Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Ich habe einen Trojaner (Logfile gemacht)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 24.08.2013, 02:24   #1
lisa2
 
Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)



Hallo,
ich habe mir heute einen Trojaner eingefangen und bitte euch um Hilfe, weil ich mir da nicht wirklich zu helfen weiß

Folgendes ist heute passiert (kurz erklärt): Ich bekam eine E-Mail mit Anhang, in der stand, dass ich die folgende Rechnung bezahlen soll und wenn nicht gerichtliche Maßnahmen eingereicht werden. Geschockt von dem Text habe ich dann unwissend den Anhang, in dem sich die Rechnung befinden sollte, geöffnet (das war eine .zip Datei, die jedoch nach dem Entpacken leer war und mir dabei außerdem ein Fehler angezeigt wurde).

Anscheinend bin ich nicht die Einzigste, die so eine Mail bekommen hat: hxxp://www.spam-info.de/1813/achtung-spam-falsche-abmahnungen-und-rechnungen-im-umlauf/

Was ich bis jetzt unternommen habe:
- Einen Virenscan mit Avira, der dann aber bei 80% abgebrochen ist (Bis dahin hatte es 3 Sachen gefunden)
- Nach Anleitung aus dem Forum die folgende Logdatei (Vollscan) mithilfe von Malwarebytes (v 1.75):

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.23.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16660
Lisa :: LISA-PC [Administrator]

23.08.2013 21:38:22
MBAM-log-2013-08-24 (02-12-10).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|H:\|I:\|J:\|K:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 668029
Laufzeit: 4 Stunde(n), 27 Minute(n), 58 Sekunde(n)

Infizierte Speicherprozesse: 2
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 8100 -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 5416 -> Keine Aktion durchgeführt.

Infizierte Speichermodule: 2
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungsschlüssel: 41
HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\escort.escortIEPane.1 (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\escort.escortIEPane (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\delta.deltaHlpr (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\esrv.deltaESrvc.1 (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\esrv.deltaESrvc (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\delta.deltaappCore.1 (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\delta.deltaappCore (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCR\d (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCR\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCR\ToolBand.XTTBPos00.1 (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCR\ToolBand.XTTBPos00 (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 6
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Daten: Delta Toolbar -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Daten: -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta) -> Daten: -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Daten: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CC81001E8CC7C0AB&affID=119357&tsp=4983 -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Daten: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Keine Aktion durchgeführt.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0L1N1H2O1S -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.BrowserDefender.A) -> Bösartig: (c:\progra~2\browse~1\261562~1.220\{c16c1~1\browse~1.dll) Gut: () -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 21
C:\Users\Lisa\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\Delta (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Program Files\Delta\delta\1.8.24.6 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Program Files\Delta\delta\1.8.24.6\bh (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\OpenCandy\3027829AD419471EA9A7745B586D9A0A (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\OpenCandy\9683DA8E82334F9E87F436F4A64B2A8B (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\OpenCandy\OpenCandy_3027829AD419471EA9A7745B586D9A0A (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\OpenCandy\OpenCandy_9683DA8E82334F9E87F436F4A64B2A8B (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.

Infizierte Dateien: 88
C:\Program Files\Delta\delta\1.8.24.6\bh\delta.dll (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
C:\Program Files\Delta\delta\1.8.24.6\deltasrv.exe (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Nokia\Nokia Ovi Player\20101007.log (Extension.Mismatch) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Temp\05886A23-BAB0-7891-9D05-94643CE53095\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Temp\05886A23-BAB0-7891-9D05-94643CE53095\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Temp\05886A23-BAB0-7891-9D05-94643CE53095\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Temp\05886A23-BAB0-7891-9D05-94643CE53095\Latest\Setup.exe (PUP.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Temp\is1177715538\28636325_Setup.EXE (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Temp\is1177715538\DeltaTB.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Zylom Games\Dream Chronicles 3 Deluxe\dreamchroniclesthechosenchild.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Zylom Games\Gemini Lost Deluxe\geminilosttm.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Local\Zylom Games\Royal Envoy Deluxe\RoyalEnvoy.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\diamonddrop2download.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\alicegreenfingers2download.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\feedingfrenzy2download.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\feedingfrenzydownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\igglepopdownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\mindmedleydownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\ribibadownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\SoftonicDownloader_fuer_format-factory.exe (PUP.Optional.Softonic) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\farmmaniadownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\glyphdownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\yosetup.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\dairydashdownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\insaniquariumdownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\voguetalesdownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\turtleodyssey2download.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\cakemaniadownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\mosaictombofmysterydownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\hexe.exe.zip (Hoax.BadJoke.Autoit) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\Zylom-Installer_DeliciousEmilysTrueLoveDA_DE.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\Zylom-Installer_DoublePackChocolatierDel_DE.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\Zylom-Installer_DreamlandExtendedEdition_DE.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\fairytreasuredownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\honeyswitchdownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\realmsofgolddownload.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Downloads\weddingdash2download.exe (PUP.Downloader.ZYL) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Desktop\Sonstiges\hexe.exe\hexe.exe (Hoax.BadJoke.Autoit) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Desktop\Sonstiges\Neuer Ordner\hexe.exe.zip (Hoax.BadJoke.Autoit) -> Keine Aktion durchgeführt.
C:\Program Files\Delta\delta\1.8.24.6\deltaApp.dll (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
C:\Program Files\Delta\delta\1.8.24.6\deltaEng.dll (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
C:\Program Files\Jungle Timer\Jungle Timer.exe (Trojan.MSIL) -> Keine Aktion durchgeführt.
C:\Program Files\RealArcade\Installer\bin\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVSCAN-20130823-191203-21540D52\00000017-991FADF4 (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\Delta\sqlite3.dll (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll (PUP.Optional.Tarma.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Program Files\Delta\delta\1.8.24.6\GUninstaller.exe (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Program Files\Delta\delta\1.8.24.6\uninstall.exe (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\OpenCandy\3027829AD419471EA9A7745B586D9A0A\TuneUp_OpenCandy_PC_2.4.4.3_CMPID_319.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\OpenCandy\3027829AD419471EA9A7745B586D9A0A\TuneUp_OpenCandy_PC_2.4.4.3_CMPID_319_p10v0.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\Roaming\OpenCandy\9683DA8E82334F9E87F436F4A64B2A8B\TuneUpUtilities2012_1002017_de-DE.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Program Files\ICQToolbar\toolbaru.dll (Trojan.BHO) -> Keine Aktion durchgeführt.

