Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Wie entferne ich facebook.vbs?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 24.05.2013, 16:30   #31
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Code:
ATTFilter
Scan Mode: Current user
         
Du hast den Haken bei Scanne alle Benutzer vergessen! Bitte das Log nochmal richtig machen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 24.05.2013, 19:47   #32
-Ahnungslos-
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Code:
ATTFilter
OTL logfile created on: 24.05.2013 19:33:43 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = c:\Users\Nils\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 45,28% Memory free
8,19 Gb Paging File | 3,83 Gb Available in Paging File | 46,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,39 Gb Total Space | 245,52 Gb Free Space | 53,91% Space Free | Partition Type: NTFS
Drive D: | 456,12 Gb Total Space | 451,16 Gb Free Space | 98,91% Space Free | Partition Type: NTFS
Drive H: | 554,86 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: NILS-PC | User Name: Nils | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - c:\Users\Nils\Downloads\OTL.exe (OldTimer Tools)
PRC - c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\SeaPort.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Origin\OriginClientService.exe (Electronic Arts)
PRC - C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Users\Nils\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Origin Games\FIFA 13\Game\fifasetup\fifaconfig.exe (Electronic Arts Canada)
PRC - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\LU\LogitechUpdate.exe (Logitech, Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\LU\LULnchr.exe (Logitech, Inc.)
PRC - C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe ()
PRC - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll ()
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Origin\tufao.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Common Files\logishrd\SharedBin\LVAPI11.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\SDL.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV:64bit: - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL)
SRV:64bit: - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe (BitDefender S.R.L.)
SRV:64bit: - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV:64bit: - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV:64bit: - (ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\bin32\nSvcAppFlt.exe ()
SRV:64bit: - (nSvcIp) -- C:\Program Files\bin32\nSvcIp.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (XCOMM) -- C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe (BitDefender)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BBSvc.exe (Microsoft Corporation.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (McAfee SiteAdvisor Service) -- c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (Autodesk Content Service) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SiteAdvisor Service) -- C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (BDSelfPr) -- C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys File not found
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)
DRV:64bit: - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (AswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\DRIVERS\aswNdis.sys (ALWIL Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (seehcri) -- C:\Windows\SysNative\DRIVERS\seehcri.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\DRIVERS\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\DRIVERS\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\DRIVERS\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (bdftdif) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender SRL)
DRV:64bit: - (bdfsfltr) -- C:\Windows\SysNative\DRIVERS\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x3200
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32 File not found
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Nils\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Nils\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Nils\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\Nils\AppData\Roaming\Electronic Arts\Game Face\1.0.0.18\npGameFacePlugin.dll (Electronic Arts)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.03.01 11:49:11 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.03.01 11:49:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013.05.24 07:34:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.06.18 00:44:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.15 20:19:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.07.31 21:17:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 15:20:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2008\tbextension [2010.01.16 19:27:41 | 000,000,000 | ---D | M]
 
[2012.10.17 16:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\Extensions
[2013.05.23 23:07:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\aave9duk.default\extensions
[2011.03.17 10:30:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\aave9duk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.02.17 05:22:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\aave9duk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(231)
[2013.04.16 16:49:41 | 000,363,475 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\extensions\toolbar_SGT-SAT@apn.ask.com.xpi
[2012.12.27 19:54:54 | 000,036,139 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2010.08.11 15:21:04 | 000,001,864 | ---- | M] () -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\searchplugins\{2F060849-F324-4549-99A5-34B2C483B4B6}.xml
[2010.08.11 15:21:04 | 000,002,182 | ---- | M] () -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\searchplugins\{B90EEDAF-5392-4D5F-AFF8-842B3A4F4FA9}.xml
[2010.08.11 15:21:04 | 000,002,071 | ---- | M] () -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\searchplugins\{C644B2D6-694E-49AA-A681-B3FC838377DF}.xml
[2012.11.27 16:12:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.01.22 01:05:24 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.03.17 10:26:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012.06.18 00:44:43 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
File not found (No name found) -- C:\PROGRAM FILES (X86)\HBLITE\BIN\11.0.384.0\FIREFOX\EXTENSIONS
[2013.05.24 07:34:47 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2013.03.15 20:19:52 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{AA994882-F391-4D2E-806F-8908DA4814ED}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\WELCOME@TOOLMIN.COM
[2011.07.08 09:31:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.19 08:03:04 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.12.27 18:16:12 | 000,003,341 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.giga.de/go/wwr 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Nils\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Nils\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Nils\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Game Face Plugin (Enabled) = C:\Users\Nils\AppData\Roaming\Electronic Arts\Game Face\1.0.0.18\npGameFacePlugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: SiteAdvisor = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.61.113.2_1\
CHR - Extension: avast! WebRep = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2013.05.24 09:25:13 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll (Bitdefender)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\Antispam32\IEToolbar.dll (Bitdefender)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe (BitDefender)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Nils\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SWPROguard] C:\Program Files (x86)\Fighters\SPYWAREfighter\SWPROTray.exe File not found
O4 - HKLM..\Run: [Trigger New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files (x86)\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [Akamai NetSession Interface] C:\Users\Nils\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [Facebook.vbs] "C:\Users\Nils\AppData\Local\Temp\Facebook.vbs" File not found
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - Startup: C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook.vbs ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  = 
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E473A496-9186-4520-9195-B83874FC31F4}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAd64.dll ()
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Nils\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Nils\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.01.20 14:01:31 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.24 09:21:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.05.22 21:29:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.05.22 21:18:07 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.22 20:50:21 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Nils\Desktop\JRT.exe
[2013.05.22 07:04:01 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Nils\Desktop\aswMBR.exe
[2013.05.20 09:43:11 | 001,398,856 | ---- | C] (Malwarebytes Corporation) -- C:\Users\Nils\Desktop\mbar.exe
[2013.05.20 09:33:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.19 12:55:23 | 005,066,411 | R--- | C] (Swearware) -- C:\Users\Nils\Desktop\ComboFix.exe
[2013.05.17 23:13:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.05.17 23:13:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.05.17 23:13:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.05.17 23:02:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.17 23:00:57 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.05.16 16:14:53 | 000,000,000 | ---D | C] -- C:\Users\Nils\Documents\Clubschwein
[2013.05.16 10:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.03.18 23:29:01 | 000,958,464 | ---- | C] (Valve Corporation) -- C:\Program Files\Steam.exe
[2010.03.18 23:28:39 | 000,245,760 | ---- | C] (Valve LLC) -- C:\Program Files\WriteMiniDump.exe
[2010.03.18 23:28:37 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dbghelp.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.24 19:36:39 | 000,081,984 | ---- | M] () -- C:\Windows\SysNative\bdod.bin
[2013.05.24 19:16:07 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.24 19:16:07 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.24 19:06:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.24 18:52:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000UA.job
[2013.05.24 18:49:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.24 17:49:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.24 17:27:00 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000UA.job
[2013.05.24 15:16:09 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000Core.job
[2013.05.24 15:16:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.24 09:33:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2013.05.24 09:33:12 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.05.24 09:31:12 | 000,000,121 | ---- | M] () -- C:\Windows\bdagent.INI
[2013.05.24 09:25:13 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.05.23 21:54:07 | 000,002,041 | ---- | M] () -- C:\Users\Nils\Desktop\Google Chrome.lnk
[2013.05.23 19:52:31 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000Core.job
[2013.05.22 20:49:47 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Nils\Desktop\JRT.exe
[2013.05.22 20:40:49 | 000,006,836 | ---- | M] () -- C:\Users\Nils\AppData\Local\d3d9caps.dat
[2013.05.22 06:58:54 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Nils\Desktop\aswMBR.exe
[2013.05.21 22:20:21 | 001,567,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.21 22:20:21 | 000,674,722 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.21 22:20:21 | 000,634,846 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.21 22:20:21 | 000,145,390 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.21 22:20:21 | 000,119,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.21 20:21:21 | 000,002,655 | ---- | M] () -- C:\Users\Nils\Desktop\Microsoft Office Word 2007.lnk
[2013.05.20 09:42:45 | 001,398,856 | ---- | M] (Malwarebytes Corporation) -- C:\Users\Nils\Desktop\mbar.exe
[2013.05.18 10:09:31 | 005,066,411 | R--- | M] (Swearware) -- C:\Users\Nils\Desktop\ComboFix.exe
[2013.05.16 10:39:01 | 000,397,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.12 21:14:54 | 000,001,936 | ---- | M] () -- C:\Users\Public\Desktop\Inventor Fusion 2013.lnk
[2013.05.12 21:14:53 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2013 - Deutsch (German).lnk
[2013.05.02 16:50:34 | 000,030,288 | ---- | M] () -- C:\Users\Nils\Documents\935013_455765107832844_817710064_n.jpg
[2013.05.02 16:50:14 | 000,053,070 | ---- | M] () -- C:\Users\Nils\Documents\45644_449723935103628_1954048515_n - Kopie - Kopie.jpg
 
========== Files Created - No Company Name ==========
 
[2013.05.17 23:13:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.05.17 23:13:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.05.17 23:13:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.05.17 23:13:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.05.17 23:13:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.05.02 16:50:33 | 000,030,288 | ---- | C] () -- C:\Users\Nils\Documents\935013_455765107832844_817710064_n.jpg
[2013.05.02 16:50:12 | 000,053,070 | ---- | C] () -- C:\Users\Nils\Documents\45644_449723935103628_1954048515_n - Kopie - Kopie.jpg
[2013.04.13 01:21:32 | 000,006,836 | ---- | C] () -- C:\Users\Nils\AppData\Local\d3d9caps.dat
[2013.03.10 16:02:26 | 000,268,952 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.10 16:00:35 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.10 16:00:34 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.01.20 15:15:43 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.11.30 18:31:08 | 000,000,835 | ---- | C] () -- C:\Users\Nils\.recently-used.xbel
[2011.11.30 16:39:46 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2011.11.30 16:31:13 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011.11.30 16:30:58 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.11.17 22:03:04 | 000,000,000 | ---- | C] () -- C:\Users\Nils\AppData\Roaming\wklnhst.dat
[2011.10.01 15:19:17 | 000,000,552 | ---- | C] () -- C:\Users\Nils\AppData\Local\d3d8caps.dat
[2011.09.11 18:33:40 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini
[2011.08.08 23:48:42 | 000,000,530 | ---- | C] () -- C:\Windows\eReg.dat
[2011.01.30 17:07:20 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.05.17 21:02:30 | 000,073,645 | ---- | C] () -- C:\Users\Nils\fifa10.jpg
[2010.03.18 23:29:02 | 000,165,376 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010.02.05 18:56:37 | 000,018,944 | ---- | C] () -- C:\Users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 17:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 19:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 09:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 04:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
 
========== LOP Check ==========
 
[2008.09.17 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008.09.17 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2008.09.17 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Acer GameZone Console
[2009.12.30 16:10:52 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Atari
[2013.01.22 19:08:50 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Autodesk
[2010.01.16 19:28:02 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Bitdefender
[2011.12.07 22:22:26 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Canneverbe Limited
[2010.11.25 20:46:14 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\CMA
[2010.03.21 21:04:24 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Common Toolkit Suite
[2010.10.18 08:04:24 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Diercke Globus Online
[2013.05.13 23:04:49 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Dropbox
[2012.07.19 19:47:02 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\DVDVideoSoft
[2010.10.13 12:08:59 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Electronic Arts
[2009.12.29 15:23:59 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\eSobi
[2010.02.08 22:07:54 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\FloodLightGames
[2011.03.13 21:54:33 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\FMZilla
[2011.02.23 01:08:10 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Free Download Manager
[2012.06.29 23:27:47 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\gtk-2.0
[2012.12.27 18:16:12 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\High Speed Download
[2013.05.24 09:35:04 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\ICQ
[2010.09.08 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\klett
[2010.04.03 11:00:21 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Leadertech
[2011.03.28 16:25:10 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\LolClient
[2011.11.30 16:46:24 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\MAGIX
[2012.02.09 22:08:53 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Muba
[2010.11.26 20:28:12 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Need for Speed World
[2010.05.17 11:50:53 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\OCS
[2010.05.17 11:51:05 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Opera
[2012.11.30 14:28:11 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Origin
[2010.06.14 11:28:36 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Publish Providers
[2010.06.16 16:07:41 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Simply Super Software
[2010.06.14 11:28:21 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Sony
[2010.06.22 19:06:51 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Trillian
[2011.02.05 14:02:39 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\TS3Client
[2011.05.15 12:44:41 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\TubeBox
[2012.06.27 17:38:27 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\TuneUp Software
[2011.12.24 19:53:16 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Ubisoft
[2012.07.19 19:46:53 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Uniblue
[2010.08.24 22:04:59 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\UseNeXT
[2010.08.02 20:09:58 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\Bitdefender
[2010.12.12 02:06:06 | 000,000,000 | ---D | M] -- C:\Users\TEMP.Nils-PC\AppData\Roaming\Bitdefender
 
========== Purity Check ==========
 
 

< End of report >
         
__________________


Alt 24.05.2013, 19:56   #33
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Hm, da ist immer noch. Bitte noch einen Fix machen mit folgendem Script, danach wieder wie eben auch eine neue Kontrolle mit OTL machen

Code:
ATTFilter
:OTL
O4 - Startup: C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook.vbs ()
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
         
__________________
__________________

Alt 25.05.2013, 01:25   #34
-Ahnungslos-
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Hier die Logfile vom Fix:

Code:
ATTFilter
File C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook.vbs not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe deleted successfully.
 
