Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Polizei virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.08.2013, 21:40   #1
Jananas12
 
Polizei virus - Standard

Polizei virus



Guten abent,
nachdem ich mir den bericht zum sogenaten polizei virus angeschaut habe
und alles befolgt haben wollte ich gern hier die log files posten.

falls ich hier nicht richtig bin koenntet ihr mir sagen wohin ich muss oder den beitrag moven.

http://www.trojaner-board.de/attachm...1&d=1376944620
http://www.trojaner-board.de/attachm...1&d=1376944629

ich weis nicht ob ich log log files so richtig eingebunde haben.

ich musste es in 2 aufteile da die datei zu gross ist.

Alt 20.08.2013, 07:05   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Polizei virus - Standard

Polizei virus



Hi,

Logsbitte in Stücken direkt in den thread posten.
__________________

__________________

Alt 20.08.2013, 16:04   #3
Jananas12
 
Polizei virus - Standard

Polizei virus



Hi ich hab die im anhang und als link schon gepostet,
wenn es nicht die sind muss mir wer sagen welche es sind
__________________

Alt 20.08.2013, 16:42   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Polizei virus - Standard

Polizei virus



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.08.2013, 17:19   #5
Jananas12
 
Polizei virus - Standard

Polizei virus



http://www.trojaner-board.de/attachm...1&d=1377015524
http://www.trojaner-board.de/attachm...1&d=1377015539

so das sollten die richtigen sein


Alt 21.08.2013, 07:40   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Polizei virus - Standard

Polizei virus



HI,

Logs bitte immer in den Thread posten.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
--> Polizei virus

Alt 21.08.2013, 10:32   #7
Jananas12
 
Polizei virus - Standard

Polizei virus




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-08-2013 03
Ran by Rene (administrator) on 20-08-2013 19:15:16
Running from C:\Users\Rene\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Lexmark International, Inc.) C:\Windows\system32\spool\DRIVERS\x64\3\lxeeserv.exe
( ) C:\Windows\system32\lxeecoms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL$CAMBRIDGESOFT\Binn\sqlservr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files (x86)\Wuala Dokan\mounter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
(PixArt Imaging Incorporation) C:\Windows\Philips\SPC230NC\Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
() C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Guillemot Corporation S.A.) C:\Program Files (x86)\Hercules\Dualpix HD\CamService.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Saitek) C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\system32\dfrgui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SPC230NC_Monitor] - C:\Windows\Philips\SPC230NC\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [SPC_Monitor] - C:\Windows\Philips\SPC230NC\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-22] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-22] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [CamserviceHD] - C:\Program Files (x86)\Hercules\Dualpix HD\Camservice.exe [360448 2009-07-07] (Guillemot Corporation S.A.)
HKLM\...\Run: [ProfilerU] - C:\Program Files\SmartTechnology\Software\ProfilerU.exe [455680 2012-06-25] (Saitek)
HKLM\...\Run: [SaiVolume] - C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe [186880 2008-01-18] (Saitek)
HKCU\...\Run: [Philips Intelligent Agent] - C:\Program Files (x86)\Philips\Intelligent Agent\Philips Intelligent Agent.exe [613792 2008-02-21] (Philips Consumer Electronics)
HKCU\...\Run: [AdobeBridge] -  [x]
HKCU\...\Run: [OscarEditor] - C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKCU\...\Run: [Google Update] - C:\Users\Rene\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-12] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [SCheck] - C:\Users\Rene\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] ()
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-05-24] (AMD)
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Users\Rene\AppData\Roaming\skype.dat <==== ATTENTION 
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2009-06-30] ()
HKLM-x32\...\Run: [TurboV] - C:\Program Files\ASUS\TurboV\TurboV.exe [5516800 2009-10-20] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CamserviceHD] - C:\Program Files (x86)\Hercules\Dualpix HD\Camservice.exe [360448 2009-07-07] (Guillemot Corporation S.A.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2013-01-22] (RealNetworks, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG)
AppInit_DLLs-x32: c:\progra~4\browse~3\261519~1.190\{c16c1~1\browse~1.dll  [2691536 2013-07-26] ()
Startup: C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Steam.lnk
ShortcutTarget: Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=AT&userid=3f2e208d-75f3-4589-be15-49a74d097323&searchtype=ds&q={searchTerms}&installDate={installDate}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=121562&babsrc=HP_ss_sps&mntrId=363820CF305AB4A0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.fbdownloader.com/?channel=sfat203fbdgy20
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?babsrc=HP_ss_wls&mntrId=363820CF305AB4A0&affID=119357&tsp=4960
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=AT&userid=3f2e208d-75f3-4589-be15-49a74d097323&searchtype=ds&q={searchTerms}&installDate={installDate}
URLSearchHook: (No Name) - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} -  No File
SearchScopes: HKLM-x32 - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
SearchScopes: HKLM-x32 - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = hxxp://search.myheritage.com?orig=ds&q={searchTerms}
SearchScopes: HKLM-x32 - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=363820CF305AB4A0&affID=119357&tsp=4960
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=AT&userid=3f2e208d-75f3-4589-be15-49a74d097323&searchtype=ds&q={searchTerms}&installDate={installDate}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=363820CF305AB4A0&affID=119357&tsp=4960
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {65FC081F-A2C8-49D8-BB4F-9A6E33F11F7C} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKCU - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = 
SearchScopes: HKCU - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = 
BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MHTBPos00 Class - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
BHO-x32: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO-x32: Savings Sidekick - {11111111-1111-1111-1111-110011501160} - C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (215 Apps)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll (Conduit Ltd.)
BHO-x32: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (Delta-search.com)
BHO-x32: Lexmark  - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
BHO-x32: CMySite Class - {D62EC836-BF1E-4CAC-81BE-FB9179835D8E} - C:\Program Files (x86)\Family Toolbar\mhxpcomi.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
Toolbar: HKLM-x32 - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM-x32 - XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfir.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {E8DE9422-3B2C-4243-BF6F-235DA84D8EF8} -  No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKCU - No Name - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} -  No File
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/AT/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - C:\Program Files (x86)\Family Toolbar\mhxpcomi.dll ()
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default
FF user.js: detected! => C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=363820CF305AB4A0&affID=119357&tsp=4960
FF SelectedSearchEngine: Google
FF Homepage: hxxp://search.babylon.com/?babsrc=HP_ss_wls&mntrId=363820CF305AB4A0&affID=119357&tsp=4960
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=10.0 - C:\Program Files (x86)\CambridgeSoft\ChemOffice2006\Chem3D\npChem3DPlugin.dll (CambridgeSoft Corp.)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=10.0 - C:\Program Files (x86)\CambridgeSoft\ChemOffice2006\ChemDraw\npcdp32.dll (CambridgeSoft Corp.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Rene\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Rene\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Rene\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Rene\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Rene\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\bingsearch.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\bProtect.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\FBDownloader.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\fbdownloader_search.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\mngr.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\s-amazon.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\search.xml
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\MyHeritage.xml
FF Extension: No Name - C:\Users\Rene\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\crossriderapp5060@crossrider.com
FF Extension: Виявлення пристроїв Logitech - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\DeviceDetection@logitech.com
FF Extension: PhotoJacker: Photo Album Downloader for Facebook (fka FacePAD) - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\facepad@lazyrussian.com
FF Extension: Delta Toolbar - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\ffxtlbr@delta.com
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\toolbar_AVIRA-V7@apn.ask.com
FF Extension: Download Youtube Videos + - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\video.downloader.plugin@ffpimp.com
FF Extension: appbario8  - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\{0cc09160-108c-4759-bab1-5c12c216e005}
FF Extension: XfireXO - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
FF Extension: Adblock Plus - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF Extension: Green Fox - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\{d122ad80-ff45-11dd-87af-0800200c9a66}
FF Extension: DealPly - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
FF Extension: facepad - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\facepad@lazyrussian.com.xpi
FF Extension: toolbar - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\toolbar@gmx.net.xpi
FF Extension: toolbar_AVIRA-V7 - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: torntv - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\torntv@torntv.com.xpi
FF Extension: No Name - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\{31a48160-39fc-11de-8a39-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi
FF Extension: No Name - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKCU\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] C:\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3227980&SearchSource=48",  "",  "hxxp://search.babylon.com/?affID=112844&tt=0112_8&babsrc=HP_ss&mntrId=3638186900000000000020cf305ab4a0"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Rene\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Rene\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Rene\AppData\Local\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Chem3D Plugin) - C:\Program Files (x86)\CambridgeSoft\ChemOffice2006\Chem3D\npChem3DPlugin.dll (CambridgeSoft Corp.)
CHR Plugin: (ChemDraw) - C:\Program Files (x86)\CambridgeSoft\ChemOffice2006\ChemDraw\npcdp32.dll (CambridgeSoft Corp.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Rene\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: ({"name":"Avira SearchFree Toolbar plus Web Protection","version":"20.53263","manifest_version":2,"description":"Convenient tools and links to make your browsing more enjoyable","icons":{"128":"config/skin/images/logo/logo_128x.png","32":"config/skin/images/logo/logo_32x.png","24":"config/skin/images/logo/logo_24x.png"},"browser_action":{"default_icon":"config/skin/images/logo/logo_19x.png","default_title":"Control the Avira SearchFree Toolbar","default_popup":"config/skin/chrome-options.html"},"background":{"page":"background/background.html"},"chrome_url_overrides":{"newtab":"config/skin/new-tab.html"},"content_scripts":[{"matches":["*://*/*"],"js":["lib/constant.js","lib/default-config.js","config/tb-config.js","lib/protocol.js","lib/tb-message.js","lib/widget-messaging.js","content_script/inline-html.js"],"all_frames":true,"run_at":"document_end"},{"matches":["*://*/*"],"js":["lib/jquery.js","lib/constant.js","lib/default-config.js","config/tb-config.js","config/widget-config.js","lib/protocol.js","lib/tb-message.js","lib/state-machine.js","lib/window-position.js","content_script/toolbar.js","content_script/widget.js","content_script/injector.js"],"run_at":"document_start"},{"matches":["*://*.facebook.com/*"],"css":["content_script/hack/facebook.css"]},{"matches":["*://*.google.com/*","*://*.ask.com/","*://*.bagsbuy.com/*","*://*.csaa.com/*","*://*.childrenschorus.org/*","*://*.wikipedia.org/*","*://*.mercurynews.com/*","*://*.usnews.com/*"],"css":["content_script/hack/relative.css"],"run_at":"document_start"},{"matches":["*://*.google.com/imgres*","*://images.google.com/*","*://codesearch.google.com/*"],"css":["content_script/hack/static.css"],"run_at":"document_start"}],"permissions":["bookmarks","contextMenus","contentSettings","cookies","geolocation","history","idle","management","notifications","tabs","unlimitedStorage","webRequest","webRequestBlocking","hxxp://*/*","https://*/*","chrome://favicon/*","bookmarks","contextMenus","contentSettings","cookies","geolocation","history","idle","management","notifications","tabs","unlimitedStorage","hxxp://*/*","https://*/*","chrome://favicon/*","webRequest","webRequestBlocking"],"plugins":[{"path":"background/ChromeUtilPlugin.dll","public":false}],"update_url":"hxxp://apnmedia.ask.com/media/toolbar/everest/partners/AVIRA-V7/YY/update.xml","web_accessible_resources":["config/skin/css/containers.css","config/skin/toolbar.html","widgets/search-suggestion/search-suggestion.html","widgets/options/options.html","widgets/templates/feed.html","widgets/templates/menu.html","config/skin/widgets/com.avira.dnt/widget/background.html","config/skin/widgets/com.avira.dnt/widget/button.html","config/skin/widgets/com.avira.dnt/widget/window.html","config/skin/widgets/com.avira.dnt/widget/blank.html","config/skin/widgets/com.avira.dnt/widget/blank.gif"]}) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\20.53263
CHR Extension: (Google Drive) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Savings Sidekick) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.23.81_0
CHR Extension: (Delta Toolbar) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (OfferMosquito) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.6_0
CHR Extension: (RealDownloader) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0
CHR Extension: (Skype Click to Call) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0
CHR Extension: (Gmail) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Rene\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn11.crx
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Rene\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2847696 2013-07-26] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [397704 2012-07-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385416 2012-07-10] (BlueStack Systems, Inc.)
S2 libusbd; C:\Windows\SysWow64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
R2 lxeeCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeeserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxee_device; C:\Windows\system32\lxeecoms.exe [1052328 2010-04-14] ( )
R2 MSSQL$CAMBRIDGESOFT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$CAMBRIDGESOFT\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation)
S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-11-24] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S3 SQLAgent$CAMBRIDGESOFT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$CAMBRIDGESOFT\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation)
R2 wDokanMounter; C:\Program Files (x86)\Wuala Dokan\mounter.exe [11776 2010-08-11] ()