(Ende)

Danach habe ich Malwarebytes alles entfernen lassen.

So, ich hoffe das waren genügend Infos um mir weiterzuhelfen!

Vielen Dank schonmal im Voraus.

Grüßle,
Lisa

Geändert von lisa2 (24.08.2013 um 02:29 Uhr)

Alt 24.08.2013, 09:35   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 24.08.2013, 12:01   #3
lisa2
 
Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)



Hallo, danke für die schnelle Antwort!

Hier ist die FRST.txt


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-08-2013 01
Ran by Lisa (administrator) on 24-08-2013 11:55:34
Running from C:\Users\Lisa\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
() C:\Program Files\ICQ6Toolbar\ICQ Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(SigmaTel, Inc.) C:\Windows\system32\STacSV.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Safer Networking Ltd.) C:\Program Files\sicherheit\Spybot-Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(SigmaTel, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
() C:\Program Files\XPSMiniViewGadget\XPSMiniViewGadget.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Nokia) C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
(SAMSUNG ELECTRONICS) C:\Program Files\Samsung\EmoDio\SMSTray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LBTWiz.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(1und1 Mail und Media GmbH) C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Safer Networking Limited) C:\Program Files\sicherheit\Spybot-Search & Destroy\TeaTimer.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Akamai Technologies, Inc.) C:\Users\Lisa\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Lisa\AppData\Local\Akamai\netsession_win.exe
(1&1 Mail & Media GmbH) C:\Users\Lisa\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(LOL Replay) C:\Program Files\LOLReplay\LOLRecorder.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\update.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\updrgui.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-12] (SigmaTel, Inc.)
HKLM\...\Run: [Bluetooth HCI Monitor] - C:\Windows\System32\HCIMNTR.DLL [9728 2006-12-08] (Logitech Inc.)
HKLM\...\Run: [ECenter] - C:\Dell\E-Center\EULALauncher.exe [17920 2008-01-18] ( )
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [NokiaMServer] - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [x]
HKLM\...\Run: [NokiaMusic FastStart] - C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2090272 2009-11-06] (Nokia)
HKLM\...\Run: [Corel File Shell Monitor] - C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16200 2007-10-30] ()
HKLM\...\Run: [] -  [x]
HKLM\...\Run: [SMSTray] - C:\Program Files\Samsung\EmoDio\SMSTray.exe [479232 2009-04-16] (SAMSUNG ELECTRONICS)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1425208 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Bluetooth Connection Assistant] - LBTWIZ.EXE -silent [x]
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM\...\Run: [MailCheck IE Broker] - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [1519680 2013-07-01] (1und1 Mail und Media GmbH)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2238704 2013-02-21] (Logitech, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files\sicherheit\Spybot-Search & Destroy\TeaTimer.exe [2097488 2008-01-28] (Safer Networking Limited)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-03-31] (Google Inc.)
HKCU\...\Run: [AutoStartNPSAgent] - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2010-03-28] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Lisa\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [WEB.DE Application {sync-000021}] - C:\Users\Lisa\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [943616 2013-05-13] (1&1 Mail & Media GmbH)
HKCU\...\Run: [Xvid] - C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
MountPoints2: {59f95cf3-d6de-11df-8413-001e4ce612ed} - K:\LaunchU3.exe -a
MountPoints2: {5b300cd4-cb60-11e1-b365-001e4ce612ed} - K:\.\Setup.exe AUTORUN=1
MountPoints2: {5b300ce6-cb60-11e1-b365-001e4ce612ed} - G:\.\Setup.exe AUTORUN=1
MountPoints2: {8e583e21-1072-11e2-abf3-001e101f2571} - L:\.\Setup.exe AUTORUN=1
HKU\Gast\...\Run: [DellSupportCenter] - "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [x]
HKU\Gast\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2010-11-20] (Microsoft Corporation)
HKU\Gast\...\Run: [SpybotSD TeaTimer] - C:\Program Files\sicherheit\Spybot-Search & Destroy\TeaTimer.exe [ 2008-01-28] (Safer Networking Limited)
HKU\Gast\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2008-03-31] (Google Inc.)
HKU\Gast\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [ 2010-11-20] (Microsoft Corporation)
HKU\Gast\...\RunOnce: [DPAPIKeyMig] - C:\Windows\system32\dpapimig.exe [ 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files\LOLReplay\LOLRecorder.exe (LOL Replay)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nokia Ovi Suite.lnk
ShortcutTarget: Nokia Ovi Suite.lnk -> C:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe (Nokia)
Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://google.icq.com/search/search_frame.php
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.icq.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CC81001E8CC7C0AB&affID=119357&tsp=4983
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKCU - {9E1843D2-E4AC-4FE9-9CD9-8739A08D8AE3} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKCU - {D2F01027-6629-4901-8167-584F43480891} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=079B47A8-A671-4864-8A25-97B6978FAB21&apn_sauid=CEE86890-E169-437B-9EB9-C9B50C6DD4FA
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: WEB.DE Konfiguration - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\sicherheit\Spybot-Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} -  No File
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -DVDVideoSoftTB Toolbar - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
Toolbar: HKCU -Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU -WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default
FF user.js: detected! => C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=CC81001E8CC7C0AB&affID=119357&tsp=4983
FF Homepage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CC81001E8CC7C0AB&affID=119357&tsp=4983
FF NetworkProxy: "ftp", "65.126.16.155"
FF NetworkProxy: "ftp_port", 8089
FF NetworkProxy: "http", "65.126.16.155"
FF NetworkProxy: "http_port", 8089
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "65.126.16.155"
FF NetworkProxy: "socks_port", 8089
FF NetworkProxy: "ssl", "65.126.16.155"
FF NetworkProxy: "ssl_port", 8089
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\amazonde.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\preisvergleich.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\GoogleDesktopMozilla.png
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\GoogleDesktopMozilla.src
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\allglassv2@ambroos.neowin.net
FF Extension: Deutsches Wörterbuch - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: LavaFox V2-Blue - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\djziggy@gmail.com
FF Extension: British English Dictionary - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\en-GB@dictionaries.addons.mozilla.org