OTL by OldTimer - Version 3.2.69.0 log created on 05252013_010818
         
Hier die Logfile der Kontrolle:

Code:
ATTFilter
OTL logfile created on: 25.05.2013 01:09:49 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = c:\Users\Nils\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,34 Gb Available Physical Memory | 33,50% Memory free
8,19 Gb Paging File | 3,48 Gb Available in Paging File | 42,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,39 Gb Total Space | 245,64 Gb Free Space | 53,94% Space Free | Partition Type: NTFS
Drive D: | 456,12 Gb Total Space | 451,16 Gb Free Space | 98,91% Space Free | Partition Type: NTFS
Drive H: | 554,86 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: NILS-PC | User Name: Nils | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - c:\Users\Nils\Downloads\OTL.exe (OldTimer Tools)
PRC - c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\SeaPort.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Origin\OriginClientService.exe (Electronic Arts)
PRC - C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Users\Nils\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Origin Games\FIFA 13\Game\fifasetup\fifaconfig.exe (Electronic Arts Canada)
PRC - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\LU\LogitechUpdate.exe (Logitech, Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\LU\LULnchr.exe (Logitech, Inc.)
PRC - C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe ()
PRC - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll ()
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Origin\tufao.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Common Files\logishrd\SharedBin\LVAPI11.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\SDL.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV:64bit: - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL)
SRV:64bit: - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe (BitDefender S.R.L.)
SRV:64bit: - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV:64bit: - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV:64bit: - (ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\bin32\nSvcAppFlt.exe ()
SRV:64bit: - (nSvcIp) -- C:\Program Files\bin32\nSvcIp.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (XCOMM) -- C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe (BitDefender)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BBSvc.exe (Microsoft Corporation.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (McAfee SiteAdvisor Service) -- c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (Autodesk Content Service) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SiteAdvisor Service) -- C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (BDSelfPr) -- C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys File not found
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)
DRV:64bit: - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (AswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\DRIVERS\aswNdis.sys (ALWIL Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (seehcri) -- C:\Windows\SysNative\DRIVERS\seehcri.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\DRIVERS\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\DRIVERS\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\DRIVERS\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (bdftdif) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender SRL)
DRV:64bit: - (bdfsfltr) -- C:\Windows\SysNative\DRIVERS\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x3200
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32 File not found
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Nils\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Nils\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Nils\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\Nils\AppData\Roaming\Electronic Arts\Game Face\1.0.0.18\npGameFacePlugin.dll (Electronic Arts)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.03.01 11:49:11 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.03.01 11:49:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013.05.24 07:34:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.06.18 00:44:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.15 20:19:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.07.31 21:17:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 15:20:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2008\tbextension [2010.01.16 19:27:41 | 000,000,000 | ---D | M]
 
[2012.10.17 16:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\Extensions
[2013.05.23 23:07:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\aave9duk.default\extensions
[2011.03.17 10:30:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\aave9duk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.02.17 05:22:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\aave9duk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(231)
[2013.04.16 16:49:41 | 000,363,475 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\extensions\toolbar_SGT-SAT@apn.ask.com.xpi
[2012.12.27 19:54:54 | 000,036,139 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2010.08.11 15:21:04 | 000,001,864 | ---- | M] () -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\searchplugins\{2F060849-F324-4549-99A5-34B2C483B4B6}.xml
[2010.08.11 15:21:04 | 000,002,182 | ---- | M] () -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\searchplugins\{B90EEDAF-5392-4D5F-AFF8-842B3A4F4FA9}.xml
[2010.08.11 15:21:04 | 000,002,071 | ---- | M] () -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\searchplugins\{C644B2D6-694E-49AA-A681-B3FC838377DF}.xml
[2012.11.27 16:12:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.01.22 01:05:24 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.03.17 10:26:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012.06.18 00:44:43 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
File not found (No name found) -- C:\PROGRAM FILES (X86)\HBLITE\BIN\11.0.384.0\FIREFOX\EXTENSIONS
[2013.05.24 07:34:47 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2013.03.15 20:19:52 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{AA994882-F391-4D2E-806F-8908DA4814ED}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\WELCOME@TOOLMIN.COM
[2011.07.08 09:31:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.19 08:03:04 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.12.27 18:16:12 | 000,003,341 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.giga.de/go/wwr 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Nils\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Nils\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Nils\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Game Face Plugin (Enabled) = C:\Users\Nils\AppData\Roaming\Electronic Arts\Game Face\1.0.0.18\npGameFacePlugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: SiteAdvisor = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.61.113.2_1\
CHR - Extension: avast! WebRep = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2013.05.24 09:25:13 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll (Bitdefender)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\Antispam32\IEToolbar.dll (Bitdefender)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe (BitDefender)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Nils\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SWPROguard] C:\Program Files (x86)\Fighters\SPYWAREfighter\SWPROTray.exe File not found
O4 - HKLM..\Run: [Trigger New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files (x86)\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [Akamai NetSession Interface] C:\Users\Nils\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [Facebook.vbs] "C:\Users\Nils\AppData\Local\Temp\Facebook.vbs" File not found
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  = 
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E473A496-9186-4520-9195-B83874FC31F4}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAd64.dll ()
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Nils\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Nils\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.01.20 14:01:31 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.24 09:21:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.05.22 21:29:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.05.22 21:18:07 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.22 20:50:21 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Nils\Desktop\JRT.exe
[2013.05.22 07:04:01 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Nils\Desktop\aswMBR.exe
[2013.05.20 09:43:11 | 001,398,856 | ---- | C] (Malwarebytes Corporation) -- C:\Users\Nils\Desktop\mbar.exe
[2013.05.20 09:33:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.19 12:55:23 | 005,066,411 | R--- | C] (Swearware) -- C:\Users\Nils\Desktop\ComboFix.exe
[2013.05.17 23:13:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.05.17 23:13:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.05.17 23:13:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.05.17 23:02:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.17 23:00:57 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.05.16 16:14:53 | 000,000,000 | ---D | C] -- C:\Users\Nils\Documents\Clubschwein
[2013.05.16 10:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.03.18 23:29:01 | 000,958,464 | ---- | C] (Valve Corporation) -- C:\Program Files\Steam.exe
[2010.03.18 23:28:39 | 000,245,760 | ---- | C] (Valve LLC) -- C:\Program Files\WriteMiniDump.exe
[2010.03.18 23:28:37 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dbghelp.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.25 01:12:59 | 000,081,984 | ---- | M] () -- C:\Windows\SysNative\bdod.bin
[2013.05.25 01:06:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.25 00:52:43 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000UA.job
[2013.05.25 00:52:43 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.25 00:52:25 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000UA.job
[2013.05.25 00:52:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.24 19:52:03 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000Core.job
[2013.05.24 19:16:07 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.24 19:16:07 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.24 17:49:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.24 15:16:09 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000Core.job
[2013.05.24 09:33:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2013.05.24 09:33:12 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.05.24 09:31:12 | 000,000,121 | ---- | M] () -- C:\Windows\bdagent.INI
[2013.05.24 09:25:13 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.05.23 21:54:07 | 000,002,041 | ---- | M] () -- C:\Users\Nils\Desktop\Google Chrome.lnk
[2013.05.22 20:49:47 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Nils\Desktop\JRT.exe
[2013.05.22 20:40:49 | 000,006,836 | ---- | M] () -- C:\Users\Nils\AppData\Local\d3d9caps.dat
[2013.05.22 06:58:54 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Nils\Desktop\aswMBR.exe
[2013.05.21 22:20:21 | 001,567,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.21 22:20:21 | 000,674,722 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.21 22:20:21 | 000,634,846 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.21 22:20:21 | 000,145,390 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.21 22:20:21 | 000,119,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.21 20:21:21 | 000,002,655 | ---- | M] () -- C:\Users\Nils\Desktop\Microsoft Office Word 2007.lnk
[2013.05.20 09:42:45 | 001,398,856 | ---- | M] (Malwarebytes Corporation) -- C:\Users\Nils\Desktop\mbar.exe
[2013.05.18 10:09:31 | 005,066,411 | R--- | M] (Swearware) -- C:\Users\Nils\Desktop\ComboFix.exe
[2013.05.16 10:39:01 | 000,397,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.12 21:14:54 | 000,001,936 | ---- | M] () -- C:\Users\Public\Desktop\Inventor Fusion 2013.lnk
[2013.05.12 21:14:53 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2013 - Deutsch (German).lnk
[2013.05.02 16:50:34 | 000,030,288 | ---- | M] () -- C:\Users\Nils\Documents\935013_455765107832844_817710064_n.jpg
[2013.05.02 16:50:14 | 000,053,070 | ---- | M] () -- C:\Users\Nils\Documents\45644_449723935103628_1954048515_n - Kopie - Kopie.jpg
 
========== Files Created - No Company Name ==========
 
[2013.05.17 23:13:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.05.17 23:13:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.05.17 23:13:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.05.17 23:13:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.05.17 23:13:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.05.02 16:50:33 | 000,030,288 | ---- | C] () -- C:\Users\Nils\Documents\935013_455765107832844_817710064_n.jpg
[2013.05.02 16:50:12 | 000,053,070 | ---- | C] () -- C:\Users\Nils\Documents\45644_449723935103628_1954048515_n - Kopie - Kopie.jpg
[2013.04.13 01:21:32 | 000,006,836 | ---- | C] () -- C:\Users\Nils\AppData\Local\d3d9caps.dat
[2013.03.10 16:02:26 | 000,268,952 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.10 16:00:35 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.10 16:00:34 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.01.20 15:15:43 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.11.30 18:31:08 | 000,000,835 | ---- | C] () -- C:\Users\Nils\.recently-used.xbel
[2011.11.30 16:39:46 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2011.11.30 16:31:13 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011.11.30 16:30:58 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.11.17 22:03:04 | 000,000,000 | ---- | C] () -- C:\Users\Nils\AppData\Roaming\wklnhst.dat
[2011.10.01 15:19:17 | 000,000,552 | ---- | C] () -- C:\Users\Nils\AppData\Local\d3d8caps.dat
[2011.09.11 18:33:40 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini
[2011.08.08 23:48:42 | 000,000,530 | ---- | C] () -- C:\Windows\eReg.dat
[2011.01.30 17:07:20 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.05.17 21:02:30 | 000,073,645 | ---- | C] () -- C:\Users\Nils\fifa10.jpg
[2010.03.18 23:29:02 | 000,165,376 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010.02.05 18:56:37 | 000,018,944 | ---- | C] () -- C:\Users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 17:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 19:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 09:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 04:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
 