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-01-16] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [75144 2012-07-10] (BlueStack Systems)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [75144 2012-07-10] (BlueStack Systems)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [349072 2011-11-04] (EldoS Corporation)
R2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2010-11-09] (CPUID)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-10-25] (Devguru Co., Ltd)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [216576 2009-09-04] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Huawei Technologies Co., Ltd.)
R3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-08] (Guillemot Corporation)
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-01-16] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 PAEAFLT.sys; C:\Windows\System32\DRIVERS\PAEAFLT.sys [9472 2007-09-26] (PixArt Imaging Incorporation)
R3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [129024 2008-01-21] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-06-26] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-06-26] (Saitek)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552384 2009-04-22] ()
S3 SPC230NC; C:\Windows\System32\DRIVERS\SPC230NC.SYS [531968 2008-01-03] (PixArt Imaging Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-08-19] ()
S3 VCam_WDM; C:\Windows\System32\DRIVERS\VCam_WDM.sys [104120 2012-05-25] (e2eSoft)
R2 wDokan; C:\Windows\system32\drivers\wdokan.sys [86392 2010-08-11] ()
R2 wDokan; C:\Windows\system32\drivers\wdokan.sys [86392 2010-08-11] ()
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 zlportio; C:\Program Files (x86)\UltraStar\zlportio.sys [4016 2001-09-22] (SpecoSoft)
S3 zlportio; C:\Program Files (x86)\UltraStar\zlportio.sys [4016 2001-09-22] (SpecoSoft)
S3 ALSysIO; \??\C:\Users\Rene\AppData\Local\Temp\ALSysIO64.sys [x]
S3 libusb0; system32\drivers\libusb0.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 WinRing0_1_2_0; \??\C:\Users\Rene\AppData\Local\Temp\Rar$EX59.760\WinRing0x64.sys [x]
S3 X6va003; \??\C:\Users\Rene\AppData\Local\Temp\0035B6D.tmp [x]
S3 X6va005; \??\C:\Users\Rene\AppData\Local\Temp\005D450.tmp [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-20 19:14 - 2013-08-20 19:14 - 00000000 ____D C:\FRST
2013-08-20 18:54 - 2013-08-20 18:54 - 00000971 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-20 18:01 - 2013-08-20 18:01 - 00000034 _____ C:\Windows\setupact.log
2013-08-20 18:01 - 2013-08-20 18:01 - 00000000 _____ C:\Windows\setuperr.log
2013-08-20 11:35 - 2013-08-20 11:35 - 00004704 _____ C:\Users\Rene\Documents\Uninstall Mass Effect 2.log
2013-08-20 11:31 - 2013-08-20 11:32 - 00009951 _____ C:\Users\Rene\Documents\Uninstall Dragon Age 2.log
2013-08-20 11:00 - 2013-08-20 11:00 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Avira
2013-08-20 10:56 - 2013-08-20 10:55 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-20 10:55 - 2013-08-20 10:55 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-08-20 10:55 - 2013-08-20 10:55 - 00000000 ____D C:\ProgramData\APN
2013-08-20 10:55 - 2013-08-20 10:55 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-08-20 10:55 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\Rene\Documents\APNSetup.exe
2013-08-20 10:54 - 2013-08-20 10:54 - 00002030 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-20 10:54 - 2013-08-20 10:54 - 00000000 ____D C:\ProgramData\Avira
2013-08-20 10:54 - 2013-08-20 10:54 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-20 10:54 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-20 10:54 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-20 10:54 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-20 10:50 - 2013-08-20 10:53 - 110344048 _____ C:\Users\Rene\Downloads\avira_free_antivirus85_de.exe
2013-08-20 05:00 - 2013-08-20 05:32 - 00279974 _____ C:\OTL.Txt
2013-08-20 01:55 - 2013-08-20 01:55 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-08-19 21:23 - 2013-08-19 21:23 - 00003116 _____ C:\Windows\System32\Tasks\{8A236994-0C28-45C3-9435-FA3A603BD7E6}
2013-08-19 19:45 - 2013-08-19 19:49 - 127231689 _____ (Igor Pavlov) C:\Users\Rene\Downloads\OTLPENet.exe
2013-08-19 19:45 - 2013-08-19 19:45 - 00834544 _____ C:\Windows\system32\Drivers\sptd.sys
2013-08-19 19:44 - 2013-08-19 19:44 - 00000000 ____D C:\Program Files (x86)\LSoft Technologies
2013-08-19 19:43 - 2013-08-19 19:43 - 05053696 _____ (Macrovision Corporation) C:\Users\Rene\Downloads\IsoBurner-Setup.exe
2013-08-18 17:24 - 2013-08-18 17:24 - 00000170 _____ C:\Users\Rene\Desktop\matrix.bat
2013-08-18 12:59 - 2013-08-18 12:59 - 03820480 _____ C:\Users\Rene\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-08-10 20:25 - 2013-08-10 20:25 - 00000000 ____D C:\Users\Rene\AppData\Local\Chromium
2013-08-03 00:13 - 2013-08-20 18:55 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-03 00:10 - 2013-08-03 00:12 - 36202272 _____ (TeamSpeak Systems GmbH) C:\Users\Rene\Downloads\TeamSpeak3-Client-win64-3.0.11.exe
2013-07-31 13:34 - 2013-07-31 13:34 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-31 13:33 - 2013-07-31 13:34 - 00003382 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-31 13:31 - 2013-07-31 13:31 - 04300704 _____ (Smart Projects                                              ) C:\Users\Rene\Downloads\isobuster_all_lang [1].exe
2013-07-31 13:30 - 2013-07-31 13:30 - 00673560 _____ C:\Users\Rene\Downloads\isobuster_all_lang.exe
2013-07-24 05:42 - 2013-07-24 05:42 - 02092792 _____ C:\Users\Rene\Downloads\avira_free_antivirus.exe
2013-07-24 05:39 - 2013-07-24 05:39 - 00003114 _____ C:\Windows\System32\Tasks\{4D989664-0B5C-41F3-A8F5-313B3C7963D9}