FF Extension: United States English Spellchecker - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\en-US@dictionaries.addons.mozilla.org
FF Extension: Conduit Engine  - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\engine@conduit.com
FF Extension: external IP - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\externalip@erik.morlin
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\ffxtlbr@babylon.com
FF Extension: Delta Toolbar - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\ffxtlbr@delta.com
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\FirefoxAddon@similarWeb.com
FF Extension: LavaFox V2 - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\info@djzig.com
FF Extension: Scale tabs - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\jid0-wQgRuE1ziTuF2sAupFeSZa9xUGU@jetpack
FF Extension: MouseControl - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\MouseControl@neocodex.us
FF Extension: Cooliris - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\piclens@cooliris.com
FF Extension: samfind Bookmarks Bar - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\sam@samfind.com
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\staged
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\swiffout@grownsoftware.com
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\toolbar@ask.com
FF Extension: LavaFox V2-Purple - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\zigboom555@aol.com
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF Extension: Flagfox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Google Toolbar for Firefox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: FT DeepDark - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
FF Extension: Zynga Community Toolbar - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: iMacros for Firefox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
FF Extension: DVDVideoSoftTB Community Toolbar - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF Extension: Update Notifier - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{95f24680-9e31-11da-a746-0800200c9a66}
FF Extension: WOT - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: ReminderFox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF Extension: DownloadHelper - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: DVDVideoSoft Toolbar - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF Extension: adblockpopups - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: bizdom - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\bizdom@wizbites.com.xpi
FF Extension: canitbecheaper - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi
FF Extension: dendzones - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\dendzones@captaincaveman.nl.xpi
FF Extension: feedly - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\feedly@devhd.xpi
FF Extension: finder - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\finder@meingutscheincode.de.xpi
FF Extension: firebug - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: GodLesZ.XxSoulCatcherxX - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\GodLesZ.XxSoulCatcherxX@ShaiyaChecker.de.xpi
FF Extension: googleimagehelp - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\googleimagehelp@shivam.org.xpi
FF Extension: jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi
FF Extension: personas - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\personas@christopher.beard.xpi
FF Extension: plugin - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\plugin@apture.com.xpi
FF Extension: plugin - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\plugin@yontoo.com.xpi
FF Extension: quickdrag - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\quickdrag@mozilla.ktechcomputing.com.xpi
FF Extension: searchy - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\searchy@searchy.xpi
FF Extension: silvermelxt - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\silvermelxt@pardal.de.xpi
FF Extension: stealthyextension - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: support - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\support@startxxl.com.xpi
FF Extension: tabscope - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\tabscope@xuldev.org.xpi
FF Extension: toolbar - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\toolbar@web.de.xpi
FF Extension: videosurf_enhanced - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\videosurf_enhanced@videosurf.com.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{75df891f-e299-4725-b14f-7d52f086dea2}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{a82d0125-000a-4a57-abbc-5d4b0dbaab54}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{E10A6337-382E-4FE6-96DE-936ADC34DD04}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files\LyriXeeker\128.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CC81001E8CC7C0AB&affID=119357&tsp=4983"
CHR DefaultSearchURL: (Google) - https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs
CHR DefaultSuggestURL: (Google) - https://www.google.com/complete/search?q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Turn Off the Lights) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.21_0
CHR Extension: (Adblock Plus) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0
CHR Extension: (Warrior Girl) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbngkgeakdhomabndkmfcjijooohmpff\1_0
CHR Extension: (Springpad Clipper) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj\1.1212.12.6_0
CHR Extension: (Logitech SetPoint) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0
CHR Extension: (Black Menu for Google\u2122) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke\4.7.1_0
CHR Extension: (Chrome Toolbox (by Google)) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.32_0
CHR Extension: (Checker Plus for Google Calendar\u2122) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhggnncdpfibdhinjiegagmopldibha\13.8.5_0
CHR Extension: (RealDownloader) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Stealthy) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\3.0.1_0
CHR Extension: (WEB.DE MailCheck) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo\1.2_0
CHR Extension: (Panel View for Keep) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\1.8_0
CHR Extension: (Flava Clipper) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnpejdnkidnilbdgonnnnpbahhhlkheo\0.2.3_0
CHR Extension: (Skype Click to Call) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Ghostery) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.2_0
CHR Extension: (Flava\u2122) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbgeoblgfklfhenfldifemcjfchgdhj\0.9_0
CHR Extension: (Springpad Extension) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0
CHR Extension: (Google Wallet Service) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR HKLM\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx
CHR HKLM\...\Chrome\Extension: [epojlgbehpaeekopencdagbdamnkppci] - C:\Program Files\LyriXeeker\128.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Lisa\AppData\Local\Temp\YontooLayers.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