========== LOP Check ==========
 
[2008.09.17 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008.09.17 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2008.09.17 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Acer GameZone Console
[2009.12.30 16:10:52 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Atari
[2013.01.22 19:08:50 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Autodesk
[2010.01.16 19:28:02 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Bitdefender
[2011.12.07 22:22:26 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Canneverbe Limited
[2010.11.25 20:46:14 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\CMA
[2010.03.21 21:04:24 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Common Toolkit Suite
[2010.10.18 08:04:24 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Diercke Globus Online
[2013.05.13 23:04:49 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Dropbox
[2012.07.19 19:47:02 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\DVDVideoSoft
[2010.10.13 12:08:59 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Electronic Arts
[2009.12.29 15:23:59 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\eSobi
[2010.02.08 22:07:54 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\FloodLightGames
[2011.03.13 21:54:33 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\FMZilla
[2011.02.23 01:08:10 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Free Download Manager
[2012.06.29 23:27:47 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\gtk-2.0
[2012.12.27 18:16:12 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\High Speed Download
[2013.05.24 09:35:04 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\ICQ
[2010.09.08 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\klett
[2010.04.03 11:00:21 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Leadertech
[2011.03.28 16:25:10 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\LolClient
[2011.11.30 16:46:24 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\MAGIX
[2012.02.09 22:08:53 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Muba
[2010.11.26 20:28:12 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Need for Speed World
[2010.05.17 11:50:53 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\OCS
[2010.05.17 11:51:05 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Opera
[2012.11.30 14:28:11 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Origin
[2010.06.14 11:28:36 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Publish Providers
[2010.06.16 16:07:41 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Simply Super Software
[2010.06.14 11:28:21 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Sony
[2010.06.22 19:06:51 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Trillian
[2011.02.05 14:02:39 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\TS3Client
[2011.05.15 12:44:41 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\TubeBox
[2012.06.27 17:38:27 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\TuneUp Software
[2011.12.24 19:53:16 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Ubisoft
[2012.07.19 19:46:53 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Uniblue
[2010.08.24 22:04:59 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\UseNeXT
[2010.08.02 20:09:58 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\Bitdefender
[2010.12.12 02:06:06 | 000,000,000 | ---D | M] -- C:\Users\TEMP.Nils-PC\AppData\Roaming\Bitdefender
 
========== Purity Check ==========
 
 

< End of report >
         

Alt 25.05.2013, 20:10   #35
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Scan mit SystemLook (x64)

Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)
  • Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    ATTFilter
    :filefind
    *conduit*
    *softonic*
    *quickstore*
    *yontoo*
    *FunMood*
    *tarma*
    *asktool*
    *facebook*
    
    :folderfind
    *conduit*
    *softonic*
    *quickstore*
    *yontoo*
    *FunMood*
    *tarma*
    *asktool*
    *facebook*
    
    :regfind
    *conduit*
    *softonic*
    *quickstore*
    *yontoo*
    *FunMood*
    *tarma*
    *asktool*
    *facebook*
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.05.2013, 11:27   #36
-Ahnungslos-
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 11:03 on 26/05/2013 by Nils
Administrator - Elevation successful

========== filefind ==========

Searching for "*conduit*"
C:\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe	--a---- 73080 bytes	[10:14 28/07/2011]	[13:47 22/05/2012] 9A5E999C90861CE9B7906DBF429D4238
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_666138_661999_DE.xml	--a---- 191 bytes	[19:09 13/05/2013]	[19:09 13/05/2013] 5EA0386CB50DC481548CDE49F380D0AA
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_825452_821260_DE.xml	--a---- 157 bytes	[17:48 24/12/2011]	[17:48 24/12/2011] C0E111E3A89F50324FF125051ECD384D
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alert_services_conduit_com_Alerts_AlertServices_asmx_GetHostedFeedRss_alertID=825452&alertFeedId=821260.xml	--a---- 354 bytes	[19:26 11/05/2010]	[19:26 11/05/2010] 3F48E05AD438BBA497507F3D93C5DA1B
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_633780109207875000_png.png	--a---- 398 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] F0F10134BF30F97BCDE2CDF35BE4EFD8
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_634067677527028750_png.png	--a---- 1346 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 7C78444B802879E92DCE86DAF35C3824
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_634084057716610000_png.png	--a---- 793 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 9D873E96E36B03DBD52AB98853407AF6
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_634084059408641250_png.png	--a---- 1059 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] A227374511D48950EC48A6A15F4541BB
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_634084059786610000_png.png	--a---- 789 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 86D3043D6F316587C3720F2FBBCC6549
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_634084060140360000_png.png	--a---- 811 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] FDCCCE0F7C7AC770E7911A6B434E6733
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_634084060404266250_png.png	--a---- 728 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] A276D6E6345751686804933685E86F6E
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_634262976368243750_png.png	--a---- 969 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] B033FEB6EADD5D827AD96FA0F0215B73
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_634265435748037500_png.png	--a---- 1177 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 658B7FC9B84B15E731DDDD0E0AF2ABBD
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_634382053378175000_png.png	--a---- 1392 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 2FE53D7A2CC73DEB8A0753B136AF88DC
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_634382054836300000_png.png	--a---- 679 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] EB1B088EDD86F1B754A90947556A9115
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_50_226_CT2269050_Images_SearchActivationButton-go_but20_gif-General-633937242465431250_gif.gif	--a---- 320 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 34A3D0783A67DC6CC33A396A35C809BE
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png	--a---- 263 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 36BD416D16391EFAAAFB2C3C54EAE986
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_ClientImages_radio_gif.gif	--a---- 419 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 01B83C91554738F6AFFB7895BBBA73FB
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Clash_N_Slash_gif.gif	--a---- 586 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 5CEA9F1083981E0F3D35223F0D5610E8
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_FinalFortress_gif.gif	--a---- 589 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] C0098518021F9B797FE38A50C94D4587
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_PyramidRunner_gif.gif	--a---- 431 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] D1457BB4130E42B6A8734F0D6C36BDBE
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_SnowyBearsAdventures_gif.gif	--a---- 1064 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 1CAB9AED1E3A6D0AEF3A419DD0EEE137
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_SnowyTreasureHunter_gif.gif.tmp	--a---- 0 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] D41D8CD98F00B204E9800998ECF8427E
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif	--a---- 403 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] EC3C2B4E0DEC4D880BAFF88ABBF94188
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif	--a---- 414 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] A9E001CBC00B06B121DFBC80707F5298
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif	--a---- 278 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 15DEF39E438E807E2F0E22D44FDC7FB7
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif	--a---- 405 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 995595D4C685D659E8F03CD0A287EDDF
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif	--a---- 405 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] AA39D8A6B65E208901EBA9F3D4728D3E
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif	--a---- 361 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 464E244E7E2F27FB85E0C3AB69D72104
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif	--a---- 425 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 6427565C7105DC497287866100F260BB
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif	--a---- 381 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] AE7C9F67594A84B096D225601ACB0B2A
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif	--a---- 351 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] C3EBA0237D68F665AF6D663906221092
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif	--a---- 399 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 8BE02D510B4B2E05AD2611B1E9A0BD56
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_SearchEngines_ebay_search_gif.gif	--a---- 216 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 44A5718F3E1C5785F969C82B2C1D0904
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif	--a---- 405 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 66018EAE0906C9831A821CAE5D1089BB
C:\Users\AppData\LocalLow\DVDVideoSoftTB\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif	--a---- 371 bytes	[12:26 04/07/2011]	[12:26 04/07/2011] 84896837EDB1A78C14DB6A2F3A0AEE3A
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage	--a---- 3072 bytes	[09:40 29/09/2012]	[12:40 29/09/2012] 58E40A4004549A6C7AFB5A02798B6739
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage-journal	--a---- 3608 bytes	[09:40 29/09/2012]	[12:40 29/09/2012] 098327E1CD3C07A989EF4CDD4E5A1B74

Searching for "*softonic*"
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bus-simulator-2012-64.softonic.de_0.localstorage	--a---- 3072 bytes	[17:53 27/12/2012]	[17:53 27/12/2012] F353360D74D4532256CFF2BC1D810699
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bus-simulator-2012-64.softonic.de_0.localstorage-journal	--a---- 512 bytes	[17:53 27/12/2012]	[17:53 27/12/2012] BF619EAC0CDF3F68D496EA9344137E8B
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_euro-truck-simulator-2.softonic.de_0.localstorage	--a---- 3072 bytes	[12:24 30/11/2012]	[12:24 30/11/2012] F353360D74D4532256CFF2BC1D810699
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_euro-truck-simulator-2.softonic.de_0.localstorage-journal	--a---- 512 bytes	[12:24 30/11/2012]	[12:24 30/11/2012] BF619EAC0CDF3F68D496EA9344137E8B
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_euro-truck-simulator.softonic.de_0.localstorage	--a---- 3072 bytes	[14:56 22/11/2012]	[14:56 22/11/2012] F353360D74D4532256CFF2BC1D810699
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_euro-truck-simulator.softonic.de_0.localstorage-journal	--a---- 512 bytes	[14:56 22/11/2012]	[14:56 22/11/2012] BF619EAC0CDF3F68D496EA9344137E8B
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage	--a---- 3072 bytes	[19:13 08/02/2013]	[20:43 12/02/2013] 8BDE4B8B64C0BF67849E4F1B352C6EA5
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal	--a---- 3608 bytes	[19:13 08/02/2013]	[20:43 12/02/2013] B53F78F30F56DB1D545719BB8F086E20
C:\Users\Nils\Desktop\SoftonicToolbar.exe	--a---- 2473480 bytes	[21:03 01/04/2010]	[21:04 01/04/2010] 9FF28669025583938E82B87B10D6185A
C:\Users\Nils\Downloads\SoftonicDownloader64308.exe	--a---- 260432 bytes	[20:03 24/08/2010]	[20:03 24/08/2010] 629A831C1AA89E617DF5C65B4C72D9F1
C:\Users\Nils\Downloads\SoftonicDownloader64733.exe	--a---- 253240 bytes	[21:03 01/04/2010]	[21:03 01/04/2010] 387721C0F80F6CF2FDA322F1D22152A4
C:\Users\Nils\Downloads\SoftonicDownloader66221 (1).exe	--a---- 260416 bytes	[14:08 20/08/2010]	[14:08 20/08/2010] 93B6CC1814551B5A52B887B6DA8E2F9C
C:\Users\Nils\Downloads\SoftonicDownloader66221.exe	--a---- 260416 bytes	[17:00 17/06/2010]	[17:00 17/06/2010] 93B6CC1814551B5A52B887B6DA8E2F9C
C:\Users\Nils\Downloads\SoftonicDownloader_fuer_bus-simulator-2012 (1).exe	--a---- 384720 bytes	[17:49 08/02/2013]	[17:49 08/02/2013] 46494C588DC7151B666378F5415ED1F2
C:\Users\Nils\Downloads\SoftonicDownloader_fuer_bus-simulator-2012.exe	--a---- 373456 bytes	[16:37 27/12/2012]	[16:37 27/12/2012] B92E8BB4FBAAA83881961CD07BD86C45
C:\Users\Nils\Downloads\SoftonicDownloader_fuer_euro-truck-simulator-2.exe	--a---- 373464 bytes	[12:25 30/11/2012]	[12:26 30/11/2012] 40AD6FB2B6D31151ABBFE5661D8B91F9
C:\Users\Nils\Downloads\SoftonicDownloader_fuer_euro-truck-simulator.exe	--a---- 373456 bytes	[16:12 22/11/2012]	[16:12 22/11/2012] 0405BA414AB950F87DF3E69F57CDBC7B
C:\Users\Nils\Downloads\SoftonicDownloader_fuer_risk.exe	--a---- 291616 bytes	[23:46 05/10/2010]	[23:46 05/10/2010] 66468215C4D8B9E79BEA5E075C22FCDF

Searching for "*quickstore*"
No files found.

Searching for "*yontoo*"
No files found.

Searching for "*FunMood*"
No files found.

