markit eventuell noch vorhanden
    Log-Analyse und Auswertung - 08.10.2015 (24)
  3. reimage erscheint nicht bei den uninstallern und lässt sich weder entfernen noch löschen
    Plagegeister aller Art und deren Bekämpfung - 09.08.2015 (2)
  4. DuckDuckGo lässt sich nicht aus Firefox entfernen
    Log-Analyse und Auswertung - 02.12.2014 (37)
  5. Download Protect 2.2.5 (Add-on) lässt sich nicht dauerhaft aus Firefox entfernen
    Log-Analyse und Auswertung - 01.10.2014 (29)
  6. Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware
    Log-Analyse und Auswertung - 10.09.2014 (11)
  7. Download Protect 2.2.5 lässt sich aus Firefox nicht entfernen
    Log-Analyse und Auswertung - 13.08.2014 (12)
  8. download protect 2.2.1 / 2.2.4 unter windows 7 lässt sich nicht entfernen
    Log-Analyse und Auswertung - 31.07.2014 (23)
  9. Download Protect 2.2.1 und 1.0 im Firefox lässt sich nicht entfernen und schmeisst andere Erweiterungen raus
    Plagegeister aller Art und deren Bekämpfung - 30.06.2014 (30)
  10. Laptop ruckelt nur noch, Iminent lässt sich nicht löschen und Radio schaltet sich alleine an und aus und lässt sich ebenfalls nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (3)
  11. Add on: Download Protect lässt sich nicht entfernen. (Windows 7, Mozilla Firefox)
    Log-Analyse und Auswertung - 15.04.2014 (5)
  12. 2x | coupondropdown lässt sich immer noch nicht unter Firefox entfernen
    Mülltonne - 08.04.2013 (0)
  13. PWS:WIn32/ZBOT.gen!aj unter Windows 7 / MSE lässt sich nicht entfernen!
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (22)
  14. PWS:WIn32/ZBOT.gen!aj gefunden unter Win7. Lässt sich nicht entfernen!
    Plagegeister aller Art und deren Bekämpfung - 14.03.2013 (3)
  15. Claro Serch - Firefox startseite - Win7: lässt sich nicht entfernen. (FirmenPC)
    Plagegeister aller Art und deren Bekämpfung - 06.11.2012 (5)
  16. IE9 64bit und Firefox starten nicht / Firefox lässt sich nicht neu installieren
    Log-Analyse und Auswertung - 14.03.2012 (17)
  17. Spybot+Firefox hängen sich auf / Windows Security Alert lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 11.05.2010 (15)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema coupondropdown lässt sich immer noch nicht unter Firefox entfernen - Hallo Leute, bin neue hier und in Sachen PC nicht gerade der fitteste. Also ich habe wie viele Vorgänger hier vor mir dieses lästige Problem mit dem coupondropdown unter Firefox. - coupondropdown lässt sich immer noch nicht unter Firefox entfernen...
Archiv
Du betrachtest: coupondropdown lässt sich immer noch nicht unter Firefox entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131