========================== Services (Whitelisted) =================

R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S3 GoogleDesktopManager-061008-081103; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [29744 2008-12-15] (Google)
S2 gupdate1ca87bbb1afce56; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-12-28] (Google Inc.)
R2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [247608 2010-11-21] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S3 npggsvc; C:\Windows\system32\GameMon.des [4264632 2011-05-15] (INCA Internet Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14592288 2013-07-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-07-31] ()
S4 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S4 RoxLiveShare10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [309744 2007-12-14] (Sonic Solutions)
R2 SBSDWSCService; C:\Program Files\sicherheit\Spybot-Search & Destroy\SDWinSec.exe [810320 2008-01-28] (Safer Networking Ltd.)
S3 ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [651776 2009-09-17] (Nokia)
R2 STacSV; C:\Windows\system32\STacSV.exe [94208 2007-09-12] (SigmaTel, Inc.)
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1723744 2012-11-29] (TuneUp Software)
S2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [x]

==================== Drivers (Whitelisted) ====================

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2010-06-16] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-02-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-30] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-05] (Intel Corporation)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] ()
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [60104 2010-07-12] (FTDI Ltd.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [44296 2013-01-03] (Logitech, Inc.)
R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [12808 2013-01-03] (Logitech, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-02-28] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-08-24] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34592 2013-05-14] (NVIDIA Corporation)
S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [50176 2006-03-24] (Protection Technology (StarForce))
S0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-10] (Avira GmbH)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-09-12] (SigmaTel, Inc.)
S3 TKFsAc; C:\Windows\system32\TKFsAc2k.sys [127584 2010-06-03] (INCA Internet Co., Ltd.)
S3 TKFsAv; C:\Windows\system32\TKFsAv2k.sys [55776 2010-04-13] (Copyright (C) INCA Internet. 2000-2010)
S3 TKFsFt; C:\Windows\system32\TKFsFt2k.sys [81888 2010-06-03] (INCA Internet Co., Ltd.)
S3 TKRgAc; C:\Windows\system32\TKRgAc2k.sys [68192 2010-06-03] (INCA Internet Co., Ltd.)
S3 TKRgFt; C:\Windows\system32\TKRgFtXp.sys [30432 2010-06-03] (INCA Internet Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-08-29] (TuneUp Software)
S3 vsdatant; C:\Windows\system32\vsdatant.sys [394192 2007-03-09] (Zone Labs, LLC)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 XDva369; \??\C:\Windows\system32\XDva369.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-24 11:54 - 2013-08-24 11:54 - 01070467 _____ (Farbar) C:\Users\Lisa\Downloads\FRST.exe
2013-08-24 11:52 - 2013-08-24 11:52 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-08-23 21:36 - 2013-08-23 21:36 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Malwarebytes
2013-08-23 21:35 - 2013-08-23 21:35 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-23 21:35 - 2013-08-23 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-23 21:35 - 2013-08-23 21:35 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-23 21:35 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-23 21:34 - 2013-08-23 21:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lisa\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-23 21:27 - 2013-08-23 21:27 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2013-08-23 20:57 - 2013-08-23 20:57 - 00000000 ____D C:\Users\Lisa\AppData\Local\avgchrome
2013-08-23 19:21 - 2013-08-24 02:32 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-23 19:21 - 2013-08-23 19:21 - 46960392 _____ (Trend Micro                                                 ) C:\Users\Lisa\Downloads\tis14de_1479_eval30.exe
2013-08-23 19:21 - 2013-08-23 19:21 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-23 19:21 - 2013-08-23 19:21 - 00000000 ____D C:\ProgramData\Babylon
2013-08-23 19:21 - 2013-08-23 19:21 - 00000000 ____D C:\Program Files\Delta
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013.zip
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013 (1).zip
2013-08-20 13:21 - 2013-08-20 13:21 - 00092776 _____ (Spotify Ltd) C:\Users\Lisa\Downloads\SpotifySetup.exe
2013-08-16 02:51 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 02:51 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 02:51 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 02:51 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 02:51 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 02:51 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 02:51 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 02:51 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 19:47 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 19:47 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 19:47 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-15 19:47 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 19:47 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 19:47 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 19:47 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 19:47 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 19:47 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 19:47 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 19:47 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 19:47 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-07-31 18:27 - 2013-07-31 18:27 - 00281392 _____ C:\Windows\system32\PnkBstrB.xtr
2013-07-31 18:27 - 2013-07-31 18:27 - 00138736 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-07-31 18:27 - 2013-07-31 18:27 - 00000000 ____D C:\Users\Lisa\AppData\Local\PunkBuster
2013-07-30 23:42 - 2013-07-30 23:42 - 00000000 ____D C:\NvidiaLogging
2013-07-30 23:32 - 2013-05-14 21:28 - 00034592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2013-07-30 23:32 - 2013-05-14 21:27 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2013-07-30 13:25 - 2013-07-30 13:25 - 00000676 _____ C:\Users\Lisa\Desktop\Assassin's Creed III - Verknüpfung.lnk
2013-07-30 01:30 - 2013-07-31 18:28 - 00000000 ____D C:\Users\Lisa\Documents\Assassin's Creed III
2013-07-30 01:18 - 2013-07-30 02:01 - 00000000 ____D C:\Users\Lisa\AppData\Local\Ubisoft Game Launcher
2013-07-30 00:54 - 2013-07-31 18:27 - 00281392 _____ C:\Windows\system32\PnkBstrB.exe
2013-07-30 00:54 - 2013-07-31 18:27 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-07-30 00:54 - 2013-07-30 00:54 - 00189248 _____ C:\Windows\system32\PnkBstrB.ex0
2013-07-30 00:54 - 2013-07-30 00:54 - 00001161 _____ C:\Users\Lisa\Desktop\Uplay.lnk
2013-07-30 00:54 - 2013-07-30 00:54 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-07-30 00:54 - 2012-06-19 13:02 - 03123272 _____ C:\Windows\system32\pbsvc.exe
2013-07-29 21:37 - 2013-07-30 00:37 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\GetRightToGo
2013-07-29 21:36 - 2013-07-29 21:36 - 00435172 _____ C:\Users\Lisa\Downloads\Assassins_Creed_III_DownloadManager.zip