==================== One Month Modified Files and Folders =======

2013-08-20 19:14 - 2013-08-20 19:14 - 01576196 _____ (Farbar) C:\Users\Rene\Downloads\FRST64.exe
2013-08-20 19:14 - 2013-08-20 19:14 - 00000000 ____D C:\FRST
2013-08-20 19:11 - 2011-11-15 00:16 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000UA.job
2013-08-20 18:58 - 2010-12-01 20:10 - 00000000 ____D C:\Users\Rene\AppData\Roaming\TS3Client
2013-08-20 18:55 - 2013-08-03 00:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-20 18:54 - 2013-08-20 18:54 - 00000971 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-08-20 18:53 - 2010-12-02 23:59 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Skype
2013-08-20 18:48 - 2012-06-08 09:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-20 18:29 - 2012-06-03 13:51 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-20 18:22 - 2012-07-24 01:52 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000UA.job
2013-08-20 18:05 - 2009-07-14 06:45 - 00013440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-20 18:05 - 2009-07-14 06:45 - 00013440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-20 18:01 - 2013-08-20 18:01 - 00000034 _____ C:\Windows\setupact.log
2013-08-20 18:01 - 2013-08-20 18:01 - 00000000 _____ C:\Windows\setuperr.log
2013-08-20 18:01 - 2010-12-01 18:37 - 01500401 _____ C:\Windows\WindowsUpdate.log
2013-08-20 15:52 - 2013-01-22 16:52 - 00000296 _____ C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1217606454-805411425-2449683855-1000.job
2013-08-20 15:01 - 2012-12-31 14:59 - 00000274 _____ C:\Windows\Tasks\PC Performer_DEFAULT.job
2013-08-20 13:11 - 2011-11-15 00:16 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000Core.job
2013-08-20 12:49 - 2013-06-12 18:30 - 00343040 ___SH C:\Users\Rene\Desktop\Thumbs.db
2013-08-20 12:17 - 2011-05-07 20:07 - 00000000 ____D C:\Users\Rene\AppData\Local\LogMeIn Hamachi
2013-08-20 12:17 - 2010-12-19 21:40 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-20 12:17 - 2010-12-01 18:32 - 00000000 ____D C:\Windows\Panther
2013-08-20 12:08 - 2010-12-28 09:52 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-08-20 11:48 - 2012-11-02 15:57 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Guitar Pro 6
2013-08-20 11:47 - 2011-01-16 10:42 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2013-08-20 11:47 - 2010-12-03 16:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-20 11:42 - 2010-12-21 09:09 - 00107832 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-20 11:40 - 2011-03-05 22:43 - 00000000 ____D C:\Users\Rene\Documents\WBGames
2013-08-20 11:36 - 2012-11-23 19:53 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-08-20 11:35 - 2013-08-20 11:35 - 00004704 _____ C:\Users\Rene\Documents\Uninstall Mass Effect 2.log
2013-08-20 11:32 - 2013-08-20 11:31 - 00009951 _____ C:\Users\Rene\Documents\Uninstall Dragon Age 2.log
2013-08-20 11:32 - 2011-02-17 19:32 - 00000000 ____D C:\Users\Rene\Documents\BioWare
2013-08-20 11:31 - 2011-12-17 14:21 - 00000000 ____D C:\SG Interactive
2013-08-20 11:31 - 2010-12-21 18:50 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-08-20 11:29 - 2011-03-21 15:35 - 00000000 ____D C:\ProgramData\Ubisoft
2013-08-20 11:29 - 2011-01-22 11:30 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Ubisoft
2013-08-20 11:28 - 2011-03-03 21:35 - 00000000 ____D C:\Users\Rene\AppData\Local\Conduit
2013-08-20 11:25 - 2011-04-23 18:39 - 00000000 ____D C:\Program Files (x86)\JoWooD Entertainment AG
2013-08-20 11:24 - 2011-02-17 20:29 - 00000000 ____D C:\Program Files (x86)\ANNO 1503
2013-08-20 11:20 - 2011-01-14 21:54 - 00000000 ____D C:\Program Files (x86)\Activision
2013-08-20 11:17 - 2012-02-22 18:55 - 00000000 ____D C:\Program Files (x86)\The Guild 2 - Renaissance
2013-08-20 11:17 - 2011-09-12 16:44 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-08-20 11:17 - 2010-12-03 17:25 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-20 11:14 - 2012-11-30 17:08 - 00000000 ____D C:\Program Files (x86)\TornTV.com
2013-08-20 11:10 - 2011-05-23 23:01 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2013-08-20 11:10 - 2011-04-16 19:31 - 00000000 ____D C:\Program Files (x86)\Reality Pump
2013-08-20 11:00 - 2013-08-20 11:00 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Avira
2013-08-20 10:55 - 2013-08-20 10:56 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-20 10:55 - 2013-08-20 10:55 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-08-20 10:55 - 2013-08-20 10:55 - 00000000 ____D C:\ProgramData\APN
2013-08-20 10:55 - 2013-08-20 10:55 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-08-20 10:54 - 2013-08-20 10:54 - 00002030 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-20 10:54 - 2013-08-20 10:54 - 00000000 ____D C:\ProgramData\Avira
2013-08-20 10:54 - 2013-08-20 10:54 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-20 10:53 - 2013-08-20 10:50 - 110344048 _____ C:\Users\Rene\Downloads\avira_free_antivirus85_de.exe
2013-08-20 05:32 - 2013-08-20 05:00 - 00279974 _____ C:\OTL.Txt
2013-08-20 04:55 - 2010-12-03 15:36 - 00000000 ____D C:\Users\Administrator
2013-08-20 04:55 - 2010-12-01 16:12 - 00000000 ____D C:\Users\Rene
2013-08-20 04:39 - 2010-12-01 23:06 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9A570E9D-E13D-4933-AEC4-875DA8358CF1}
2013-08-20 04:29 - 2012-06-03 13:51 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-20 03:22 - 2012-07-24 01:52 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000Core.job
2013-08-20 01:55 - 2013-08-20 01:55 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-08-20 01:55 - 2013-05-01 17:07 - 00000004 _____ C:\Users\Rene\AppData\Roaming\skype.ini
2013-08-20 01:55 - 2013-01-22 16:53 - 00000288 _____ C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1217606454-805411425-2449683855-1000.job
2013-08-20 01:55 - 2011-04-24 13:39 - 00061639 _____ C:\ProgramData\lxeescan.log
2013-08-20 00:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-19 21:23 - 2013-08-19 21:23 - 00003116 _____ C:\Windows\System32\Tasks\{8A236994-0C28-45C3-9435-FA3A603BD7E6}
2013-08-19 21:04 - 2012-05-03 21:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-19 21:04 - 2010-12-03 18:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-19 21:02 - 2012-06-03 13:52 - 00000000 ___RD C:\Users\Rene\Google Drive
2013-08-19 20:06 - 2013-06-09 18:00 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-19 19:49 - 2013-08-19 19:45 - 127231689 _____ (Igor Pavlov) C:\Users\Rene\Downloads\OTLPENet.exe
2013-08-19 19:45 - 2013-08-19 19:45 - 00834544 _____ C:\Windows\system32\Drivers\sptd.sys
2013-08-19 19:44 - 2013-08-19 19:44 - 00000000 ____D C:\Program Files (x86)\LSoft Technologies
2013-08-19 19:43 - 2013-08-19 19:43 - 05053696 _____ (Macrovision Corporation) C:\Users\Rene\Downloads\IsoBurner-Setup.exe
2013-08-19 19:11 - 2010-12-21 09:55 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-19 19:11 - 2010-12-21 09:09 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-18 17:24 - 2013-08-18 17:24 - 00000170 _____ C:\Users\Rene\Desktop\matrix.bat
2013-08-18 13:25 - 2011-01-10 23:19 - 00000000 ____D C:\Users\Rene\Documents\BFBC2
2013-08-18 12:59 - 2013-08-18 12:59 - 03820480 _____ C:\Users\Rene\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-08-18 12:57 - 2011-11-07 21:55 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Origin
2013-08-18 12:57 - 2011-11-07 21:54 - 00000000 ____D C:\Users\Rene\AppData\Local\Origin
2013-08-18 12:57 - 2011-11-07 21:54 - 00000000 ____D C:\ProgramData\Origin
2013-08-18 12:54 - 2011-11-07 21:53 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-17 22:29 - 2010-12-12 11:13 - 00000000 ____D C:\Users\Rene\AppData\Local\PMB Files
2013-08-17 22:29 - 2010-12-12 11:13 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-14 13:59 - 2012-12-31 14:59 - 00000282 _____ C:\Windows\Tasks\PC Performer_UPDATES.job
2013-08-13 07:09 - 2010-12-03 17:19 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Real
2013-08-10 20:33 - 2011-02-21 23:24 - 00000000 ____D C:\Users\Rene\Documents\The Lord of the Rings Online
2013-08-10 20:25 - 2013-08-10 20:25 - 00000000 ____D C:\Users\Rene\AppData\Local\Chromium
2013-08-10 17:15 - 2010-12-20 16:05 - 00000000 ____D C:\Users\Rene\AppData\Local\Turbine
2013-08-10 15:24 - 2010-12-03 16:15 - 01617280 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-10 15:24 - 2009-07-14 19:58 - 00686566 _____ C:\Windows\system32\perfh007.dat
2013-08-10 15:24 - 2009-07-14 19:58 - 00143982 _____ C:\Windows\system32\perfc007.dat
2013-08-10 15:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-07 13:03 - 2011-09-10 17:14 - 00000000 ____D C:\Users\Rene\AppData\Local\._Revolution_
2013-08-07 03:23 - 2010-12-03 18:22 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Mozilla
2013-08-06 19:02 - 2010-12-05 12:35 - 00937472 ___SH C:\Users\Rene\Documents\Thumbs.db
2013-08-03 00:12 - 2013-08-03 00:10 - 36202272 _____ (TeamSpeak Systems GmbH) C:\Users\Rene\Downloads\TeamSpeak3-Client-win64-3.0.11.exe
2013-07-31 21:23 - 2012-07-24 01:53 - 00002362 _____ C:\Users\Rene\Desktop\Google Chrome.lnk
2013-07-31 13:34 - 2013-07-31 13:34 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-31 13:34 - 2013-07-31 13:33 - 00003382 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-31 13:34 - 2013-06-09 18:00 - 00000000 ____D C:\Users\Rene\AppData\Roaming\BabSolution
2013-07-31 13:31 - 2013-07-31 13:31 - 04300704 _____ (Smart Projects                                              ) C:\Users\Rene\Downloads\isobuster_all_lang [1].exe
2013-07-31 13:30 - 2013-07-31 13:30 - 00673560 _____ C:\Users\Rene\Downloads\isobuster_all_lang.exe
2013-07-24 05:42 - 2013-07-24 05:42 - 02092792 _____ C:\Users\Rene\Downloads\avira_free_antivirus.exe
2013-07-24 05:39 - 2013-07-24 05:39 - 00003114 _____ C:\Windows\System32\Tasks\{4D989664-0B5C-41F3-A8F5-313B3C7963D9}
2013-07-24 05:37 - 2010-12-01 17:01 - 00000000 ___RD C:\Users\Rene\Desktop\Programme