Searching for "*tarma*"
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac.common.ovl	--a---- 256 bytes	[14:09 30/12/2009]	[13:31 08/09/2004] 75CA79973883A2061F6711026BFB2739
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac.unique.ovl	--a---- 256 bytes	[14:09 30/12/2009]	[13:31 08/09/2004] 9B6BCEE0BCFF757C2E06894E36DEA489
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\TarmacTexture.common.ovl	--a---- 67591 bytes	[14:09 30/12/2009]	[13:31 08/09/2004] BA4A2D1BEB67771D78A7D8FEE6C2151C
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\TarmacTexture.unique.ovl	--a---- 393 bytes	[14:09 30/12/2009]	[13:31 08/09/2004] A5BCFEE5FF3B7C1E601F0EF25CB83AD6
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Corner_A.common.ovl	--a---- 14026 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 7267C9D3E2EFD6358C7C88D5E06EBCC3
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Corner_A.unique.ovl	--a---- 4342 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 7E87BD12777DF82EB1FA7A7D14EF45C0
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Corner_B.common.ovl	--a---- 17194 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 4191D8B0B46AA8A2A8AC96D358460A07
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Corner_B.unique.ovl	--a---- 4342 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] B8558745ACDECA0DD7DCDCAE1DCD6A59
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Corner_C.common.ovl	--a---- 17194 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 0E2FA5DD184C754BB8A2FD0A493B2DEA
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Corner_C.unique.ovl	--a---- 4342 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] A9EB28E01AFBAD817597FC293A488A1A
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Corner_D.common.ovl	--a---- 20346 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] E7BFE1CB871CE0F1DE19E755B06E5BEC
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Corner_D.unique.ovl	--a---- 4342 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 8FDD4505FFB3A7575A2F1215DB87BFB0
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Flat.common.ovl	--a---- 10255 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 3B5D8CFBDE00639055BE49C7DB85AD12
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Flat.unique.ovl	--a---- 3834 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 75B38B38837E75CE3D2D6DD0338109BC
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Scenery.common.ovl	--a---- 67591 bytes	[14:09 30/12/2009]	[13:31 08/09/2004] BA4A2D1BEB67771D78A7D8FEE6C2151C
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Scenery.unique.ovl	--a---- 393 bytes	[14:09 30/12/2009]	[13:31 08/09/2004] A5BCFEE5FF3B7C1E601F0EF25CB83AD6
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Slope.common.ovl	--a---- 23507 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 4277B4DB391ABB7402E7282402304441
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Slope.unique.ovl	--a---- 4261 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 550D6840E5AF49F284ED52050208458B
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Slope_Mid.common.ovl	--a---- 8084 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 1A212F14D9C2E8A6C05472D694C33393
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Slope_Mid.unique.ovl	--a---- 3959 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] C6945533D3330CB9F9751AB91399D783
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Slope_Straight.common.ovl	--a---- 15795 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] C83AEC916869FBB4CF933ADBC7D0E897
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Slope_Straight.unique.ovl	--a---- 4504 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] EF1EC7403BCE3C62725D5B7B6C24F42B
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Slope_Straight_left.common.ovl	--a---- 11982 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 43D21A6BFEF1B2E4FFEA59DF42DB1610
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Slope_Straight_left.unique.ovl	--a---- 4639 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 06E5DB132E55D892201A18529DD06B9A
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Slope_Straight_Right.common.ovl	--a---- 12019 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] C95A77EA1BCDD710616D5C105EFC5A79
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Slope_Straight_Right.unique.ovl	--a---- 4666 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 7D3240EB13FD6EA841C995D9F8FD951B
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Straight_A.common.ovl	--a---- 17530 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 70773B54B81E4C7F52D9F61EA50FC2F7
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Straight_A.unique.ovl	--a---- 4396 bytes	[14:09 30/12/2009]	[13:03 04/10/2004] 852BF8F445B2B0BC7A58B58E12B56199
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Straight_B.common.ovl	--a---- 13922 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] 9B4D1442874CE0A634964738E0A3CB90
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Straight_B.unique.ovl	--a---- 4396 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] A371DF46ECEA57BCC9A31D59C3277344
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Stub.common.ovl	--a---- 12788 bytes	[14:09 30/12/2009]	[09:58 28/09/2004] 2D65E121BD713C7CAC97007A37A9B0F6
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Stub.unique.ovl	--a---- 13291 bytes	[14:09 30/12/2009]	[09:58 28/09/2004] C42B4DD606C300C80361F8236159CFA0
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Texture.common.ovl	--a---- 176201 bytes	[14:09 30/12/2009]	[16:36 04/11/2004] 87BB6186D468BE9A13A78C44399B50EA
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Texture.unique.ovl	--a---- 1285 bytes	[14:09 30/12/2009]	[16:36 04/11/2004] 0773383D06B45FD134001CEA5752A13D
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_L_A.common.ovl	--a---- 22034 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] B4710A15D678C5A53D404A2EB9E2D880
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_L_A.unique.ovl	--a---- 4342 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] B74B9746EE1776FBC1E7D433514E7810
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_L_B.common.ovl	--a---- 18882 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] 5BEEB5E9320B22B9670B9398EC2D699B
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_L_B.unique.ovl	--a---- 4342 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] 36CBA084BD6B178DB450DFB64D99C931
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_T_A.common.ovl	--a---- 20130 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] 895A9CC1075FA8146A1F89A5070C645F
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_T_A.unique.ovl	--a---- 4342 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] B5FC18F78171914C85786307717E4E41
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_T_B.common.ovl	--a---- 16962 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] EEF8332307D747D42389744F77FEDF25
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_T_B.unique.ovl	--a---- 4342 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] C8EE11F881FA80E861A70D534358AAB3
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_T_C.common.ovl	--a---- 16962 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] C3BB867EFD40226099C50F3CA5B46CD7
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_T_C.unique.ovl	--a---- 4342 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] 40BF8B2ED776629E5A3786753FD72029
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_U.common.ovl	--a---- 23841 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] 23E90BDEC0CC0FFDBF7358CA94581418
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_U.unique.ovl	--a---- 4288 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] 31C38D91E33860367B1C18DA9C1431AF
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_X.common.ovl	--a---- 23385 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] 1DA7F6D91AE751B5020471E3865DFE5D
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac\Tarmac_Turn_X.unique.ovl	--a---- 4288 bytes	[14:09 30/12/2009]	[13:04 04/10/2004] 6FC8855F41B715D44246E6B02A6DF10A
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\PathTarmacTextures.common.ovl	--a---- 256 bytes	[14:09 30/12/2009]	[15:16 08/09/2004] 75CA79973883A2061F6711026BFB2739
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\PathTarmacTextures.unique.ovl	--a---- 289 bytes	[14:09 30/12/2009]	[15:16 08/09/2004] A552067A472A8D984F25DD8FE28540AF
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac1m.common.ovl	--a---- 6642 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] C1123C0EDC1B59ADEDA59863BE5FFF30
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac1m.unique.ovl	--a---- 2551 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] D653459A8330B5A576D4A37F1F2B633C
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac1mbot.common.ovl	--a---- 6721 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] 5A1D5A519F3DC377C746A725C903EEF8
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac1mbot.unique.ovl	--a---- 2602 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] 2A7B031CA09487BB70974846C89D282A
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac1mbotextra.common.ovl	--a---- 6847 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] 062B31B393870B9BDF32B5640DA9F361
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac1mbotextra.unique.ovl	--a---- 2687 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] 0BA2A499B77F03E80C7D9C29566FAB02
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac2m.common.ovl	--a---- 6642 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] E7455CDAA47AD7424B62226A4597F991
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac2m.unique.ovl	--a---- 2551 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] BCD50182207DBD9E22AB623E6FEAC47A
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac4m.common.ovl	--a---- 6642 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] 1D7BF75016243A5C154BBE4056B7D4AA
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac4m.unique.ovl	--a---- 2551 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] 3DC6DE5F52CC8F1025719B59C9EDFFB3
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac8m.common.ovl	--a---- 6642 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] 5E8686E1374AE0F753FF4BFB77E3DAE5
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac\Tarmac8m.unique.ovl	--a---- 2551 bytes	[14:09 30/12/2009]	[13:05 04/10/2004] 1007B6ADD2117F24FDF718549D6B756D

Searching for "*asktool*"
No files found.