==================== One Month Modified Files and Folders =======

2013-08-24 11:55 - 2013-08-24 11:55 - 00000000 ____D C:\FRST
2013-08-24 11:54 - 2013-08-24 11:54 - 01070467 _____ (Farbar) C:\Users\Lisa\Downloads\FRST.exe
2013-08-24 11:52 - 2013-08-24 11:52 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-08-24 11:51 - 2012-10-20 23:17 - 00000000 ___RD C:\Users\Lisa\Dropbox
2013-08-24 11:51 - 2012-10-20 23:13 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Dropbox
2013-08-24 11:51 - 2009-02-14 20:55 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Skype
2013-08-24 11:50 - 2010-01-22 15:42 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-08-24 11:50 - 2009-12-28 14:58 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-24 11:50 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-24 11:50 - 2009-07-14 06:39 - 00474639 _____ C:\Windows\setupact.log
2013-08-24 11:50 - 2008-03-31 22:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-24 02:38 - 2010-03-05 22:20 - 01180027 _____ C:\Windows\WindowsUpdate.log
2013-08-24 02:32 - 2013-08-23 19:21 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-24 02:32 - 2009-11-03 22:02 - 02616954 _____ C:\Windows\PFRO.log
2013-08-24 02:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Cursors
2013-08-24 02:14 - 2013-04-14 18:41 - 00000000 ____D C:\Program Files\Jungle Timer
2013-08-24 02:14 - 2008-04-23 20:06 - 00000000 ____D C:\Program Files\ICQToolbar
2013-08-24 01:40 - 2012-04-11 12:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-24 01:40 - 2009-12-28 14:58 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-24 00:11 - 2011-12-13 17:07 - 00000000 ____D C:\Users\Lisa\AppData\Local\PMB Files
2013-08-24 00:11 - 2011-12-13 17:07 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-23 21:36 - 2013-08-23 21:36 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Malwarebytes
2013-08-23 21:35 - 2013-08-23 21:35 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-23 21:35 - 2013-08-23 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-23 21:35 - 2013-08-23 21:35 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-23 21:35 - 2013-08-23 21:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lisa\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-23 21:27 - 2013-08-23 21:27 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2013-08-23 20:57 - 2013-08-23 20:57 - 00000000 ____D C:\Users\Lisa\AppData\Local\avgchrome
2013-08-23 19:21 - 2013-08-23 19:21 - 46960392 _____ (Trend Micro                                                 ) C:\Users\Lisa\Downloads\tis14de_1479_eval30.exe
2013-08-23 19:21 - 2013-08-23 19:21 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-23 19:21 - 2013-08-23 19:21 - 00000000 ____D C:\ProgramData\Babylon
2013-08-23 19:21 - 2013-08-23 19:21 - 00000000 ____D C:\Program Files\Delta
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013.zip
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013 (1).zip
2013-08-23 11:31 - 2009-11-03 21:46 - 00009504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-23 11:31 - 2009-11-03 21:46 - 00009504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-22 21:40 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-08-22 01:52 - 2010-06-28 15:44 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\HpUpdate
2013-08-21 15:40 - 2012-04-11 12:00 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-21 15:40 - 2011-05-26 15:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-21 14:22 - 2012-05-20 21:13 - 00000000 ____D C:\Users\Lisa\AppData\Local\Origin
2013-08-21 14:22 - 2012-05-20 21:07 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Origin
2013-08-21 14:21 - 2012-05-20 21:07 - 00000000 ____D C:\Program Files\Origin
2013-08-21 13:46 - 2010-09-12 18:48 - 00000000 ____D C:\Users\Lisa\Desktop\Sonstiges
2013-08-20 13:21 - 2013-08-20 13:21 - 00092776 _____ (Spotify Ltd) C:\Users\Lisa\Downloads\SpotifySetup.exe
2013-08-16 16:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-08-16 15:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-16 12:20 - 2010-12-13 21:46 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\TS3Client
2013-08-16 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-16 02:59 - 2013-07-15 09:43 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 02:55 - 2010-03-13 21:00 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-16 02:53 - 2010-03-05 22:30 - 01657590 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-31 18:28 - 2013-07-30 01:30 - 00000000 ____D C:\Users\Lisa\Documents\Assassin's Creed III
2013-07-31 18:27 - 2013-07-31 18:27 - 00281392 _____ C:\Windows\system32\PnkBstrB.xtr
2013-07-31 18:27 - 2013-07-31 18:27 - 00138736 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-07-31 18:27 - 2013-07-31 18:27 - 00000000 ____D C:\Users\Lisa\AppData\Local\PunkBuster
2013-07-31 18:27 - 2013-07-30 00:54 - 00281392 _____ C:\Windows\system32\PnkBstrB.exe
2013-07-31 18:27 - 2013-07-30 00:54 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-07-30 23:42 - 2013-07-30 23:42 - 00000000 ____D C:\NvidiaLogging
2013-07-30 23:38 - 2010-05-09 20:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-30 13:25 - 2013-07-30 13:25 - 00000676 _____ C:\Users\Lisa\Desktop\Assassin's Creed III - Verknüpfung.lnk
2013-07-30 02:01 - 2013-07-30 01:18 - 00000000 ____D C:\Users\Lisa\AppData\Local\Ubisoft Game Launcher
2013-07-30 00:54 - 2013-07-30 00:54 - 00189248 _____ C:\Windows\system32\PnkBstrB.ex0
2013-07-30 00:54 - 2013-07-30 00:54 - 00001161 _____ C:\Users\Lisa\Desktop\Uplay.lnk
2013-07-30 00:54 - 2013-07-30 00:54 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-07-30 00:54 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-07-30 00:54 - 2008-04-04 21:55 - 00000000 ____D C:\Program Files\Ubisoft
2013-07-30 00:54 - 2008-03-31 21:47 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-30 00:37 - 2013-07-29 21:37 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\GetRightToGo
2013-07-29 21:36 - 2013-07-29 21:36 - 00435172 _____ C:\Users\Lisa\Downloads\Assassins_Creed_III_DownloadManager.zip
2013-07-27 16:44 - 2008-03-31 21:53 - 00000000 ____D C:\Program Files\Google
2013-07-26 05:13 - 2013-08-16 02:51 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 05:13 - 2013-08-16 02:51 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 05:13 - 2013-08-16 02:51 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 05:12 - 2013-08-16 02:51 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 05:11 - 2013-08-16 02:51 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 05:11 - 2013-08-16 02:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 04:49 - 2013-08-16 02:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 03:59 - 2013-08-16 02:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-25 10:57 - 2013-08-15 19:47 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-22 19:21

==================== End Of Log ============================
         
--- --- ---

--- --- ---


und hier die Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-08-2013 01
Ran by Lisa at 2013-08-24 11:57:36
Running from C:\Users\Lisa\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