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Users\Rene\AppData\Roaming\skype.ini

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-12 03:37

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2013 03
Ran by Rene at 2013-08-20 19:16:08
Running from C:\Users\Rene\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
 Update for Microsoft Office 2007 (KB2508958) (x32)
µTorrent (x32 Version: 2.0.0)
7-Zip 4.64 (x32)
A1 Dashboard (x32 Version: 1.8.0.151)
A1 Dashboard (x32)
ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.2146.41621)
Active@ ISO Burner (x32 Version: 2.5.1)
Adobe After Effects CS5 (x32 Version: 10)
Adobe AIR (x32 Version: 1.5.3.9120)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Media Player (x32 Version: 1.8)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Alice Madness Returns (x32 Version: 1.0.0.0)
Amazon Kindle (x32)
AMD Accelerated Video Transcoding (Version: 12.5.100.20928)
AMD APP SDK Runtime (Version: 10.0.1016.4)
AMD Catalyst Install Manager (Version: 8.0.891.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70928.1539)
Android SDK Tools (x32 Version: 1.16)
ANNO 2070 (x32 Version: 1.0.0.0)
Ant Renamer (x32 Version: 2.10.0)
APB Reloaded (x32)
Apple Application Support (x32 Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (x32 Version: 2.1.3.127)
Application Profiles (x32 Version: 2.0.4560.34681)
ARMA 2 Operation Arrowhead Uninstall (x32)
ArmA 2 Uninstall (x32)
ATI AVIVO64 Codecs (Version: 11.6.0.10516)
ATnotes Version 9.5 (x32 Version: 9.5)
Avidemux 2.5 (x32 Version: 2.5.4.6714)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.2.663)
AVS Update Manager 1.0 (x32)
AVS Video Converter 6 (x32)
AVS4YOU Software Navigator 1.4 (x32)
Battlefield 3™ (x32 Version: 1.0.0.0)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
BattlEye for OA Uninstall (x32)
BattlEye Uninstall (x32)
BioAssayDesktop (x32 Version: 10.00)
BioShock (x32)
BlueStacks (x32 Version: 0.7.0.725)
Bonjour (Version: 3.0.0.10)
BrowserDefender (x32)
Busty Babe Anal 1.0 (x32)
calibre (x32 Version: 0.8.68)
Call Graph (x32)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (x32 Version: 1.1)
Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (x32)
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32 Version: 1.2)
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32)
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (x32 Version: 1.3)
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (x32)
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: 1.4)
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32)
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32)
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (x32 Version: 1.5)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32)
Call of Duty: Black Ops - Multiplayer (x32)
Call of Duty: Black Ops (x32)
Call of Duty: Modern Warfare 2 - Multiplayer (x32)
Call of Duty: Modern Warfare 2 (x32)
Call of Duty: Modern Warfare 3 - Dedicated Server (x32)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Call of Duty: Modern Warfare 3 (x32)
CambridgeSoft ChemOffice Ultra 2006 (x32 Version: 10.0)
CambridgeSoft ENotebook 10.0 (x32 Version: 10.0)
CambridgeSoft Inventory 10.0 (x32 Version: 10.0)
CamStudio (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.0928.1532.26058)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0928.1532.26058)
Catalyst Control Center InstallProxy (x32 Version: 2012.0928.1532.26058)
Catalyst Control Center Localization All (x32 Version: 2012.0928.1532.26058)
CCC Help Chinese Standard (x32 Version: 2012.0928.1531.26058)
CCC Help Chinese Traditional (x32 Version: 2012.0928.1531.26058)
CCC Help Czech (x32 Version: 2012.0928.1531.26058)
CCC Help Danish (x32 Version: 2012.0928.1531.26058)
CCC Help Dutch (x32 Version: 2012.0928.1531.26058)
CCC Help English (x32 Version: 2012.0928.1531.26058)
CCC Help Finnish (x32 Version: 2012.0928.1531.26058)
CCC Help French (x32 Version: 2012.0928.1531.26058)
CCC Help German (x32 Version: 2012.0928.1531.26058)
CCC Help Greek (x32 Version: 2012.0928.1531.26058)
CCC Help Hungarian (x32 Version: 2012.0928.1531.26058)
CCC Help Italian (x32 Version: 2012.0928.1531.26058)
CCC Help Japanese (x32 Version: 2012.0928.1531.26058)
CCC Help Korean (x32 Version: 2012.0928.1531.26058)
CCC Help Norwegian (x32 Version: 2012.0928.1531.26058)
CCC Help Polish (x32 Version: 2012.0928.1531.26058)
CCC Help Portuguese (x32 Version: 2012.0928.1531.26058)
CCC Help Russian (x32 Version: 2012.0928.1531.26058)
CCC Help Spanish (x32 Version: 2012.0928.1531.26058)
CCC Help Swedish (x32 Version: 2012.0928.1531.26058)
CCC Help Thai (x32 Version: 2012.0928.1531.26058)
CCC Help Turkish (x32 Version: 2012.0928.1531.26058)
ccc-utility64 (Version: 2012.0928.1532.26058)
Cheat Engine 6.0 (x32)
Click MusicalKEYS 3.0.214 (x32)
Clonk Rage (x32)
Conduit Engine  (x32 Version: 6.3.3.3)
Core Temp version 0.99.8 (Version: 0.99.8)
Counter-Strike: Source (x32)
Counter-Strike: Source Beta (x32)
CPUID CPU-Z 1.58
D3DX10 (x32 Version: 15.4.2368.0902)
DC Universe Online (x32)
DeepBurner v1.8.0.224 (x32)
Defraggler (Version: 2.10)
Delta Chrome Toolbar (x32)
Delta toolbar   (x32 Version: 1.8.22.0)
DER HERR DER RINGE ONLINE: Die Minen Von Moria v02.01.03.4020 (x32 Version: 02.01.03.4020)
Der Herr der Ringe® - Die Eroberung™ (x32 Version: 1.0.0.1)
Diablo III (x32 Version: 1.0.2.9858)
Die Sims™ 3 (x32 Version: 1.24.3)
Die Sims™ 3 Design-Garten-Accessoires (x32 Version: 7.3.2)
Die Sims™ 3 Gib Gas-Accessoires (x32 Version: 5.0.44)
Die Sims™ 3 Late Night (x32 Version: 6.0.81)
Die Sims™ 3 Luxus-Accessoires (x32 Version: 3.0.38)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.7.4)
DivX-Setup (x32 Version: 2.6.1.24)
eaner (Version: 4.03)
EPU-6 Engine (x32 Version: 1.02.04)
Farming Simulator 2011 (x32)
Flipper Graph Control (x32 Version: 2.75)
Fotogalerie (x32 Version: 16.4.3505.0912)
Free YouTube Download version 3.2.2.430 (x32 Version: 3.2.2.430)
Free YouTube to MP3 Converter version 3.12.2.430 (x32 Version: 3.12.2.430)
GIMP 2.6.11 (x32 Version: 2.6.11)
Google Chrome (HKCU Version: 28.0.1500.95)
Google Drive (x32 Version: 1.11.4865.2530)
Google Talk Plugin (x32 Version: 4.4.2.14502)
Google Update Helper (x32 Version: 1.3.21.153)
GPU Caps Viewer 1.14.2 (x32)
Hama Double Action Air Grip (x32 Version: 1.00.0000)
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0)
HydraVision (x32 Version: 4.2.206.0)
HyperCam 2 (x32 Version: 2.27.01)
ICQ7.5 (x32 Version: 7.5)
I-Doser v4 (HKCU)
iTunes (Version: 10.6.3.25)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 33 (x32 Version: 6.0.330)
JavaFX 2.1.1 (x32 Version: 2.1.1)
JMicron JMB36X Driver (x32 Version: 1.00.0000)
Joe (x32 Version: 3.05.0100)
League of Legends (x32 Version: 1.02.0000)
LEGO® Harry Potter™: Die Jahre 1-4 (x32 Version: 1.0.0.0)
LEGO® Harry Potter™: Years 5-7 (x32 Version: 1.0.0.0)
Lexmark  (x32 Version: 1.0.0.0)
Lexmark Pro700 Series
Lexmark Symbolleiste (x32 Version: 4.3.37.0)
Lexmark Tools for Office (x32 Version: 1.29.0.0)
LibUSB-Win32-0.1.10.1 (x32 Version: 0.1.10.1)
Logitech Gaming Software 5.10 (Version: 5.10.127)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 1.1 (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Halo (x32)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server Desktop Engine (CAMBRIDGESOFT) (x32 Version: 8.00.761)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MicroVolts (x32)
MOUSE Editor (x32 Version: 10.12.0003)
Mouse Editor (x32 Version: 10.12.0003)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MP3 Skype Recorder (x32 Version: 3.1.3)
Mp3tag v2.46a (x32 Version: v2.46a)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
NVIDIA PhysX (x32 Version: 9.12.0613)
OF: Red River (x32 Version: 1.0.0003.129)
OpenOffice.org 3.2 (x32 Version: 3.2.9502)
Operation Flashpoint ®: Red River (x32 Version: 1.0.0000.129)
Origin (x32 Version: 8.6.0.357)
Pando Media Booster (x32 Version: 2.6.0.1)
PDF24 Creator 2.9.0 (x32)
PDFCreator (x32 Version: 1.4.3)
Personal ID (x32 Version: 1.8.5.202)
Philips Intelligent Agent (x32 Version: 2.2)
Philips SPC230NC Webcam (x32 Version: 1.0.0.0)
Photo Gallery (x32 Version: 16.4.3505.0912)
Play withSIX (x32 Version: 1.20.0286)
PunkBuster Services (x32 Version: 0.991)
QuickTime (x32 Version: 7.69.80.9)
RealDownloader (x32 Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
Realtek 8136 8168 8169 Ethernet Driver (x32 Version: 1.00.0005)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5859)