Searching for "*facebook*"
C:\Autodesk\WI\AutoCAD 2013\x64\de-DE\acad\Acad\Program Files\Root\Support\de-DE\WelcomeScreen\images\facebook.png	--a---- 61024 bytes	[08:44 10/01/2012]	[08:44 10/01/2012] 54BA58A68E90B215285F157C170B812C
C:\Program Files\Autodesk\AutoCAD 2013\Support\de-de\WelcomeScreen\images\facebook.png	--a---- 61024 bytes	[08:44 10/01/2012]	[08:44 10/01/2012] 54BA58A68E90B215285F157C170B812C
C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_facebook.png	--a---- 1326 bytes	[11:17 02/12/2012]	[09:29 21/09/2012] C963A5A5504E3B3D0AE8CD41D6F1B1C4
C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\images\icon_facebook_hover.png	--a---- 1325 bytes	[11:17 02/12/2012]	[09:29 21/09/2012] 00B63E2218AB7152CA9892CFBC8F1B6D
C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\Gallery\SocialNetworking\Applets\Facebook\Facebook.dll	--a---- 916824 bytes	[20:48 01/03/2011]	[20:48 01/03/2011] C7A9B404637BDFF28FB00C4E9AA811AA
C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\Gallery\SocialNetworking\Applets\Facebook\Facebook_core.dll	--a---- 424280 bytes	[20:48 01/03/2011]	[20:48 01/03/2011] 1B6A7372B8CA7BCAD40F3937AFB9DA6E
C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Metadata\Facebook.png	--a---- 666 bytes	[20:39 01/03/2011]	[20:39 01/03/2011] 7C5B068DE150D8BFDF6100A843C0F5F0
C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Metadata\Facebook.xml	--a---- 2236 bytes	[20:39 01/03/2011]	[20:39 01/03/2011] 560A7F0571AFBE5FF96F12E171984C11
C:\Program Files (x86)\ICQ7.5\MFacebook.dll	--a---- 147968 bytes	[12:25 04/07/2011]	[08:28 01/08/2011] 37618A15CD591F82CAFF86CF95DAB4FE
C:\Program Files (x86)\ICQ7.5\MFacebook.dll.csmanifest	--a---- 737 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] E133CBBD45E748199BF7BFD9361BC68B
C:\Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\lifestream\facebook.png	--a---- 1096 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 9EFC91680C8CEB7362F9BF168CF114C4
C:\Program Files (x86)\ICQ7.5\packages\Facebook\content\FacebookCurtains.box	--a---- 2748 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 65A4245157B742B1E902D9E3477D19D9
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\ar-SA\FacebookService.dtd	--a---- 2590 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 4DA48182BC431A29E7433634C929C480
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\be-BY\FacebookService.dtd	--a---- 2761 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] C7766C06110BA689F5116095AC31842A
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\bg-BG\FacebookService.dtd	--a---- 2789 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] FB2A22695E89DE3882C5D267B2E2FE9C
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\cs-CZ\FacebookService.dtd	--a---- 2365 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 72B5AB6602A90709FA0815D71054AA20
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\de-DE\FacebookService.dtd	--a---- 2276 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 66E81B3771B5B026A25B474B85930B21
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\en-US\FacebookService.dtd	--a---- 2088 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] F81D26A9107CA2A5130AE5980D573024
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\es-ES\FacebookService.dtd	--a---- 2278 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 6AA0D54EF77C69BE7BDB56ABB9D079EF
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\fr-FR\FacebookService.dtd	--a---- 2424 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 6A768489C7E5BB73AF03F098CF20D635
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\he-IL\FacebookService.dtd	--a---- 2545 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 8A5C3E6380F5AAA810D69E00880D1F35
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\it-IT\FacebookService.dtd	--a---- 2319 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] C519696EB45EEC0CB93AFA3B186EEDC5
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\pt-BR\FacebookService.dtd	--a---- 2342 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 72E859140CF402F1D1EFC19F496ADACF
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\ru-RU\FacebookService.dtd	--a---- 2711 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] C6782D82D6A316D842687822DE35628A
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\sk-SK\FacebookService.dtd	--a---- 2398 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] B693714362FE7C85E08024636EB14CAF
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\tr-TR\FacebookService.dtd	--a---- 2358 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] DEEEB3BAD072DE68551B8E18B1295706
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\uk-UA\FacebookService.dtd	--a---- 2788 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 177891135FA10673E92FBFCCAD61A029
C:\Program Files (x86)\ICQ7.5\packages\Facebook\resources\zh-CN\FacebookService.dtd	--a---- 2163 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 4C3C669F7A284434A85BEC0FFCC18997
C:\Program Files (x86)\ICQ7.5\packages\Facebook\theme\facebook.styles.box	--a---- 2218 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] E1CE93B56E72D6A8DF6673F47F6F77C7
C:\Program Files (x86)\ICQ7.5\packages\Facebook\theme\FacebookCurtains.style.box	--a---- 3515 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 606920E9D223DED93F3AA716D93C6CC8
C:\Program Files (x86)\ICQ7.5\packages\Facebook\theme\images\facebook-status.png	--a---- 1319 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 5240B57DB9891DE5E712A3ABD812B20F
C:\Program Files (x86)\ICQ7.5\Xtraz\icq\theme\icq_ls_me\network_Facebook.png	--a---- 1096 bytes	[12:25 04/07/2011]	[12:25 04/07/2011] 9EFC91680C8CEB7362F9BF168CF114C4
C:\Program Files (x86)\ICQ7.5\Xtraz\icq\theme\ls_tab\network_Facebook.png	--a---- 1096 bytes	[12:25 04/07/2011]	[13:59 16/08/2011] 9EFC91680C8CEB7362F9BF168CF114C4
C:\Program Files (x86)\McAfee\SiteAdvisor\Scripts\facebook.js	--a---- 1598 bytes	[20:35 08/05/2013]	[20:35 08/05/2013] EE7F25DB38034E7E1A2B7D9B138E89B9
C:\Program Files (x86)\McAfee\SiteAdvisor\Scripts\ss_facebook_off.gif	--a---- 3241 bytes	[21:18 22/12/2012]	[14:40 23/08/2010] B75FCA5920A36687A965963E8FE86077
C:\Program Files (x86)\McAfee\SiteAdvisor\Scripts\ss_facebook_on.gif	--a---- 3235 bytes	[21:18 22/12/2012]	[14:40 23/08/2010] D823D19C1E8604B0106D07EDCDBB4586
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\chat\7.2.233\images\facebookConnect.png	--a---- 1916 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 452271E8A2493CD5C17589074150E560
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\chat\7.2.233\providers\facebook.json	--a---- 524 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 8189F3DEF291941272E52884C9EDA7A4
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\facebook.html	--a---- 20335 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 6AACFB5A09CA644E741646FA20CCD8D6
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\css\facebook.css	--a---- 14983 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 1545192DBAF3C131674E5053A1F59139
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook.png	--a---- 442 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 60C6F59B5C152D724033F05CC577D06E
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebookConnect.png	--a---- 1916 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 452271E8A2493CD5C17589074150E560
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebooklogo.gif	--a---- 22916 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 0D26288AD70FC95AABE7C2955DDCD0E9
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_100.png	--a---- 442 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 60C6F59B5C152D724033F05CC577D06E
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\Facebook_125.png	--a---- 456 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] C452A72289333B519BD24F9F75E6D371
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\Facebook_150.png	--a---- 478 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 4ECF39D11BF7FF1672B66D3482A34C2B
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_comments_newsfeed.png	--a---- 471 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] D8EC2381A85AEA00DDA8C5B657F6895E
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_friend_request.png	--a---- 1266 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] DEB9363AE904AA061BEC0E391DB3EF0E
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_like_newsfeed.png	--a---- 261 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] A34997027AB33EB6EAF2A2059E2BB409
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_messages.png	--a---- 1147 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] A0883D733EC912376486D3800ADDFD6B
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_notifications.png	--a---- 1371 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 51CC882EC40DFF202190CB2B4293D385
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_photos_notifications.png	--a---- 555 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 052D623B9C18BC8BCBAC5191F1BED57C
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_play.png	--a---- 254 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 795ACFBC7A9661D87238BC51715F37EE
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\Facebook_sharesite.png	--a---- 456 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] E18975395793BD24E1245C9A8203FD5D
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_share_beak.png	--a---- 219 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] ED1BE44692E2765CADF478230EA06ABE
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_signin_100.png	--a---- 581 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] CE6CECE9C7D032299674F619097ABBB6
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_signin_125.png	--a---- 668 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 9E9EC98F61334F24203519D7FAD47A89
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_signin_150.png	--a---- 738 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] CF41E1FA3D59ED8F9994241541913780
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\Facebook_status.png	--a---- 340 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 1AD8C343F1F22B227A2BB507E262F389
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\facebook_to.png	--a---- 185 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 250D5270C5B125A13A1E112AF42D2711
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\Facebook_Upsell_01.png	--a---- 3050 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] FDC6EE7D2C3B2685B2F933204AC8F607
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\Facebook_Upsell_02.png	--a---- 3106 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] BE71B1977A478F392C2AFC6C4FBCC901
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\Facebook_Upsell_03.png	--a---- 4864 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 952BFA438D88D9EE4A199B395B11CD52
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\images\Notifications_Facebook.png	--a---- 436 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 44AC3CDD0DE9433456ABB9E6A09C8577
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\js\facebook.js	--a---- 64342 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] BEC833114151B41AADA78B827108FA4D
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\js\facebookFeed.js	--a---- 100273 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 40976CF7F8DC70DFCE351E8A59240556
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\js\facebookFriendRequestsPanel.js	--a---- 12154 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 18543FD0ADB85853C2A903EF21F4871B
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\js\facebookInstrumentation.js	--a---- 8450 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] E0362569F23674BDAFED31F8BB9B886E
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\js\facebookMessagesPanel.js	--a---- 10994 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] E82A7A17AC53CC8F2A08E98C75ECB0C3
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\js\facebookNotificationsPanel.js	--a---- 9922 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 5EE524501FFBFA95F3EB369F5E0CA307
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\js\facebookPhotoPanel.js	--a---- 18558 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 48D8E9B048102E10145B42BD184E9283
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\js\facebookUtil.js	--a---- 12932 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 421F2B3A2CCC111F5993CD941BA3826C
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\service\facebookFeatureEducationService.js	--a---- 8756 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 8DFDFA438832BF03765B2A1471209B61
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\service\facebookMessage.js	--a---- 208 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] A0F45F51126C9627C9FB97BCB8516F9B
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\service\facebookPhotoService.js	--a---- 13750 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 7EEF6F24B9A2A4464CFC2DCDF5D2DA3A
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook\7.2.233\service\facebookService.js	--a---- 94451 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 7084569063768FDD47C65A5B71DEAA39
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebooklike\7.2.233\facebooklike.html	--a---- 5794 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] C0675651FB59C5186056D67F410EB6C1
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebooklike\7.2.233\css\facebooklike.css	--a---- 4401 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 41857700D9592680EB6BF1E30102D334
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebooklike\7.2.233\images\facebookConnect.png	--a---- 1916 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 452271E8A2493CD5C17589074150E560
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebooklike\7.2.233\js\facebooklike.js	--a---- 48469 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 4EC71F2445A9556643091DD4A35E59EB
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebooklike\7.2.233\js\facebooklikeinstrumentation.js	--a---- 8059 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 944DB07E0340D39D314E37442E1BA647
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebooklike\7.2.233\js\facebooklikeservice.js	--a---- 38278 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 5B1F40F92F39DA901FC8F57FF6ED8E8B
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\fbsharedservices\7.2.233\js\facebookflightsettings.json	--a---- 59 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] AFCB2E6B6815246C1881448973859791
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\msn\7.2.233\images\02_FacebookIcon_12x12.gif	--a---- 1181 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] AA3D802CC1A962B307FE04560FBEE7DA
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\msn\7.2.233\images\facebook.png	--a---- 442 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 60C6F59B5C152D724033F05CC577D06E
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\news\7.2.233\images\02_FacebookIcon_12x12.gif	--a---- 1181 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] AA3D802CC1A962B307FE04560FBEE7DA
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\news\7.2.233\images\facebook.png	--a---- 442 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] 60C6F59B5C152D724033F05CC577D06E
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\search\7.2.233\js\facebookghosting.js	--a---- 10263 bytes	[21:30 21/03/2013]	[21:30 21/03/2013] E1710135E97C52FA43E519EB02FDB867
C:\Program Files (x86)\Trillian\languages\en\facebook.xml	--a---- 21174 bytes	[22:00 20/05/2010]	[22:00 20/05/2010] 7C8226157D329461CA4D0130C683559A
C:\Program Files (x86)\Trillian\plugins\facebook.dll	--a---- 937848 bytes	[22:00 20/05/2010]	[22:00 20/05/2010] 34395446B045756BC39EBE8FE34AAA9A
C:\Program Files (x86)\Trillian\stixe\icons\Default-Services\FACEBOOK\Facebook.ico	--a---- 22486 bytes	[22:00 20/05/2010]	[22:00 20/05/2010] DB30FCE32C29CB7837014B2FA2EC8D1F
C:\ProgramData\Skype\Apps\login\images\facebook.png	--a---- 308 bytes	[11:39 18/06/2012]	[11:39 18/06/2012] 212CC1D22A178AC1B21E0A80FFD6E067
C:\ProgramData\Skype\Apps(24)\login\images\retina\facebook@2x.png	--a---- 427 bytes	[09:31 23/01/2013]	[09:31 23/01/2013] 41EB9FD70A2A30214EA61970090EEEF0
C:\Qoobox\Quarantine\C\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook.vbs.vir	--a---- 6796 bytes	[05:42 07/05/2013]	[10:55 23/02/2013] 944FC5E789EE1F1FF037B934DD725815
C:\Users\All Users\Skype\Apps\login\images\facebook.png	--a---- 308 bytes	[11:39 18/06/2012]	[11:39 18/06/2012] 212CC1D22A178AC1B21E0A80FFD6E067
C:\Users\All Users\Skype\Apps(24)\login\images\retina\facebook@2x.png	--a---- 427 bytes	[09:31 23/01/2013]	[09:31 23/01/2013] 41EB9FD70A2A30214EA61970090EEEF0