32 Bit HP CIO Components Installer (Version: 7.1.8)
Abenteuer auf dem Reiterhof 6 (Version: 1.00)
Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Adobe Shockwave Player 11 (Version: 11)
AION Free-To-Play (Version: 2.70.0000)
Akamai NetSession Interface Service
Allods Online 2.0.02.67 (Version: 2.0.02.67)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.25.0)
Ask Toolbar Updater (HKCU Version: 1.2.6.36191)
Assassin's Creed(R) III v1.06 (Version: 1.06)
Avira Free Antivirus (Version: 13.0.0.3885)
Benutzerhandbuch
Bing Bar (Version: 7.0.619.0)
Bing-Desktop (Version: 1.3.171.0)
Bonjour (Version: 3.0.0.10)
Browser Address Error Redirector (Version: 1.00.0000)
BufferChm (Version: 130.0.331.000)
C4700 (Version: 130.0.373.000)
Camtasia Studio 7 (Version: 7.0.1)
Corel Paint Shop Pro Photo X2 (Version: 12.010.0000)
Cube World version 0.0.1 (Version: 0.0.1)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.372.000)
DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte) (Version: 1.00.0000)
DIE SIEDLER - Das Erbe der Könige (Alle Produkte) (Version: 1.00.0000)
Die Sims™ 3 (Version: 1.55.4)
Die Sims™ 3 Einfach tierisch (Version: 10.0.96)
Die Sims™ 3 Jahreszeiten (Version: 16.0.136)
Die Sims™ 3 Late Night (Version: 6.5.1)
Die Sims™ 3 Luxus-Accessoires (Version: 3.0.38)
Die Sims™ 3 Reiseabenteuer (Version: 2.0.86)
Die Sims™ 3 Traumsuite-Accessoires (Version: 11.0.84)
Die Sims™ Inselgeschichten
DirectXInstallService (Version: 9.0.2)
DivX-Setup (Version: 2.6.1.8)
Dragon Age II (Version: 1.00)
Dream Chronicles
Dream Chronicles 3 Deluxe (HKCU Version: 1.0.0)
Dropbox (HKCU Version: 2.0.22)
DVDVideoSoft Toolbar (Version: )
EA Shared Game Component: Activation (Version: 2.2.0)
EA Shared Game Component: Activation (Version: 2.2.0.62)
EasyBits GO
Edna Bricht Aus - Sammler Edition (Version: 1.0)
EmoDio (Version: 1.0)
eReg (Version: 1.20.138.34)
Fiesta Online 1.01.004 (Version: 1.01.004)
Firefox 3.6 WEB.DE Edition (Version: 1.6)
Fraps
GamesBar 1.1.0.5 (Version: )
Gemini Lost Deluxe (HKCU Version: 1.0.0)
GIMP 2.8.4 (Version: 2.8.4)
Google Chrome (Version: 29.0.1547.57)
Google Desktop (Version: 5.7.0806.10245)
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4413.1752)
Google Update Helper (Version: 1.3.21.153)
GPBaseService2 (Version: 130.0.371.000)
Guild Wars 2
Hamster Lite Archiver 2.0.1.2 (Version: 2.0.1.2)
Harveys Neue Augen Demo (Version: 1.0)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Print Projects 1.0 (Version: 1.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.005.000.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 130.0.282.000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
IBM ViaVoice Command and Control Runtime 5.3 - Deutsch
iCloud (Version: 2.0.2.187)
ICQ Toolbar (Version: 3.0.0)
Install(GE) (Version: 1.0)
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections 12.1.12.4 (Version: )
Internet Banking Payment Assistant 2.1 (Version: 2.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0)
Jungle Timer (Version: 1.0.0)
Junk Mail filter update (Version: 15.4.3502.0922)
LastChaosGER (Version: 1.00.000)
League of Legends (Version: 1.02.0000)
Logitech SetPoint 6.52 (Version: 6.52.74)
LOLReplay (Version: 0.8.2.1)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 130.0.374.000)
McAfee Security Scan Plus (Version: 3.0.318.3)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft WorldWide Telescope (Version: 2.8.12)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 20.0.1 (x86 de) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NC Launcher (GameForge)
Network (Version: 130.0.374.000)
Nokia Connectivity Cable Driver (Version: 7.1.20.0)
Nokia Ovi Application Installer (Version: 6.85.3010)
Nokia Ovi Application Installer 6.85.3010
Nokia Ovi Content Copier (Version: 6.85.3010)
Nokia Ovi Content Copier 6.85.3010
Nokia Ovi One Touch Access (Version: 6.85.3010)
Nokia Ovi One Touch Access 6.85.3010
Nokia Ovi Player (Version: 2.0.1106)
Nokia Ovi Suite (Version: 3.1.152)
Nokia Ovi System Utilities (Version: 6.85.3010)
Nokia Ovi System Utilities 6.85.3010
Nokia Software Updater (Version: 01.04.035.32590)
Nokia_Multimedia_Common_Components_2_5 (Version: 2.5.197)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.6 (Version: 1.6)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.131.854)
NVIDIA PhysX (Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 7.2.17 (Version: 7.2.17)
NVIDIA Update Components (Version: 7.2.17)
NVIDIA Virtual Audio 1.2.1 (Version: 1.2.1)
Origin (Version: 8.6.0.357)
Pando Media Booster (Version: 2.6.0.1)
PC Connectivity Solution (Version: 9.39.0.0)
Pflanzen gegen Zombies™ (Version: 1.2.0.1093)
PS_AIO_06_C4700_SW_Min (Version: 130.0.373.000)
PunkBuster Services (Version: 0.991)
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.74.80.86)
RealDownloader (Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.2)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Activation Module (Version: 1.0)
Roxio CinePlayer Decoder Pack (Version: 4.3.0)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator Premier (Version: 10.1)
Roxio Creator Premier (Version: 3.7.0)
Roxio Creator Premier 10 (Version: 1.1.010)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler (Version: 3.2)
Roxio Update Manager (Version: 6.0.0)
Royal Envoy Deluxe (HKCU Version: 1.0.0)
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio (Version: 1.00.0000)
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver (Version: 6.83.6.2.1)
Scan (Version: 140.0.80.000)
Schildis Datenbank
Screen Antics 2.1 (Version: 2.1)
SHIELD Streaming (Version: 1.05.19)
Shop for HP Supplies (Version: 13.0)
SimCity™ (Version: 1.0.0.0)
simfy (Version: 1.4.1)
Simple Sudoku 4.2
Skype Click to Call (Version: 5.9.9216)
Skype™ 6.6 (Version: 6.6.106)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
SPORE™ (Version: 1.03.0000)
Spybot - Search & Destroy (Version: 1.5.2)
SpywareBlaster v3.5.1 (Version: 3.5.1)
Status (Version: 130.0.373.000)
System Requirements Lab
TeamSpeak 3 Client (HKCU Version: 3.0.10.1)
TeamViewer 6 (Version: 6.0.10722)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
TuneUp Utilities 2013 (Version: 13.0.3000.135)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3000.135)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Uplay (Version: 2.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 1.1.11 (Version: 1.1.11)
WEB.DE Internet Explorer Addon (Version: 1.0.1.0)
WEB.DE MailCheck für Internet Explorer (Version: 2.3.0.2)
WEB.DE Online-Speicher 1.3.1234.0 (HKCU Version: 1.3.1234.0)
WEB.DE Softwareaktualisierung (Version: 3.0.0.54)
WEB.DE Toolbar für Mozilla Firefox (Version: 1.6.4.0)
WebReg (Version: 130.0.132.017)
WIDCOMM Bluetooth Software 6.0.1.4300 (Version: 6.0.1.4300)
Wildlife Park 2 (Version: 1.01)
Wildlife Park 2 Patch 2.00 (Version: 2.00)
Windows 7 Upgrade Advisor (Version: 2.0.3001.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
WinRAR
Winter Wonderland 3D Screensaver and Animated Wallpaper 1.1 (Version: 1.1)
Xfire (remove only)
XPS MiniView Gadget (Version: 1.00.0000)
Xvid Video Codec (Version: 1.3.2)
Yahtzee Texas Hold'em (HKCU Version: 1.0.0)
YoWindow
Zanzarah - Das verborgene Portal
 