RealUpgrade 1.1 (x32 Version: 1.1.0)
ReNamer (x32 Version: 5.50)
Revo Uninstaller 1.94 (x32 Version: 1.94)
Saitek Cyborg Keyboard Volume 6.2.1.3 (Version: 6.2.1.3)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.1600.0)
Savings Sidekick (x32 Version: 1.20.150.150)
SecondLifeViewer2 (remove only) (x32)
Security Task Manager 1.8c (x32 Version: 1.8c)
Shutter Island (x32)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.5 (x32 Version: 6.5.158)
Smart Technology Programming Software 7.0.17.2 (Version: 7.0.17.2)
Source SDK (x32)
Spybot - Search & Destroy (x32 Version: 2.0.12)
Star Wars - Battlefront II (x32)
Star Wars: The Old Republic (x32 Version: 1.00)
StarCraft II (x32 Version: 1.5.1.22763)
Steam (x32 Version: 1.0.0.0)
Stronghold 3 (x32)
SUPER © Version 2010.bld.42 (Nov 7, 2010) (x32 Version: Version 2010.bld.42 (Nov 7, 2010))
SUPERAntiSpyware (Version: 4.45.1000)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60)
TeamSpeak 3 Client (Version: 3.0.11.1)
TechPowerUp GPU-Z (x32)
The Lord of the Rings Online™ (x32)
The Lord of the Rings Online™ v03.08.00.8025 (x32 Version: 03.08.00.8025)
The Lord of the Rings: War in the North (x32)
Trojan Remover 6.8.2 (x32 Version: 6.8.2)
TurboV (x32 Version: 1.01.04)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
UltraStar 0.5.2 (x32)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VideoPad Video Editor (x32)
Webcam Station Evolution (x32 Version: 3.2.0.1)
Webcam Video Viewer (x32)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
WinRAR 4.00 (64-Bit) (Version: 4.00.0)
World of Warcraft (x32 Version: 5.3.0.17128)
Wuala (HKCU Version: 1.0.380.0)
Wuala CBFS (x32 Version: 3.2.101.0)
Wuala Dokan (x32 Version: 1.0.8837.8)
Wuala OverlayIcons (x32 Version: 1.0.0.1)
Xfire (remove only) (x32)
XfireXO Toolbar (x32 Version: 6.3.3.3)
Xtra Controller (x32 Version: 3.2.0.1)
YAWLE 0.5b (x32)
YourFileDownloader (HKCU Version: 1.3.2)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {07E72FA0-5645-4D61-B9E9-89D4A5A1E25C} - System32\Tasks\DealPly => C:\Users\Rene\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE No File
Task: {0D84F8F7-44E2-43BE-A5E8-DFE7281F93C3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {12F744E1-BBBE-4D50-AE1B-7327917D2B2D} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe No File
Task: {187C06B9-EB91-4763-982F-B499F985C22A} - System32\Tasks\{D3884760-05EE-4B63-AC51-A30BA8EEBC26} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-19] (Mozilla Corporation)
Task: {1CB13C6B-B68D-4F5A-BA40-4EF4A862BFF9} - \FacebookUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000UA No Task File
Task: {2247E7B9-621C-4E61-A2EC-ECC7E958B31F} - System32\Tasks\{722974D1-73ED-4B89-8B39-329C9CBA6B48} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-19] (Mozilla Corporation)
Task: {2AC39E68-3A1D-4074-8B68-7E4572F2984E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe No File
Task: {3342E168-FC87-48BA-9A74-BA628818CCD2} - System32\Tasks\Updater5060.exe => C:\Users\Rene\AppData\Local\Updater5060\Updater5060.exe [2013-01-17] (FileProperties_CompanyName)
Task: {34B0C92C-BD88-46FC-BDD0-F791F1BF5362} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe No File
Task: {36E77EB2-F59C-40F7-8EAE-323DB6FAC2DC} - System32\Tasks\{2C9E4B74-FE1F-448C-AA77-F8F3F5638A1B} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-19] (Mozilla Corporation)
Task: {3C80385C-F338-4FBE-B479-0ED7BA205DA3} - \FacebookUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000Core No Task File
Task: {4CD93FB2-E698-456A-BDAF-77BEBE6D0955} - System32\Tasks\PC Performer_DEFAULT => C:\Program Files (x86)\PC Performer\PCPerformer.exe No File
Task: {52000DCA-716C-45EA-8C36-1BB339453056} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {523EBE1F-56D7-49AF-9DBF-275DBBA080CA} - System32\Tasks\{72DB1B81-12F1-4669-AC66-B51B6FAC2731} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-19] (Mozilla Corporation)
Task: {53FC37B7-E438-43C7-A1E3-188627CAC086} - System32\Tasks\User_Feed_Synchronization-{9A570E9D-E13D-4933-AEC4-875DA8358CF1} => C:\Windows\system32\msfeedssync.exe [2013-03-29] (Microsoft Corporation)
Task: {59EA9D63-16FB-4880-B666-F895567E40FB} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1217606454-805411425-2449683855-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {5CB87546-13F5-464B-84D8-886246133D29} - System32\Tasks\{68C90B12-0C01-40DA-9440-BB302D805F07} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {7DBEC276-CBC7-4E7B-BB0B-C05FD30EF1F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-03] (Google Inc.)
Task: {8C1DA4A9-22A6-4DE9-807B-756CD257BC0C} - System32\Tasks\{01D73546-B91C-4C8A-8804-CFC5616F4EEB} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-19] (Mozilla Corporation)
Task: {8C402C13-7AFA-4412-8432-E84AE91BD333} - \DealPlyUpdate No Task File
Task: {91EDF7EB-2862-4821-8435-DED974B39A71} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2009-10-02] (ASUSTeK Computer Inc.)
Task: {94AA6BD3-0D60-4702-A65E-BCEBBB14DFC4} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {992C7516-8FF9-4769-90EB-15ADC60E3423} - System32\Tasks\{F7D8F06E-E261-4C32-8FE7-B3EC2B54C958} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-19] (Mozilla Corporation)
Task: {99DDE8B3-7C28-4D39-8A8A-1F676F334F51} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000UA => C:\Users\Rene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-12] (Google Inc.)
Task: {9F75DFFC-918E-4800-BB9F-5D3834EE3108} - System32\Tasks\{6ABD2BFE-68A5-42D4-927B-63029BD97BC6} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-06-03] (Skype Technologies S.A.)
Task: {A78400A2-4716-4124-BFB1-125A09AA58AA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1217606454-805411425-2449683855-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {BD11BB90-C8E9-47E6-8986-EDEA92542EFA} - System32\Tasks\PC Performer => C:\Program Files (x86)\PC Performer\PCPerformer.exe No File
Task: {C2B6FCC4-AFAF-40DF-9CC5-501CDA7E23CE} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1217606454-805411425-2449683855-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {C97E4056-0F75-465B-B34A-DD2743297797} - System32\Tasks\{2883AD8F-F0CD-4798-A77A-E6F4024485AC} => c:\program files (x86)\mozilla firefox\firefox.exe [2013-08-19] (Mozilla Corporation)
Task: {CC405914-CDE4-4877-8B92-34B29989C0CF} - System32\Tasks\PC Performer_UPDATES => C:\Program Files (x86)\PC Performer\PCPerformer.exe No File
Task: {E319CDEB-2712-4568-A9AE-A51C39BAF1F6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1217606454-805411425-2449683855-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {E409E71F-574B-4409-B2AF-858FFA33573A} - System32\Tasks\EPUpdater => C:\Users\Rene\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {E575C57A-F645-4EF4-9CFE-2B680D1FB6C5} - \CreateChoiceProcessTask No Task File
Task: {E7E5A9DB-A475-448D-9E2A-E179C4F9C2A0} - \AdobeAAMUpdater-1.0-Rene-PC-Rene No Task File
Task: {EC1A67E5-6A9F-4F2B-BC40-DBFA94C2968F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe No File
Task: {EF7AE1CA-3F9E-4AB6-827D-C584364613A0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000Core => C:\Users\Rene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-12] (Google Inc.)
Task: {F27D91A7-67DC-4E51-805F-0EDE2C7CE945} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-03] (Google Inc.)
Task: {FFA14878-76AA-4EE8-9C51-7D0C2C76EF2B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000Core.job => C:\Users\Rene\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000UA.job => C:\Users\Rene\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000Core.job => C:\Users\Rene\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000UA.job => C:\Users\Rene\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Performer_DEFAULT.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe
Task: C:\Windows\Tasks\PC Performer_UPDATES.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe
Task: C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1217606454-805411425-2449683855-1000.job => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1217606454-805411425-2449683855-1000.job => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/20/2013 02:56:08 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (08/20/2013 00:25:25 AM) (Source: MSSQL$CAMBRIDGESOFT) (User: )
Description: FillAddress(MSAFD-Tcpip [TCP/IPv6]) : Error 0