C:\Users\Nils\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe	--a---- 138096 bytes	[09:22 12/07/2012]	[09:22 12/07/2012] 9EB925EDC8CF1C3D06E50E9348B54A0A
C:\Users\Nils\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe	--a---- 138096 bytes	[09:22 12/07/2012]	[09:22 12/07/2012] 9EB925EDC8CF1C3D06E50E9348B54A0A
C:\Users\Nils\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi	--a---- 45056 bytes	[09:22 12/07/2012]	[09:22 12/07/2012] 579FF5AF5C46242257C56E4D995C4865
C:\Users\Nils\AppData\Local\Facebook\Video\Common\FacebookVideoCalling	--a---- 210 bytes	[21:08 07/07/2011]	[21:09 07/07/2011] 6683A7650163349E280AEE278C3720BA
C:\Users\Nils\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe	--a---- 3933584 bytes	[22:43 11/10/2012]	[22:43 11/10/2012] 7CDC2CC95CF83B07CA26E46D971115B9
C:\Users\Nils\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll	--a---- 1075600 bytes	[22:43 11/10/2012]	[22:43 11/10/2012] 0B31B0F8FA99CFD009C8FBEA9E20C9DE
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_s-static.ak.facebook.com_0.localstorage	--a---- 6144 bytes	[12:38 29/09/2012]	[19:33 24/10/2012] 911DD03DAAAB0147D50E9C32C5384FD9
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_s-static.ak.facebook.com_0.localstorage-journal	--a---- 3608 bytes	[12:38 29/09/2012]	[19:33 24/10/2012] 98D39262898879E282C0EEA5F7DF918D
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage	--a---- 3072 bytes	[13:29 04/03/2012]	[15:45 25/05/2013] ACBDAABAD73ADB3A09CDDC3DCB2E7718
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal	--a---- 3608 bytes	[11:34 02/10/2012]	[15:45 25/05/2013] 7896008E485193930601132C2A322CC3
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_apps.facebook.com_0.localstorage	--a---- 3072 bytes	[14:52 04/08/2011]	[14:52 04/08/2011] 9E1B7F1D9B7891F255F5CBDBEA2FCCAA
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_m.facebook.com_0.localstorage	--a---- 521216 bytes	[19:33 24/10/2012]	[13:18 10/03/2013] F0459522DAF549D4662BE1E3BAFC4903
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_m.facebook.com_0.localstorage-journal	--a---- 16384 bytes	[19:33 24/10/2012]	[13:18 10/03/2013] 14AB75DBE5AC7B4F52C147F0E7EA1217
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ak.facebook.com_0.localstorage	--a---- 3072 bytes	[12:38 29/09/2012]	[12:38 29/09/2012] CF25A21EB376123BC4261D8F62516AB7
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ak.facebook.com_0.localstorage-journal	--a---- 3608 bytes	[12:38 29/09/2012]	[12:38 29/09/2012] DE1D0754BFB84372E2023A91A2F4AB0D
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.facebook.com_0.localstorage	--a---- 6144 bytes	[16:18 27/07/2011]	[15:55 25/04/2013] 64BEAAB9CD64B359D19C923C668C026D
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.facebook.com_0.localstorage-journal	--a---- 4640 bytes	[11:49 29/09/2012]	[15:55 25/04/2013] 96156E4F540121C5607D9A73E8FB0463
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.0.857\facebooklike.html	--a---- 5411 bytes	[14:49 20/01/2012]	[16:21 13/10/2011] 6315A9A8C822CB6E732E9F3B00196884
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.0.857\css\facebooklike.css	--a---- 3886 bytes	[14:49 20/01/2012]	[16:21 13/10/2011] 79EF85590EF6D738CF876EF67E7DC116
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.0.857\images\facebookConnect.png	--a---- 1916 bytes	[14:49 20/01/2012]	[16:21 13/10/2011] 452271E8A2493CD5C17589074150E560
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.0.857\js\facebooklike.js	--a---- 42899 bytes	[14:49 20/01/2012]	[16:21 13/10/2011] E4FA2ED5CFA57D08F83B5172FB2C38E7
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.0.857\js\facebooklikeinstrumentation.js	--a---- 7778 bytes	[14:49 20/01/2012]	[16:21 13/10/2011] DE357D6594D8224323464709CAD2C6EA
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.0.857\js\facebooklikeservice.js	--a---- 32250 bytes	[14:49 20/01/2012]	[16:21 13/10/2011] 7E963BCC027FC27B93315122D78753C0
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\facebook.html	--a---- 20129 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 5F1A298A1B72B0944CC446F3F5B2695F
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\css\facebook.css	--a---- 14739 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 4BBC684394C145CAC73D91681620AF93
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook.png	--a---- 442 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 60C6F59B5C152D724033F05CC577D06E
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebookConnect.png	--a---- 1916 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 452271E8A2493CD5C17589074150E560
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebooklogo.gif	--a---- 22916 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 0D26288AD70FC95AABE7C2955DDCD0E9
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_100.png	--a---- 442 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 60C6F59B5C152D724033F05CC577D06E
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\Facebook_125.png	--a---- 456 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] C452A72289333B519BD24F9F75E6D371
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\Facebook_150.png	--a---- 478 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 4ECF39D11BF7FF1672B66D3482A34C2B
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_comments_newsfeed.png	--a---- 471 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] D8EC2381A85AEA00DDA8C5B657F6895E
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_friend_request.png	--a---- 1266 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] DEB9363AE904AA061BEC0E391DB3EF0E
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_like_newsfeed.png	--a---- 261 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] A34997027AB33EB6EAF2A2059E2BB409
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_messages.png	--a---- 1147 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] A0883D733EC912376486D3800ADDFD6B
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_notifications.png	--a---- 1371 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 51CC882EC40DFF202190CB2B4293D385
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_photos_notifications.png	--a---- 555 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 052D623B9C18BC8BCBAC5191F1BED57C
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_play.png	--a---- 254 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 795ACFBC7A9661D87238BC51715F37EE
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\Facebook_sharesite.png	--a---- 456 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] E18975395793BD24E1245C9A8203FD5D
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_share_beak.png	--a---- 219 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] ED1BE44692E2765CADF478230EA06ABE
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_signin_100.png	--a---- 581 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] CE6CECE9C7D032299674F619097ABBB6
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_signin_125.png	--a---- 668 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 9E9EC98F61334F24203519D7FAD47A89
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_signin_150.png	--a---- 738 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] CF41E1FA3D59ED8F9994241541913780
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\Facebook_status.png	--a---- 340 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 1AD8C343F1F22B227A2BB507E262F389
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\facebook_to.png	--a---- 185 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 250D5270C5B125A13A1E112AF42D2711
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\Facebook_Upsell_01.png	--a---- 3050 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] FDC6EE7D2C3B2685B2F933204AC8F607
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\Facebook_Upsell_02.png	--a---- 3106 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] BE71B1977A478F392C2AFC6C4FBCC901
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\Facebook_Upsell_03.png	--a---- 4864 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 952BFA438D88D9EE4A199B395B11CD52
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.861\images\Notifications_Facebook.png	--a---- 436 bytes	[23:25 02/03/2012]	[15:21 13/10/2011] 44AC3CDD0DE9433456ABB9E6A09C8577
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\facebook.html	--a---- 20129 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 5F1A298A1B72B0944CC446F3F5B2695F
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\css\facebook.css	--a---- 14739 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 4BBC684394C145CAC73D91681620AF93
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook.png	--a---- 442 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 60C6F59B5C152D724033F05CC577D06E
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebookConnect.png	--a---- 1916 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 452271E8A2493CD5C17589074150E560
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebooklogo.gif	--a---- 22916 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 0D26288AD70FC95AABE7C2955DDCD0E9
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_100.png	--a---- 442 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 60C6F59B5C152D724033F05CC577D06E
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\Facebook_125.png	--a---- 456 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] C452A72289333B519BD24F9F75E6D371
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\Facebook_150.png	--a---- 478 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 4ECF39D11BF7FF1672B66D3482A34C2B
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_comments_newsfeed.png	--a---- 471 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] D8EC2381A85AEA00DDA8C5B657F6895E
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_friend_request.png	--a---- 1266 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] DEB9363AE904AA061BEC0E391DB3EF0E
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_like_newsfeed.png	--a---- 261 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] A34997027AB33EB6EAF2A2059E2BB409
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_messages.png	--a---- 1147 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] A0883D733EC912376486D3800ADDFD6B
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_notifications.png	--a---- 1371 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 51CC882EC40DFF202190CB2B4293D385
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_photos_notifications.png	--a---- 555 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 052D623B9C18BC8BCBAC5191F1BED57C
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_play.png	--a---- 254 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 795ACFBC7A9661D87238BC51715F37EE
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\Facebook_sharesite.png	--a---- 456 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] E18975395793BD24E1245C9A8203FD5D
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_share_beak.png	--a---- 219 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] ED1BE44692E2765CADF478230EA06ABE
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_signin_100.png	--a---- 581 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] CE6CECE9C7D032299674F619097ABBB6
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_signin_125.png	--a---- 668 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 9E9EC98F61334F24203519D7FAD47A89
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_signin_150.png	--a---- 738 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] CF41E1FA3D59ED8F9994241541913780
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\Facebook_status.png	--a---- 340 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 1AD8C343F1F22B227A2BB507E262F389
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\facebook_to.png	--a---- 185 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 250D5270C5B125A13A1E112AF42D2711
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\Facebook_Upsell_01.png	--a---- 3050 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] FDC6EE7D2C3B2685B2F933204AC8F607
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\Facebook_Upsell_02.png	--a---- 3106 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] BE71B1977A478F392C2AFC6C4FBCC901
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\Facebook_Upsell_03.png	--a---- 4864 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 952BFA438D88D9EE4A199B395B11CD52
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\images\Notifications_Facebook.png	--a---- 436 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 44AC3CDD0DE9433456ABB9E6A09C8577
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\js\facebook.js	--a---- 53252 bytes	[16:17 17/02/2013]	[10:21 01/11/2011] 5E706AB590AACC1AAFAC7FAD4048624C
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\js\facebookFeed.js	--a---- 97099 bytes	[16:17 17/02/2013]	[10:21 01/11/2011] 8109222BE8064E4E2542F4E743E19ED1
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\js\facebookFriendRequestsPanel.js	--a---- 10408 bytes	[16:17 17/02/2013]	[10:21 01/11/2011] 22993CF5B8E29FD69DF2AA10854A0DC2
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\js\facebookInstrumentation.js	--a---- 8292 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] D83A322317C7333475605A4B795520FB
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\js\facebookMessagesPanel.js	--a---- 10109 bytes	[16:17 17/02/2013]	[10:21 01/11/2011] FDF57BDB2AF9B31E375570CAE489B922
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\js\facebookNotificationsPanel.js	--a---- 9470 bytes	[16:17 17/02/2013]	[10:21 01/11/2011] 880CDEF2195116836128EC5ECAE07B85
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\js\facebookPhotoPanel.js	--a---- 16786 bytes	[16:17 17/02/2013]	[11:23 11/10/2012] ED8B093C10E26E58BEB81472D6895F9D
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\js\facebookUtil.js	--a---- 12540 bytes	[16:17 17/02/2013]	[08:44 21/10/2011] F55DCFACC71A447ACC287E9DE37978B7
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\service\facebookFeatureEducationService.js	--a---- 8214 bytes	[16:17 17/02/2013]	[10:12 13/07/2011] 0F706CB61604D60B0E5516A30AAEA5A8
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\service\facebookPhotoService.js	--a---- 13160 bytes	[16:17 17/02/2013]	[11:05 12/10/2012] 27BB77C1120877460BE0B27C0E72799C
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.0.865\service\facebookService.js	--a---- 84948 bytes	[16:17 17/02/2013]	[11:23 11/10/2012] 7E7957ADC607D4179B3F928B85657D25
C:\Users\Nils\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T03CR8EK\facebook-errors[1].htm	--a---- 522 bytes	[07:35 24/05/2013]	[07:35 24/05/2013] B2CF950F4DD14983C46B9FDFB6EA8CD5
C:\Users\Nils\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TLTVWAQ0\facebook-errors[1].htm	--a---- 522 bytes	[14:04 25/05/2013]	[14:04 25/05/2013] B2CF950F4DD14983C46B9FDFB6EA8CD5
C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Recent\Facebook.vbs.lnk	--a---- 303 bytes	[19:41 21/05/2013]	[19:41 21/05/2013] 8D45FBDB043799C8BE183A2A2FABCF4F
C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Recent\facebook_ringtone_pop.m4a.lnk	--a---- 654 bytes	[20:44 30/11/2011]	[20:44 30/11/2011] D281C493E3CBAFBF1A2FD47E8C9EDA28
C:\Users\Nils\AppData\Roaming\Trillian\languages\de\facebook.xml	--a---- 22241 bytes	[08:12 25/05/2010]	[08:12 25/05/2010] 814A5F711E7C1BA787727589B356FFF7
C:\Users\Nils\Downloads\FacebookVideoCallSetup_v1.2.199.0.exe	--a---- 494032 bytes	[21:06 07/07/2011]	[21:06 07/07/2011] A9CD229E2314D1835E04A31F9CE15727
C:\Windows\Prefetch\FACEBOOKUPDATE.EXE-0B839E37.pf	--a---- 48184 bytes	[03:53 27/09/2011]	[06:27 24/05/2013] C25F617C01BC09914ED6AB61ED8EB3BC
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000Core	--a---- 3740 bytes	[21:07 07/07/2011]	[09:22 12/07/2012] CF1123B9F3983CB1FBF083EC36E1E037
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000UA	--a---- 4108 bytes	[21:07 07/07/2011]	[09:22 12/07/2012] 61C4271AC66937603E888CA6CAF45450
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000Core.job	--a---- 1112 bytes	[21:07 07/07/2011]	[13:16 24/05/2013] 8AE8BF429100E5A1F261AA7C727B40BF
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000UA.job	--a---- 1134 bytes	[21:07 07/07/2011]	[08:50 26/05/2013] BEECB75EEAC3AFEAF1805747DF764F3B
C:\_OTL\MovedFiles\05242013_092111\C_Users\Nils\AppData\Local\Facebook\Update\FacebookUpdate.exe	--a---- 138096 bytes	[21:07 07/07/2011]	[09:22 12/07/2012] 9EB925EDC8CF1C3D06E50E9348B54A0A
C:\_OTL\MovedFiles\05242013_092111\C_Users\Nils\AppData\Local\Temp\Facebook.vbs	--ah--- 6796 bytes	[05:42 07/05/2013]	[10:55 23/02/2013] (Unable to calculate MD5)
C:\_OTL\MovedFiles\05242013_092111\C_Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook.vbs	--ah--- 6796 bytes	[05:42 07/05/2013]	[10:55 23/02/2013] (Unable to calculate MD5)