==================== Restore Points  =========================

16-08-2013 00:50:49 Windows Update
20-08-2013 11:11:30 Windows Update
23-08-2013 17:21:43 Windows Defender Checkpoint

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00D53A1F-E869-496D-806B-FFAE604E26CA} - System32\Tasks\User_Feed_Synchronization-{FBE1843D-1DFC-4B81-A76B-A0F7EE5F3E8E} => C:\Windows\system32\msfeedssync.exe [2013-04-02] (Microsoft Corporation)
Task: {040735DB-9B03-433B-9CEE-7EF82CAA2A6A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated)
Task: {0F077C86-7C66-4D9F-B871-04EA76B74513} - System32\Tasks\EPUpdater => C:\Users\Lisa\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {17B66022-92A3-4916-9838-F0F3ADC1607F} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {1A5BD9DD-81D5-4338-AD49-AA4E4B708EA4} - System32\Tasks\{08716E39-152C-483A-88CF-BA80C17471EA} => C:\Program Files\THQ\Zanzarah\System\Zanzarah.exe [2002-05-16] (Funatics)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2E8FEC08-64C1-4CF0-87C0-D4AF30D7E073} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard)
Task: {2F4183D1-B2DE-4EEA-A694-E890F0EB4E37} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-28] (Google Inc.)
Task: {30AAAA92-3E0F-47D7-ABDE-158D33754299} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3783709258-2247286899-232976329-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {32B6332A-DF48-458B-AC1D-DBAA024CF80B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {44C883C5-0368-4722-9D43-2C523A50AB12} - System32\Tasks\{7FF54D66-D207-42CF-9454-3170569B3645} => C:\Users\Lisa\Downloads\Allods_DE(3).exe [2011-09-24] ()
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs No File
Task: {5B1F0D3A-10CF-4A92-9702-681E5C3DE144} - System32\Tasks\1und1 Konfiguration => C:\ProgramData\1und1InternetExplorerAddon\ConfigTask.exe [2011-04-19] (1und1 Mail und Media GmbH)
Task: {63A9B911-9D82-4E2F-8DDC-CF2D26D53C76} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3783709258-2247286899-232976329-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {6E1047AD-D77C-4C61-834A-445C9CD7CD92} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {7A7FE4EC-9BD5-4F78-954B-DB137898AA5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-28] (Google Inc.)
Task: {8039E1FE-1F67-475B-A6CE-BB0D57F21CD3} - System32\Tasks\{E2467AF3-A774-4230-B646-F52D0092DD15} => C:\Users\Lisa\Downloads\Allods_DE(3).exe [2011-09-24] ()
Task: {8A8181C8-697C-436E-9B7E-DD9D3E6CF897} - System32\Tasks\{661AFB41-4CCD-48A1-92F8-1550ED47A05F} => C:\Program Files\Deep Silver\Wildlife Park 2\WLP2.exe [2008-01-21] ()
Task: {924C9968-6812-4225-B3F3-C73FE57D4671} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Lisa => C:\Program Files\Windows Calendar\WinCal.exe No File
Task: {96F4DBA0-EC80-4A0D-9099-3538D880EFFB} - System32\Tasks\{09B0991D-322F-433F-B0B8-2C342125A496} => C:\Program Files\Deep Silver\Wildlife Park 2\WLP2.exe [2008-01-21] ()
Task: {9A9E1239-30BB-47AB-BF4C-719554B68054} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2012-11-29] (TuneUp Software)
Task: {9E0878D3-9BBC-4FC7-84F3-A2E843379DBD} - System32\Tasks\{D62A07E2-5F0F-4D97-B619-5AACF9B14DF1} => C:\Program Files\Deep Silver\Wildlife Park 2\WLP2.exe [2008-01-21] ()
Task: {A68C3E09-DE27-4707-8871-FAE67C2F06D9} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2010-11-20] (Microsoft Corporation)
Task: {A86A1BD2-37B1-4ADC-AC14-5E130DB7A9FC} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {B5BDC6A0-5D6B-48F7-93ED-D9BD97499A83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BBB769B8-E618-4F53-8033-AF49093D33A5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3783709258-2247286899-232976329-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {BE7CD5BB-FA32-446D-98A6-C1AA7EDDDA06} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {C5CAC2F0-7F77-45F5-A8F5-650C907BE312} - System32\Tasks\{327A709A-1BD9-4020-9B23-C9FD0F631EAE} => C:\Users\Lisa\Downloads\Allods_DE(3).exe [2011-09-24] ()
Task: {C612669C-AC38-4009-B68F-8510ED024849} - System32\Tasks\Registration 1und1 Task => C:\Program Files\1und1Softwareaktualisierung\cdsupdclient.exe [2013-05-28] (1&1 Mail & Media GmbH)
Task: {CC7C703B-30A1-477D-86B7-236B65D8B47D} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2013-04-25] ()
Task: {D0EC17F3-5610-4314-ADEE-906D4037C5E2} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {D166C843-2F89-4652-B29A-933A61A2F816} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {D23407DC-4390-4D3A-8D39-19F0658A2386} - System32\Tasks\{33A8BF30-1FBE-406C-A2DF-9715E7409AE0} => C:\Program Files\Deep Silver\Wildlife Park 2\WLP2.exe [2008-01-21] ()
Task: {DD95B082-EE71-4E99-BA34-F0953AF04A62} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files\real\realplayer\Update\realsched.exe [2013-07-02] (RealNetworks, Inc.)
Task: {E1E29C29-CC2C-4738-B672-31B93BA47454} - System32\Tasks\{B5BDB734-2AE7-44F6-80E7-57EDF96B59BE} => C:\Program Files\Deep Silver\Wildlife Park 2\WLP2.exe [2008-01-21] ()
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs No File
Task: {E860978E-CE4E-48FD-A3EE-A0B63606270F} - System32\Tasks\{12DDE9C0-B9EC-4AB4-9728-0AD39BA75396} => C:\Program Files\THQ\Zanzarah\System\Zanzarah.exe [2002-05-16] (Funatics)
Task: {F472BDB2-E8A9-448C-A1AB-8B12ED3F703C} - System32\Tasks\{6CB519D6-08E3-49CD-B767-45FA4E7E51D9} => c:\program files\mozilla firefox\firefox.exe [2013-04-12] (Mozilla Corporation)
Task: {F67813C0-FB3A-4B64-9DAA-95730CC1B4A3} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2009-07-14] (Microsoft Corp.)
Task: {FBCF97AE-CDEA-40D5-924F-1029F7723135} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3783709258-2247286899-232976329-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {FD62A248-CE46-4C00-AEFC-EA183B92D100} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet J6400 series
Description: Officejet J6400 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/24/2013 11:52:31 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe, Version: 13.0.3000.135, Zeitstempel: 0x50b77c6c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96c5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052e37
ID des fehlerhaften Prozesses: 0xc54
Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService32.exe0
Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe1
Pfad des fehlerhaften Moduls: TuneUpUtilitiesService32.exe2
Berichtskennung: TuneUpUtilitiesService32.exe3