Error: (08/19/2013 09:32:26 PM) (Source: MSSQL$CAMBRIDGESOFT) (User: )
Description: FillAddress(MSAFD-Tcpip [TCP/IPv6]) : Error 0

Error: (08/19/2013 09:30:12 PM) (Source: MSSQL$CAMBRIDGESOFT) (User: )
Description: FillAddress(MSAFD-Tcpip [TCP/IPv6]) : Error 0

Error: (08/19/2013 09:26:47 PM) (Source: MSSQL$CAMBRIDGESOFT) (User: )
Description: FillAddress(MSAFD-Tcpip [TCP/IPv6]) : Error 0

Error: (08/19/2013 09:02:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MouseEditor.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: TrayIconWebAdvertisement.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4cf78a8d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x04f89c9b
ID des fehlerhaften Prozesses: 0x173c
Startzeit der fehlerhaften Anwendung: 0xMouseEditor.exe0
Pfad der fehlerhaften Anwendung: MouseEditor.exe1
Pfad des fehlerhaften Moduls: MouseEditor.exe2
Berichtskennung: MouseEditor.exe3

Error: (08/19/2013 08:09:32 PM) (Source: MSSQL$CAMBRIDGESOFT) (User: )
Description: FillAddress(MSAFD-Tcpip [TCP/IPv6]) : Error 0

Error: (08/19/2013 08:07:29 PM) (Source: MSSQL$CAMBRIDGESOFT) (User: )
Description: FillAddress(MSAFD-Tcpip [TCP/IPv6]) : Error 0

Error: (08/19/2013 08:00:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (08/19/2013 08:00:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (08/20/2013 03:02:26 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{a607dfe0-fd68-11df-990c-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{1882568B-D495-43CE-8A77-07A6B22BFDDB}

Error: (08/20/2013 03:01:38 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{a607dfe0-fd68-11df-990c-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{41836A31-66E2-4D0E-B877-CF9A63925D44}

Error: (08/20/2013 01:55:54 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/20/2013 00:25:20 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/20/2013 00:24:46 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/20/2013 00:24:46 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.

Error: (08/20/2013 00:24:04 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (08/20/2013 00:24:03 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (08/20/2013 00:24:00 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (08/20/2013 00:24:00 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================
Error: (05/13/2011 11:42:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12450 seconds with 1800 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2011-05-19 08:22:53.238
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-05-19 08:22:53.207
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-05-19 08:21:30.033
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-05-19 08:21:29.972
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-04-05 09:10:27.047
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\UltraStar\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-04-05 09:10:27.034
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\UltraStar\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-04-05 08:49:21.242
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\UltraStar\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-04-05 08:49:21.228
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\UltraStar\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-04-03 14:53:32.334
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\UltraStar\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-04-03 14:53:32.321
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\UltraStar\zlportio.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 64%
Total physical RAM: 6135.12 MB
Available physical RAM: 2172.49 MB
Total Pagefile: 12268.42 MB
Available Pagefile: 8290.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:1397.17 GB) (Free:759.08 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: CB5BD2B2)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=-698828718080) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 21.08.2013, 11:13   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Polizei virus - Standard

Polizei virus



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.08.2013, 11:53   #9
Jananas12
 
Polizei virus - Standard

Polizei virus



Code:
ATTFilter
ComboFix 13-08-20.01 - Rene 21.08.2013  12:27:39.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.43.1031.18.6135.1796 [GMT 2:00]
ausgeführt von:: C:\Users\Rene\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))


C:\CFLog
C:\Program Files (x86)\Savings Sidekick
C:\Program Files (x86)\Savings Sidekick\Savings Sidekick-bg.exe
C:\Program Files (x86)\Savings Sidekick\SaVIngs sidekick.dll
C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.exe
C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.ico
C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.ini
C:\Program Files (x86)\Savings Sidekick\Savings SidekickInstaller.log
C:\Program Files (x86)\Savings Sidekick\Uninstall.exe
C:\Users\Rene\AppData\Local\._Revolution_
C:\Users\Rene\AppData\Local\Savings Sidekick
C:\Windows\SysWow64\frapsvid.dll


(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_BrowserDefendert


(((((((((((((((((((((((   Dateien erstellt von 2013-07-21 bis 2013-08-21  ))))))))))))))))))))))))))))))


2068-08-24 12:25:14 . 2004-08-24 12:27:25	375808	----a-w-	C:\Program Files (x86)\Microsoft Games\Halo\binkw32.dll
2013-08-21 10:37:41 . 2013-08-21 10:37:41	--------	d-----w-	C:\Users\hedev\AppData\Local\temp
2013-08-20 17:14:26 . 2013-08-20 17:14:26	--------	d-----w-	C:\FRST
2013-08-20 09:00:13 . 2013-08-20 09:00:13	--------	d-----w-	C:\Users\Rene\AppData\Roaming\Avira
2013-08-20 08:56:03 . 2013-08-20 08:55:52	83672	----a-w-	C:\Windows\system32\drivers\avnetflt.sys
2013-08-20 08:55:36 . 2013-08-20 08:55:36	--------	d-----w-	C:\ProgramData\AskPartnerNetwork
2013-08-20 08:55:35 . 2013-08-20 08:55:36	--------	d-----w-	C:\Program Files (x86)\AskPartnerNetwork
2013-08-20 08:55:21 . 2013-08-20 08:55:21	--------	d-----w-	C:\ProgramData\APN
2013-08-20 08:54:31 . 2013-07-18 06:02:34	130016	----a-w-	C:\Windows\system32\drivers\avipbb.sys
2013-08-20 08:54:31 . 2013-07-18 06:02:34	100712	----a-w-	C:\Windows\system32\drivers\avgntflt.sys
2013-08-20 08:54:31 . 2013-03-06 14:13:37	28600	----a-w-	C:\Windows\system32\drivers\avkmgr.sys
2013-08-20 08:54:27 . 2013-08-20 08:54:45	--------	d-----w-	C:\ProgramData\Avira
2013-08-20 08:54:27 . 2013-08-20 08:54:27	--------	d-----w-	C:\Program Files (x86)\Avira
2013-08-19 17:45:18 . 2013-08-19 17:45:21	834544	----a-w-	C:\Windows\system32\drivers\sptd.sys
2013-08-19 17:44:27 . 2013-08-19 17:44:27	--------	d-----w-	C:\Program Files (x86)\LSoft Technologies
2013-08-10 18:25:56 . 2013-08-10 18:25:56	--------	d-----w-	C:\Users\Rene\AppData\Local\Chromium
2013-08-02 22:13:04 . 2013-08-20 16:55:24	--------	d-----w-	C:\Program Files\TeamSpeak 3 Client
.