========== folderfind ==========

Searching for "*conduit*"
C:\Users\AppData\LocalLow\Conduit	d------	[21:05 01/04/2010]
C:\Users\AppData\LocalLow\DVDVideoSoftTB\Repository\conduit_CT2269050_CT2269050	d------	[12:26 04/07/2011]

Searching for "*softonic*"
No folders found.

Searching for "*quickstore*"
No folders found.

Searching for "*yontoo*"
No folders found.

Searching for "*FunMood*"
No folders found.

Searching for "*tarma*"
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Path\Tarmac	d------	[14:09 30/12/2009]
C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\Supports\PathTarmac	d------	[14:09 30/12/2009]

Searching for "*asktool*"
No folders found.

Searching for "*facebook*"
C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\Gallery\SocialNetworking\Applets\Facebook	d------	[18:08 15/12/2012]
C:\Program Files (x86)\ICQ7.5\packages\Facebook	d------	[12:25 04/07/2011]
C:\Program Files (x86)\ICQ7.5\Xtraz\icq\content\facebook_token_service	d------	[15:07 04/07/2012]
C:\Program Files (x86)\ICQ7.5\Xtraz\icq\theme\facebookRenewToken	d------	[18:44 04/07/2012]
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebook	d------	[09:25 19/05/2013]
C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\apps\facebooklike	d------	[09:25 19/05/2013]
C:\Program Files (x86)\Trillian\stixe\icons\Default-Services\FACEBOOK	d------	[17:03 22/06/2010]
C:\Users\Nils\AppData\Local\Facebook	d------	[21:06 07/07/2011]
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4	d------	[14:48 20/01/2012]
C:\Users\Nils\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec	d------	[14:47 20/01/2012]
C:\_OTL\MovedFiles\05242013_092111\C_Users\Nils\AppData\Local\Facebook	d------	[07:21 24/05/2013]

========== regfind ==========

Searching for "*conduit*"
No data found.

Searching for "*softonic*"
No data found.

Searching for "*quickstore*"
No data found.

Searching for "*yontoo*"
No data found.

Searching for "*FunMood*"
No data found.

Searching for "*tarma*"
No data found.

Searching for "*asktool*"
No data found.

Searching for "*facebook*"
No data found.

-= EOF =-
         
Zur Info: Mein avast! hat 4 mal "facebook.vbs" gefunden bzw. ist angeschlagen und hat diese in den Virencontainer verschoben.

Alt 26.05.2013, 19:20   #37
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



facebook.vbs ist wie ich das sehe nicht mehr aktiv, da ist wenn überhaupt nur noch ein verwaister Autostart-Eintrag

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
:OTL
FF - user.js - File not found
:Reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook.vbs"=-
:Files
c:\users\Nils\AppData\Local\Temp\Facebook.vbs
C:\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe
C:\Users\AppData\LocalLow\Conduit
C:\Users\Nils\Desktop\SoftonicToolbar.exe
C:\Users\Nils\Downloads\Softonic*
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.05.2013, 22:29   #38
-Ahnungslos-
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Code:
ATTFilter
All processes killed
========== OTL ==========
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Facebook.vbs deleted successfully.
========== FILES ==========
File\Folder c:\users\Nils\AppData\Local\Temp\Facebook.vbs not found.
C:\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Log folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Dialogs folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts folder moved successfully.
C:\Users\AppData\LocalLow\Conduit folder moved successfully.
C:\Users\Nils\Desktop\SoftonicToolbar.exe moved successfully.
C:\Users\Nils\Downloads\SoftonicDownloader64308.exe moved successfully.
C:\Users\Nils\Downloads\SoftonicDownloader64733.exe moved successfully.
C:\Users\Nils\Downloads\SoftonicDownloader66221 (1).exe moved successfully.
C:\Users\Nils\Downloads\SoftonicDownloader66221.exe moved successfully.
C:\Users\Nils\Downloads\SoftonicDownloader_fuer_bus-simulator-2012 (1).exe moved successfully.
C:\Users\Nils\Downloads\SoftonicDownloader_fuer_bus-simulator-2012.exe moved successfully.
C:\Users\Nils\Downloads\SoftonicDownloader_fuer_euro-truck-simulator-2.exe moved successfully.
C:\Users\Nils\Downloads\SoftonicDownloader_fuer_euro-truck-simulator.exe moved successfully.
C:\Users\Nils\Downloads\SoftonicDownloader_fuer_risk.exe moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
c:\Users\Nils\Downloads\cmd.bat deleted successfully.
c:\Users\Nils\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
->Temp folder emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Nils
->Temp folder emptied: 2202413 bytes
->Temporary Internet Files folder emptied: 5283126 bytes
->Java cache emptied: 809926 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 360530193 bytes
->Flash cache emptied: 726 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: TEMP
->Temp folder emptied: 0 bytes
 
User: TEMP.Nils-PC
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6936 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 352,00 mb
 
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 05262013_220512

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         

Alt 26.05.2013, 23:11   #39
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.05.2013, 18:34   #40
-Ahnungslos-
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Code:
ATTFilter
OTL logfile created on: 27.05.2013 18:19:35 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = c:\Users\Nils\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,03% Memory free
8,18 Gb Paging File | 4,80 Gb Available in Paging File | 58,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,39 Gb Total Space | 245,36 Gb Free Space | 53,88% Space Free | Partition Type: NTFS
Drive D: | 456,12 Gb Total Space | 452,82 Gb Free Space | 99,28% Space Free | Partition Type: NTFS
Drive H: | 554,86 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: NILS-PC | User Name: Nils | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - c:\Users\Nils\Downloads\OTL.exe (OldTimer Tools)
PRC - c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\SeaPort.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BBSvc.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Users\Nils\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\LU\LogitechUpdate.exe (Logitech, Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\LU\LULnchr.exe (Logitech, Inc.)
PRC - C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe ()
PRC - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll ()
MOD - C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Origin\tufao.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Common Files\logishrd\SharedBin\LVAPI11.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\SDL.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV:64bit: - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL)
SRV:64bit: - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe (BitDefender S.R.L.)
SRV:64bit: - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV:64bit: - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV:64bit: - (ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\bin32\nSvcAppFlt.exe ()
SRV:64bit: - (nSvcIp) -- C:\Program Files\bin32\nSvcIp.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (XCOMM) -- C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe (BitDefender)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BBSvc.exe (Microsoft Corporation.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (McAfee SiteAdvisor Service) -- c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (Autodesk Content Service) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SiteAdvisor Service) -- C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (BDSelfPr) -- C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys File not found
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)
DRV:64bit: - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (AswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\DRIVERS\aswNdis.sys (ALWIL Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (seehcri) -- C:\Windows\SysNative\DRIVERS\seehcri.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\DRIVERS\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\DRIVERS\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\DRIVERS\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (bdftdif) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender SRL)
DRV:64bit: - (bdfsfltr) -- C:\Windows\SysNative\DRIVERS\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x3200
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32 File not found
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Nils\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Nils\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Nils\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\Nils\AppData\Roaming\Electronic Arts\Game Face\1.0.0.18\npGameFacePlugin.dll (Electronic Arts)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.03.01 11:49:11 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.03.01 11:49:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013.05.24 07:34:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.06.18 00:44:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.15 20:19:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.07.31 21:17:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.01 15:20:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2008\tbextension [2010.01.16 19:27:41 | 000,000,000 | ---D | M]
 
[2012.10.17 16:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\Extensions
[2013.05.23 23:07:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\aave9duk.default\extensions
[2011.03.17 10:30:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\aave9duk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.02.17 05:22:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\aave9duk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(231)
[2013.04.16 16:49:41 | 000,363,475 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\extensions\toolbar_SGT-SAT@apn.ask.com.xpi
[2012.12.27 19:54:54 | 000,036,139 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2010.08.11 15:21:04 | 000,001,864 | ---- | M] () -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\searchplugins\{2F060849-F324-4549-99A5-34B2C483B4B6}.xml
[2010.08.11 15:21:04 | 000,002,182 | ---- | M] () -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\searchplugins\{B90EEDAF-5392-4D5F-AFF8-842B3A4F4FA9}.xml
[2010.08.11 15:21:04 | 000,002,071 | ---- | M] () -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\aave9duk.default\searchplugins\{C644B2D6-694E-49AA-A681-B3FC838377DF}.xml
[2012.11.27 16:12:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.01.22 01:05:24 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.03.17 10:26:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012.06.18 00:44:43 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
File not found (No name found) -- C:\PROGRAM FILES (X86)\HBLITE\BIN\11.0.384.0\FIREFOX\EXTENSIONS
[2013.05.24 07:34:47 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2013.03.15 20:19:52 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{AA994882-F391-4D2E-806F-8908DA4814ED}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
File not found (No name found) -- C:\USERS\NILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAVE9DUK.DEFAULT\EXTENSIONS\WELCOME@TOOLMIN.COM
[2011.07.08 09:31:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.19 08:03:04 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.12.27 18:16:12 | 000,003,341 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.giga.de/go/wwr 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Nils\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Nils\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Nils\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Game Face Plugin (Enabled) = C:\Users\Nils\AppData\Roaming\Electronic Arts\Game Face\1.0.0.18\npGameFacePlugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: SiteAdvisor = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.61.113.2_1\
CHR - Extension: avast! WebRep = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2013.05.26 22:08:46 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll (Bitdefender)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\Antispam32\IEToolbar.dll (Bitdefender)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe (BitDefender)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Nils\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SWPROguard] C:\Program Files (x86)\Fighters\SPYWAREfighter\SWPROTray.exe File not found
O4 - HKLM..\Run: [Trigger New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files (x86)\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [Akamai NetSession Interface] C:\Users\Nils\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4046807941-2027364974-1543117049-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  = 
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E473A496-9186-4520-9195-B83874FC31F4}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAd64.dll ()
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Nils\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Nils\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.01.20 14:01:31 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.24 09:21:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.05.22 21:29:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.05.22 21:18:07 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.22 20:50:21 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Nils\Desktop\JRT.exe
[2013.05.22 07:04:01 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Nils\Desktop\aswMBR.exe
[2013.05.20 09:43:11 | 001,398,856 | ---- | C] (Malwarebytes Corporation) -- C:\Users\Nils\Desktop\mbar.exe
[2013.05.20 09:33:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.19 12:55:23 | 005,066,411 | R--- | C] (Swearware) -- C:\Users\Nils\Desktop\ComboFix.exe
[2013.05.17 23:13:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.05.17 23:13:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.05.17 23:13:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.05.17 23:02:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.17 23:00:57 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.05.16 16:14:53 | 000,000,000 | ---D | C] -- C:\Users\Nils\Documents\Clubschwein
[2013.05.16 10:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.03.18 23:29:01 | 000,958,464 | ---- | C] (Valve Corporation) -- C:\Program Files\Steam.exe
[2010.03.18 23:28:39 | 000,245,760 | ---- | C] (Valve LLC) -- C:\Program Files\WriteMiniDump.exe
[2010.03.18 23:28:37 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dbghelp.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.27 18:23:08 | 000,081,984 | ---- | M] () -- C:\Windows\SysNative\bdod.bin
[2013.05.27 18:06:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.27 18:02:49 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2013.05.27 18:02:48 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.05.27 18:02:36 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.27 18:01:50 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.27 18:01:50 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.27 18:01:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.26 22:31:49 | 000,000,121 | ---- | M] () -- C:\Windows\bdagent.INI
[2013.05.26 22:08:46 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.05.26 21:52:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000UA.job
[2013.05.26 21:49:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.26 21:04:05 | 001,567,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.26 21:04:05 | 000,674,722 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.26 21:04:05 | 000,634,846 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.26 21:04:05 | 000,145,390 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.26 21:04:05 | 000,119,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.26 20:27:00 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000UA.job
[2013.05.26 19:52:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000Core.job
[2013.05.26 11:27:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4046807941-2027364974-1543117049-1000Core.job
[2013.05.23 21:54:07 | 000,002,041 | ---- | M] () -- C:\Users\Nils\Desktop\Google Chrome.lnk
[2013.05.22 20:49:47 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Nils\Desktop\JRT.exe
[2013.05.22 20:40:49 | 000,006,836 | ---- | M] () -- C:\Users\Nils\AppData\Local\d3d9caps.dat
[2013.05.22 06:58:54 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Nils\Desktop\aswMBR.exe
[2013.05.21 20:21:21 | 000,002,655 | ---- | M] () -- C:\Users\Nils\Desktop\Microsoft Office Word 2007.lnk
[2013.05.20 09:42:45 | 001,398,856 | ---- | M] (Malwarebytes Corporation) -- C:\Users\Nils\Desktop\mbar.exe
[2013.05.18 10:09:31 | 005,066,411 | R--- | M] (Swearware) -- C:\Users\Nils\Desktop\ComboFix.exe
[2013.05.16 10:39:01 | 000,397,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.12 21:14:54 | 000,001,936 | ---- | M] () -- C:\Users\Public\Desktop\Inventor Fusion 2013.lnk
[2013.05.12 21:14:53 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2013 - Deutsch (German).lnk
[2013.05.02 16:50:34 | 000,030,288 | ---- | M] () -- C:\Users\Nils\Documents\935013_455765107832844_817710064_n.jpg
[2013.05.02 16:50:14 | 000,053,070 | ---- | M] () -- C:\Users\Nils\Documents\45644_449723935103628_1954048515_n - Kopie - Kopie.jpg
 