((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-08-21 09:49:25 . 2012-06-08 07:46:42	692104	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-21 09:49:25 . 2011-05-20 09:00:06	71048	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-20 09:42:07 . 2010-12-21 07:09:50	107832	----a-w-	C:\Windows\SysWow64\PnkBstrB.exe
2013-08-19 17:11:49 . 2010-12-21 07:55:16	280904	----a-w-	C:\Windows\SysWow64\PnkBstrB.xtr
2013-08-19 17:11:49 . 2010-12-21 07:09:50	280904	----a-w-	C:\Windows\SysWow64\PnkBstrB.ex0
2013-07-12 01:13:36 . 2010-12-04 09:56:48	78185248	----a-w-	C:\Windows\system32\MRT.exe
2013-07-02 08:34:27 . 2013-08-17 03:32:03	9460976	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0573B1C0-E59E-437E-BBCB-2B98341F65F3}\mpengine.dll
2013-06-26 22:46:27 . 2013-06-26 22:46:31	96168	----a-w-	C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-26 22:46:24 . 2012-07-22 18:25:51	867240	----a-w-	C:\Windows\SysWow64\npdeployJava1.dll
2013-06-26 22:46:24 . 2010-12-03 17:27:26	789416	----a-w-	C:\Windows\SysWow64\deployJava1.dll
2013-06-11 23:43:37 . 2013-07-12 01:11:15	1767936	----a-w-	C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 . 2013-07-12 01:11:18	2877440	----a-w-	C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 . 2013-07-12 01:11:24	61440	----a-w-	C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 . 2013-07-12 01:11:23	109056	----a-w-	C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:36 . 2013-07-12 01:11:23	51712	----a-w-	C:\Windows\system32\ie4uinit.exe
2013-06-11 23:26:20 . 2013-07-12 01:11:14	2241024	----a-w-	C:\Windows\system32\wininet.dll
2013-06-11 23:26:13 . 2013-07-12 01:11:17	1365504	----a-w-	C:\Windows\system32\urlmon.dll
2013-06-11 23:25:30 . 2013-07-12 01:11:09	19238912	----a-w-	C:\Windows\system32\mshtml.dll
2013-06-11 23:25:29 . 2013-07-12 01:11:21	603136	----a-w-	C:\Windows\system32\msfeeds.dll
2013-06-11 23:25:16 . 2013-07-12 01:11:20	855552	----a-w-	C:\Windows\system32\jscript.dll
2013-06-11 23:25:16 . 2013-07-12 01:11:19	3958784	----a-w-	C:\Windows\system32\jscript9.dll
2013-06-11 23:25:16 . 2013-07-12 01:11:16	53248	----a-w-	C:\Windows\system32\jsproxy.dll
2013-06-11 23:25:13 . 2013-07-12 01:11:25	526336	----a-w-	C:\Windows\system32\ieui.dll
2013-06-11 23:25:13 . 2013-07-12 01:11:24	67072	----a-w-	C:\Windows\system32\iesetup.dll
2013-06-11 23:25:13 . 2013-07-12 01:11:23	39936	----a-w-	C:\Windows\system32\iernonce.dll
2013-06-11 23:25:13 . 2013-07-12 01:11:23	136704	----a-w-	C:\Windows\system32\iesysprep.dll
2013-06-11 23:25:13 . 2013-07-12 01:11:22	2648576	----a-w-	C:\Windows\system32\iertutil.dll
2013-06-11 23:25:13 . 2013-07-12 01:11:10	15404032	----a-w-	C:\Windows\system32\ieframe.dll
2013-06-11 22:51:45 . 2013-07-12 01:11:23	71680	----a-w-	C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 . 2013-07-12 01:11:23	89600	----a-w-	C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 . 2013-07-12 01:11:26	2706432	----a-w-	C:\Windows\system32\mshtml.tlb
2013-06-07 02:37:52 . 2013-07-12 01:11:26	2706432	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2013-06-05 03:34:27 . 2013-07-11 02:09:14	3153920	----a-w-	C:\Windows\system32\win32k.sys
2013-06-04 06:00:13 . 2013-07-11 02:09:29	624128	----a-w-	C:\Windows\system32\qedit.dll
2013-06-04 04:53:07 . 2013-07-11 02:09:28	509440	----a-w-	C:\Windows\SysWow64\qedit.dll
2006-05-03 10:06:54	163328	--sh--r-	C:\Windows\SysWOW64\flvDX.dll
2007-02-21 11:47:16	31232	--sh--r-	C:\Windows\SysWOW64\msfDX.dll
2008-03-16 13:30:52	216064	--sh--r-	C:\Windows\SysWOW64\nbDX.dll


((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))


*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "C:\Program Files (x86)\Family Toolbar\tbhelper.dll" [2009-05-07 21:43:00 355840]

[HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]
2009-05-07 21:46:54	2642432	----a-w-	C:\Program Files (x86)\Family Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54:02	175912	----a-w-	C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2013-07-26 20:30:31	12240	----a-w-	C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
2011-01-17 14:54:02	175912	----a-w-	C:\Program Files (x86)\XfireXO\prxtbXfir.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
2013-07-23 02:50:32	311536	----a-w-	C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D62EC836-BF1E-4CAC-81BE-FB9179835D8E}]
2010-02-18 07:37:08	221184	----a-w-	C:\Program Files (x86)\Family Toolbar\mhxpcomi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-04-30 16:55:00	280736	----a-w-	C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 14:54:02 175912]
"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "C:\Program Files (x86)\Family Toolbar\tbcore3.dll" [2009-05-07 21:46:54 2642432]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "C:\Program Files (x86)\XfireXO\prxtbXfir.dll" [2011-01-17 14:54:02 175912]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll" [2013-07-23 02:50:34 300952]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2013-07-26 20:30:31 12240]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd]

[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{7E71FCB1-0CB1-4758-985E-BD2CB94E775B}"
[HKEY_CLASSES_ROOT\CLSID\{7E71FCB1-0CB1-4758-985E-BD2CB94E775B}]
2011-11-04 19:33:18	158224	----a-w-	C:\Windows\SysWOW64\CbFsMntNtf3.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2011-11-04 19:33:18	158224	----a-w-	C:\Windows\SysWOW64\CbFsMntNtf3.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-20 13:25:17 1475584]
"Philips Intelligent Agent"="C:\Program Files (x86)\Philips\Intelligent Agent\Philips Intelligent Agent.exe" [2008-02-21 16:19:30 613792]
"OscarEditor"="C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe" [2010-12-23 09:00:12 3344384]
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe" [2013-06-27 14:11:08 20097696]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2013-06-03 14:27:20 19603048]
"SCheck"="C:\Users\Rene\AppData\Roaming\SCheck\SCheck.exe" [2013-04-09 22:57:44 36864]
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-05-24 20:48:24 393216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 17:36:46 30040]
"JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" [2009-06-30 03:58:28 36864]
"TurboV"="C:\Program Files\ASUS\TurboV\TurboV.exe" [2009-10-20 16:23:22 5516800]
"AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 03:57:06 406992]
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 12:37:14 517096]
"CamserviceHD"="C:\Program Files (x86)\Hercules\Dualpix HD\Camservice.exe" [2009-07-07 12:47:04 360448]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 21:06:36 958576]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 15:06:40 642728]
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" [2013-01-22 14:53:25 295072]
"DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 03:34:52 450560]
"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 02:37:16 1263952]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 05:32:50 253816]
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 12:02:06 2255184]
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-07-18 06:01:44 345144]

C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe [2009-9-14 1807272]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\winlogon]
"shell"="explorer.exe,C:\Users\Rene\AppData\Roaming\skype.dat"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\PROGRA~4\BROWSE~3\261519~1.190\{C16C1~1\BrowserDefender.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;C:\Windows\system32\libusbd-nt.exe;C:\Windows\SYSNATIVE\libusbd-nt.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;C:\Users\Rene\AppData\Local\Temp\ALSysIO64.sys;C:\Users\Rene\AppData\Local\Temp\ALSysIO64.sys [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys;C:\Windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;C:\Program Files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 dgderdrv;dgderdrv;C:\Windows\system32\drivers\dgderdrv.sys;C:\Windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys;C:\Windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\system32\DRIVERS\ewusbdev.sys;C:\Windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;C:\Windows\system32\drivers\libusb0.sys;C:\Windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 PAEAFLT.sys;USB Composite Device;C:\Windows\system32\DRIVERS\PAEAFLT.sys;C:\Windows\SYSNATIVE\DRIVERS\PAEAFLT.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys;C:\Windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SPC230NC;Philips SPC230NC Webcam;C:\Windows\system32\DRIVERS\SPC230NC.SYS;C:\Windows\SYSNATIVE\DRIVERS\SPC230NC.SYS [x]
R3 SQLAgent$CAMBRIDGESOFT;SQLAgent$CAMBRIDGESOFT;C:\Program Files (x86)\Microsoft SQL Server\MSSQL$CAMBRIDGESOFT\Binn\sqlagent.EXE;C:\Program Files (x86)\Microsoft SQL Server\MSSQL$CAMBRIDGESOFT\Binn\sqlagent.EXE [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys;C:\Windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys;C:\Windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TFsExDisk;TFsExDisk;C:\Windows\System32\Drivers\TFsExDisk.sys;C:\Windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys;C:\Windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VCam_WDM;Fake Webcam 7.2;C:\Windows\system32\DRIVERS\VCam_WDM.sys;C:\Windows\SYSNATIVE\DRIVERS\VCam_WDM.sys [x]
R3 VGPU;VGPU;C:\Windows\system32\drivers\rdvgkmd.sys;C:\Windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\Rene\AppData\Local\Temp\Rar$EX59.760\WinRing0x64.sys;C:\Users\Rene\AppData\Local\Temp\Rar$EX59.760\WinRing0x64.sys [x]
R3 X6va003;X6va003;C:\Users\Rene\AppData\Local\Temp\0035B6D.tmp;C:\Users\Rene\AppData\Local\Temp\0035B6D.tmp [x]
R3 X6va005;X6va005;C:\Users\Rene\AppData\Local\Temp\005D450.tmp;C:\Users\Rene\AppData\Local\Temp\005D450.tmp [x]
R3 X6va011;X6va011;C:\Windows\SysWOW64\Drivers\X6va011;C:\Windows\SysWOW64\Drivers\X6va011 [x]
R3 XENfiltv;XENfiltv;C:\Windows\system32\drivers\XENfiltv.sys;C:\Windows\SYSNATIVE\drivers\XENfiltv.sys [x]
R3 zlportio;zlportio;C:\Program Files (x86)\UltraStar\zlportio.sys;C:\Program Files (x86)\UltraStar\zlportio.sys [x]
S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys;C:\Windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys;C:\Windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 cbfs3;cbfs3;C:\Windows\system32\drivers\cbfs3.sys;C:\Windows\SYSNATIVE\drivers\cbfs3.sys [x]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS;C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS;C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe;C:\Windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 APNMCP;Ask Aktualisierungsdienst;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 cpuz135;cpuz135;C:\Windows\system32\drivers\cpuz135_x64.sys;C:\Windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 lxee_device;lxee_device;C:\Windows\system32\lxeecoms.exe;C:\Windows\SYSNATIVE\lxeecoms.exe [x]
S2 lxeeCATSCustConnectService;lxeeCATSCustConnectService;C:\Windows\system32\spool\DRIVERS\x64\3\\lxeeserv.exe;C:\Windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxeeserv.exe [x]
S2 MSSQL$CAMBRIDGESOFT;MSSQL$CAMBRIDGESOFT;C:\Program Files (x86)\Microsoft SQL Server\MSSQL$CAMBRIDGESOFT\Binn\sqlservr.exe;C:\Program Files (x86)\Microsoft SQL Server\MSSQL$CAMBRIDGESOFT\Binn\sqlservr.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 wDokan;wDokan;C:\Windows\system32\drivers\wdokan.sys;C:\Windows\SYSNATIVE\drivers\wdokan.sys [x]
S2 wDokanMounter;wDokanMounter;C:\Program Files (x86)\Wuala Dokan\mounter.exe;C:\Program Files (x86)\Wuala Dokan\mounter.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys;C:\Windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 hxctlflt;hxctlflt;C:\Windows\system32\Drivers\hxctlflt.sys;C:\Windows\SYSNATIVE\Drivers\hxctlflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys;C:\Windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SaiK0728;SaiK0728;C:\Windows\system32\DRIVERS\SaiK0728.sys;C:\Windows\SYSNATIVE\DRIVERS\SaiK0728.sys [x]


--- Andere Dienste/Treiber im Speicher ---

*NewlyCreated* - WS2IFSL

Inhalt des "geplante Tasks" Ordners

2013-08-21 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 07:46:43 . 2013-08-21 09:49:25]

2013-08-21 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-03 11:51:21 . 2012-06-03 11:51:16]

2013-08-21 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-03 11:51:21 . 2012-06-03 11:51:16]

2013-08-21 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000Core.job
- C:\Users\Rene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-23 23:52:45 . 2012-07-12 00:56:43]

2013-08-21 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1217606454-805411425-2449683855-1000UA.job
- C:\Users\Rene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-23 23:52:45 . 2012-07-12 00:56:43]

2013-08-21 C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1217606454-805411425-2449683855-1000.job
- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30 14:30:34 . 2012-11-30 14:30:34]

2013-08-20 C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1217606454-805411425-2449683855-1000.job
- C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-11-30 14:30:34 . 2012-11-30 14:30:34]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-04-30 16:55:00	340640	----a-w-	C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon1]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11:10	778704	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon2]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11:10	778704	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon3]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11:10	778704	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon4]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11:10	778704	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{7E71FCB1-0CB1-4758-985E-BD2CB94E775B}"
[HKEY_CLASSES_ROOT\CLSID\{7E71FCB1-0CB1-4758-985E-BD2CB94E775B}]
2011-11-04 19:33:18	191504	----a-w-	C:\Windows\System32\CbFsMntNtf3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2011-11-04 19:33:18	191504	----a-w-	C:\Windows\System32\CbFsMntNtf3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon2]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11:10	778704	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon4]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11:10	778704	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon4]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11:10	778704	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon3]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11:10	778704	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 14:11:10	778704	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon1]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11:10	778704	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SPC230NC_Monitor"="C:\Windows\Philips\SPC230NC\Monitor.exe" [2007-12-10 14:55:26 323584]
"SPC_Monitor"="C:\Windows\Philips\SPC230NC\Monitor.exe" [2007-12-10 14:55:26 323584]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-05-22 16:20:30 7833120]
"Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe" [2009-05-22 16:21:16 1833504]
"Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 15:18:10 190536]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-02-22 17:18:20 500208]
"CamserviceHD"="C:\Program Files (x86)\Hercules\Dualpix HD\Camservice.exe" [2009-07-07 12:47:04 360448]
"ProfilerU"="C:\Program Files\SmartTechnology\Software\ProfilerU.exe" [2012-06-25 14:56:02 455680]
"SaiVolume"="C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe" [2008-01-18 16:52:08 186880]

------- Zusätzlicher Suchlauf -------

uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?affID=121562&babsrc=HP_ss_sps&mntrId=363820CF305AB4A0
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=AT&userid=3f2e208d-75f3-4589-be15-49a74d097323&searchtype=ds&q={searchTerms}&installDate={installDate}
IE: Client auf Monitor & öffnen1 - C:\Windows\web\AOpenClient.htm
IE: Client auf Monitor & öffnen2 - C:\Windows\web\AOpenClient.htm
IE: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
Handler: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - C:\Program Files (x86)\Family Toolbar\mhxpcomi.dll
FF - ProfilePath - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.fbdownloader.com/?channel=sfat203fbdgy20
FF - prefs.js: browser.search.defaulturl - hxxp://search.fbdownloader.com/search.php?channel=sfat203fbdgy20&q=
FF - prefs.js: keyword.URL - hxxp://search.fbdownloader.com/search.php?channel=sfat203fbdgy20&q=
FF - prefs.js: keyword.enabled - true
FF - ExtSQL: 2013-07-26 22:31; toolbar_AVIRA-V7@apn.ask.com; C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\nev3je6q.default\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF - ExtSQL: !HIDDEN! 2013-06-09 17:59; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=3638186900000000000020cf305ab4a0&q=
FF - user.js: extensions.BabylonToolbar.id - 3638186900000000000020cf305ab4a0
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15579
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1212:29:56
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111304&tt=201208_mnt_n_3512_2
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
user_pref('extensions.dealply.partner', 'vita');
user_pref('extensions.dealply.channel', 'vitaeazel');
user_pref('extensions.dealply.installId', 'v23500269443062441385442012091100131325');
user_pref('extensions.dealply.installIdSource', 'inst');
user_pref('extensions.dealply.sampleGroup', '5');
FF - user.js: extensions.claro.tlbrSrchUrl - 
FF - user.js: extensions.claro.id - 3638186900000000000020cf305ab4a0
FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062}
FF - user.js: extensions.claro.instlDay - 15679
FF - user.js: extensions.claro.vrsn - 1.8.3.10
FF - user.js: extensions.claro.vrsni - 1.8.3.10
FF - user.js: extensions.claro_i.vrsnTs - 1.8.3.1017:15:59
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - base
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
user_pref('extensions.dealply.partner', 'onek');
user_pref('extensions.dealply.channel', 'oneksoftemulecom');
user_pref('extensions.dealply.installId', 'v23500269443062441385442012091100131325');
user_pref('extensions.dealply.installIdSource', 'inst');
user_pref('extensions.dealply.sampleGroup', '5');
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 3638186900000000000020cf305ab4a0
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15917
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.013:33:28
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119357&tsp=4960
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false

- - - - Entfernte verwaiste Registrierungseinträge - - - -

BHO-{11111111-1111-1111-1111-110011501160} - C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Notify-SDWinLogon - SDWinLogon.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{E8DE9422-3B2C-4243-BF6F-235DA84D8EF8} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file)
ShellIconOverlayIdentifiers-{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6} - (no file)
ShellIconOverlayIdentifiers-{9AE343CB-BA45-4618-AF6A-0230EE6FC793} - (no file)
AddRemove-Savings Sidekick - C:\Program Files (x86)\Savings Sidekick\Uninstall.exe
AddRemove-I-Doser v4 - C:\Program Files (x86)\IDoser v4\Uninstal.exe
AddRemove-YourFileDownloader - C:\Program Files (x86)\YourFileDownloader\uninstall.exe
         

Alt 21.08.2013, 12:55   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Polizei virus - Standard

Polizei virus



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Polizei virus
befolgt, beitrag, bericht, datei, files, gross, guten, log, log files, polizei, polizei virus, polizei virus trojaner österreich, poste, richtig, virus



Ähnliche Themen: Polizei virus


  1. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (23)
  2. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 24.03.2013 (34)
  3. Polizei-Virus Win XP
    Plagegeister aller Art und deren Bekämpfung - 13.03.2013 (20)
  4. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (10)
  5. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 20.10.2012 (28)
  6. Polizei Virus 5.2
    Plagegeister aller Art und deren Bekämpfung - 20.10.2012 (4)
  7. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (4)
  8. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 29.09.2012 (14)
  9. Polizei Virus
    Log-Analyse und Auswertung - 27.09.2012 (3)
  10. Polizei Virus
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (13)
  11. Polizei Virus Neu?
    Plagegeister aller Art und deren Bekämpfung - 05.09.2012 (1)
  12. Polizei Virus 5.2
    Plagegeister aller Art und deren Bekämpfung - 23.08.2012 (11)
  13. Polizei Einheit 5.2 Virus Österreich Virus
    Log-Analyse und Auswertung - 05.08.2012 (14)
  14. Polizei Virus 5.2
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (1)
  15. ----- Polizei Virus -----
    Plagegeister aller Art und deren Bekämpfung - 08.06.2012 (11)
  16. Task-manager durch virus blockiert, Polizei-virus
    Log-Analyse und Auswertung - 02.04.2012 (1)
  17. Polizei virus
    Log-Analyse und Auswertung - 18.04.2011 (1)

Zum Thema Polizei virus - Guten abent, nachdem ich mir den bericht zum sogenaten polizei virus angeschaut habe und alles befolgt haben wollte ich gern hier die log files posten. falls ich hier nicht richtig - Polizei virus...
Archiv
Du betrachtest: Polizei virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.