========== Files Created - No Company Name ==========
 
[2013.05.17 23:13:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.05.17 23:13:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.05.17 23:13:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.05.17 23:13:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.05.17 23:13:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.05.02 16:50:33 | 000,030,288 | ---- | C] () -- C:\Users\Nils\Documents\935013_455765107832844_817710064_n.jpg
[2013.05.02 16:50:12 | 000,053,070 | ---- | C] () -- C:\Users\Nils\Documents\45644_449723935103628_1954048515_n - Kopie - Kopie.jpg
[2013.04.13 01:21:32 | 000,006,836 | ---- | C] () -- C:\Users\Nils\AppData\Local\d3d9caps.dat
[2013.03.10 16:02:26 | 000,268,952 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.10 16:00:35 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.10 16:00:34 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.01.20 15:15:43 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.11.30 18:31:08 | 000,000,835 | ---- | C] () -- C:\Users\Nils\.recently-used.xbel
[2011.11.30 16:39:46 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2011.11.30 16:31:13 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011.11.30 16:30:58 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.11.17 22:03:04 | 000,000,000 | ---- | C] () -- C:\Users\Nils\AppData\Roaming\wklnhst.dat
[2011.10.01 15:19:17 | 000,000,552 | ---- | C] () -- C:\Users\Nils\AppData\Local\d3d8caps.dat
[2011.09.11 18:33:40 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini
[2011.08.08 23:48:42 | 000,000,530 | ---- | C] () -- C:\Windows\eReg.dat
[2011.01.30 17:07:20 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.05.17 21:02:30 | 000,073,645 | ---- | C] () -- C:\Users\Nils\fifa10.jpg
[2010.03.18 23:29:02 | 000,165,376 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010.02.05 18:56:37 | 000,018,944 | ---- | C] () -- C:\Users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 17:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 19:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 09:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 04:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
 
========== LOP Check ==========
 
[2008.09.17 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008.09.17 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2008.09.17 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Acer GameZone Console
[2009.12.30 16:10:52 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Atari
[2013.01.22 19:08:50 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Autodesk
[2010.01.16 19:28:02 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Bitdefender
[2011.12.07 22:22:26 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Canneverbe Limited
[2010.11.25 20:46:14 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\CMA
[2010.03.21 21:04:24 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Common Toolkit Suite
[2010.10.18 08:04:24 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Diercke Globus Online
[2013.05.13 23:04:49 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Dropbox
[2012.07.19 19:47:02 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\DVDVideoSoft
[2010.10.13 12:08:59 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Electronic Arts
[2009.12.29 15:23:59 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\eSobi
[2010.02.08 22:07:54 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\FloodLightGames
[2011.03.13 21:54:33 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\FMZilla
[2011.02.23 01:08:10 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Free Download Manager
[2012.06.29 23:27:47 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\gtk-2.0
[2012.12.27 18:16:12 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\High Speed Download
[2013.05.27 18:06:39 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\ICQ
[2010.09.08 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\klett
[2010.04.03 11:00:21 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Leadertech
[2011.03.28 16:25:10 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\LolClient
[2011.11.30 16:46:24 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\MAGIX
[2012.02.09 22:08:53 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Muba
[2010.11.26 20:28:12 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Need for Speed World
[2010.05.17 11:50:53 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\OCS
[2010.05.17 11:51:05 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Opera
[2012.11.30 14:28:11 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Origin
[2010.06.14 11:28:36 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Publish Providers
[2010.06.16 16:07:41 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Simply Super Software
[2010.06.14 11:28:21 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Sony
[2010.06.22 19:06:51 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Trillian
[2011.02.05 14:02:39 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\TS3Client
[2011.05.15 12:44:41 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\TubeBox
[2012.06.27 17:38:27 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\TuneUp Software
[2011.12.24 19:53:16 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Ubisoft
[2012.07.19 19:46:53 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\Uniblue
[2010.08.24 22:04:59 | 000,000,000 | ---D | M] -- C:\Users\Nils\AppData\Roaming\UseNeXT
[2010.08.02 20:09:58 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\Bitdefender
[2010.12.12 02:06:06 | 000,000,000 | ---D | M] -- C:\Users\TEMP.Nils-PC\AppData\Roaming\Bitdefender
 
========== Purity Check ==========
 
 

< End of report >
         

Alt 27.05.2013, 21:38   #41
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes Anti-Malware (MBAM) (falls du vor kurzem erst einen Vollscan gemacht hast, reicht auch ein Quickscan (spart Zeit), das dann mir bitte auch mitteilen)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.05.2013, 06:19   #42
-Ahnungslos-
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Code:
ATTFilter
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 3944

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

27.05.2013 23:24:29
mbam-log-2013-05-27 (23-24-29).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 123881
Laufzeit: 5 Minute(n), 28 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
ESET-Scanner:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=60720f34e832654e8ea89f9d94c09078
# engine=13931
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-28 02:42:31
# local_time=2013-05-28 04:42:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=772 16777213 83 94 6199923 146418823 0 0
# compatibility_mode=5892 16776574 100 100 270909 207232857 0 0
# scanned=366293
# found=5
# cleaned=0
# scan_time=18749
sh=B47AA09DCB23CB09987B7AF11C97CC51787A7F2D ft=0 fh=0000000000000000 vn="VBS/TrojanDownloader.Agent.NHP trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook.vbs.vir"
sh=68D00918BD72BAF1A63CC6DED5239C15EE1B819B ft=0 fh=0000000000000000 vn="Android/TrojanSMS.Bosm.B trojan" ac=I fn="C:\Users\Nils\Documents\ICQ\632707221\ReceivedFiles\377954036 Peter\SMSBomber (1.9).apk"
sh=EC041801050CABB631FC5F05193092BB562CB513 ft=1 fh=075ff23d01a7a850 vn="Win32/Adware.ToolPlugin application" ac=I fn="C:\Users\Nils\Downloads\install_flashplayer110.exe"
sh=5FEBA7FF1F3F6F79D02275F037544C18531B8999 ft=0 fh=0000000000000000 vn="Win32/Adware.OneStep application" ac=I fn="C:\Windows\System32\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\chrome\questscan.jar"
sh=5FEBA7FF1F3F6F79D02275F037544C18531B8999 ft=0 fh=0000000000000000 vn="Win32/Adware.OneStep application" ac=I fn="C:\Windows\SysWOW64\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\chrome\questscan.jar"
         

Alt 28.05.2013, 09:43   #43
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Code:
ATTFilter
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 3944
         
So kann dass nichts werden. Du musst schon darauf achten, die aktuelle Programm und DB-Version von Malwarebytes zu verwenden. Installiere das aktuelle Malwarebytes und stell sicher, dass die DB von MBAM aktuall ist, dann bitte einen Vollscan machen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.05.2013, 21:33   #44
-Ahnungslos-
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.05.28.06

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 7.0.6002.18005
Nils :: NILS-PC [Administrator]

28.05.2013 19:32:34
mbam-log-2013-05-28 (19-32-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 604345
Laufzeit: 1 Stunde(n), 50 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 29.05.2013, 00:28   #45
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Wie entferne ich facebook.vbs? - Standard

Wie entferne ich facebook.vbs?



Ok. Nun zum ESET-Log.

Zitat:
vn="Android/TrojanSMS.Bosm.B trojan" ac=I fn="C:\Users\Nils\Documents\ICQ\632707221\ReceivedFiles\377954036 Peter\SMSBomber (1.9).apk"
Was soll dieser Unsinn?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Wie entferne ich facebook.vbs?
angezeigt, avast, beitrag, betriebssystem, entfernen, erstellen, facebook.vbs, forum, funktioniert, gelöst, hallo zusammen, hilfe!, neu, neue, neuen, nichts, ordner, problem, problem gelöst, programme, rechner, skriptdatei, stichwort, suche, trojaner, usb geräte, virus, vista, zusammen



Ähnliche Themen: Wie entferne ich facebook.vbs?


  1. entferne sweetpage
    Plagegeister aller Art und deren Bekämpfung - 06.05.2014 (11)
  2. Wie entferne ich Yontoo?
    Plagegeister aller Art und deren Bekämpfung - 29.04.2014 (10)
  3. wie entferne ich jsw.jsfor.net
    Plagegeister aller Art und deren Bekämpfung - 11.12.2013 (1)
  4. Wie entferne ich Snap.Do?
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (3)
  5. GVU 2.07 Trojaner entferne
    Plagegeister aller Art und deren Bekämpfung - 26.10.2012 (8)
  6. wie entferne ich den Bundestrojaner?
    Plagegeister aller Art und deren Bekämpfung - 24.09.2012 (5)
  7. trojaner am PC wie entferne ich Ihn?
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (3)
  8. Facebook-Trojaner: vinamost.net/images/facebook/get.php?image=IMG39348819.JPG
    Log-Analyse und Auswertung - 21.11.2011 (42)
  9. Facebook Virus - wie entferne ich ihn?
    Log-Analyse und Auswertung - 25.10.2011 (5)
  10. Zuerst Facebook-Virus-Neu aufgesetzt,cpu Auslastung 100%,bei Facebook-Games extrem lahm!
    Log-Analyse und Auswertung - 03.02.2011 (11)
  11. Skype - Facebook Virus foto :P h**p://facebook.twitterbizzer.com/member_profile.php
    Plagegeister aller Art und deren Bekämpfung - 27.08.2010 (6)
  12. Wie entferne ich yieldmanager?
    Log-Analyse und Auswertung - 05.05.2010 (3)
  13. Wie entferne ich karna.dat ?
    Mülltonne - 08.12.2008 (0)
  14. Wie entferne ich Virtumonde
    Plagegeister aller Art und deren Bekämpfung - 14.05.2008 (13)
  15. Wie entferne ich Paytime.exe ???
    Log-Analyse und Auswertung - 14.11.2007 (1)
  16. Wie entferne ich JS/Psyme?
    Plagegeister aller Art und deren Bekämpfung - 05.08.2007 (9)
  17. Wie entferne ich...
    Plagegeister aller Art und deren Bekämpfung - 08.09.2005 (4)

Zum Thema Wie entferne ich facebook.vbs? - Code: Alles auswählen Aufklappen ATTFilter Scan Mode: Current user Du hast den Haken bei Scanne alle Benutzer vergessen! Bitte das Log nochmal richtig machen - Wie entferne ich facebook.vbs?...
Archiv
Du betrachtest: Wie entferne ich facebook.vbs? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.