Error: (08/24/2013 11:50:12 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (08/24/2013 11:50:12 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (08/24/2013 02:32:47 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (08/24/2013 02:32:45 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (08/23/2013 09:21:33 PM) (Source: Application Hang) (User: )
Description: Programm TeaTimer.exe, Version 1.5.2.16 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 140c

Startzeit: 01ce9fe292d43113

Endzeit: 871

Anwendungspfad: C:\Program Files\sicherheit\Spybot-Search & Destroy\TeaTimer.exe

Berichts-ID: 2c1ce3a1-0c29-11e3-b242-001ec9295c28

Error: (08/23/2013 08:33:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17597

Error: (08/23/2013 08:33:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17597

Error: (08/23/2013 08:33:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/23/2013 08:33:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16599


System errors:
=============
Error: (08/24/2013 11:57:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/24/2013 11:56:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/24/2013 11:55:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/24/2013 11:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/24/2013 11:53:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/24/2013 11:52:45 AM) (Source: Service Control Manager) (User: )
Description: Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/24/2013 11:52:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/24/2013 11:51:02 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/24/2013 11:50:22 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sfdrv01
sfsync04
sfvfs02

Error: (08/24/2013 11:50:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (08/24/2013 11:52:31 AM) (Source: Application Error)(User: )
Description: TuneUpUtilitiesService32.exe13.0.3000.13550b77c6cntdll.dll6.1.7601.1820551db96c5c000000500052e37c5401cea0af555f5aabC:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exeC:\Windows\SYSTEM32\ntdll.dlle4262aaa-0ca2-11e3-8da2-001ec9295c28

Error: (08/24/2013 11:50:12 AM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (08/24/2013 11:50:12 AM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (08/24/2013 02:32:47 AM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (08/24/2013 02:32:45 AM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (08/23/2013 09:21:33 PM) (Source: Application Hang)(User: )
Description: TeaTimer.exe1.5.2.16140c01ce9fe292d43113871C:\Program Files\sicherheit\Spybot-Search & Destroy\TeaTimer.exe2c1ce3a1-0c29-11e3-b242-001ec9295c28

Error: (08/23/2013 08:33:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17597

Error: (08/23/2013 08:33:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17597

Error: (08/23/2013 08:33:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/23/2013 08:33:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16599


CodeIntegrity Errors:
===================================
  Date: 2013-08-24 02:05:39.924
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_6d564c64c358b59e\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-24 02:05:39.772
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_6d564c64c358b59e\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-24 02:05:39.615
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_6d564c64c358b59e\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-24 02:05:34.501
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-24 02:05:34.334
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-24 02:05:34.163
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-24 02:04:59.053
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-24 02:04:58.896
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-24 02:04:58.753
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-24 02:04:21.677
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\Backup\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb_bcrypt.dll_e2f091ac" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 70%
Total physical RAM: 3325.93 MB
Available physical RAM: 973.01 MB
Total Pagefile: 6650.14 MB
Available Pagefile: 3680.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.57 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:581.12 GB) (Free:144.56 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 98000000)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=581 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 24.08.2013, 13:45   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.08.2013, 15:29   #5
lisa2
 
Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)



Hier das Logfile:

Code:
ATTFilter
ComboFix 13-08-22.01 - Lisa 24.08.2013  15:07:05.2.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3326.501 [GMT 2:00]
ausgeführt von:: c:\users\Lisa\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lisa\4.0
c:\users\Lisa\AppData\Local\.#
c:\users\Lisa\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\Lisa\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
c:\users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender\Uninstall BrowserDefender.lnk
c:\users\Public\sdelevURL.tmp
c:\windows\IsUn0407.exe
c:\windows\system32\frapsvid.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BrowserDefendert
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-07-24 bis 2013-08-24  ))))))))))))))))))))))))))))))
.
.
2013-08-24 09:55 . 2013-08-24 09:55	--------	d-----w-	C:\FRST
2013-08-24 09:52 . 2013-08-24 09:52	40776	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2013-08-23 19:36 . 2013-08-23 19:36	--------	d-----w-	c:\users\Lisa\AppData\Roaming\Malwarebytes
2013-08-23 19:35 . 2013-08-23 19:35	--------	d-----w-	c:\programdata\Malwarebytes
2013-08-23 18:57 . 2013-08-23 18:57	--------	d-----w-	c:\users\Lisa\AppData\Local\avgchrome
2013-08-23 17:21 . 2013-08-24 00:32	--------	d-----w-	c:\programdata\BrowserDefender
2013-08-23 17:21 . 2013-08-23 17:21	--------	d-----w-	c:\program files\Delta
2013-08-23 17:21 . 2013-08-23 17:21	--------	d-----w-	c:\programdata\Babylon
2013-08-15 17:47 . 2013-07-09 05:03	3968960	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-08-15 17:47 . 2013-07-09 05:03	3913664	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-08-15 17:47 . 2013-07-09 04:53	1289096	----a-w-	c:\windows\system32\ntdll.dll
2013-08-15 17:47 . 2013-07-09 04:50	652800	----a-w-	c:\windows\system32\rpcrt4.dll
2013-08-15 17:47 . 2013-07-09 04:52	175104	----a-w-	c:\windows\system32\wintrust.dll
2013-08-15 17:47 . 2013-07-09 04:46	140288	----a-w-	c:\windows\system32\cryptsvc.dll
2013-08-15 17:47 . 2013-07-09 04:46	1166848	----a-w-	c:\windows\system32\crypt32.dll
2013-08-15 17:47 . 2013-07-09 04:46	103936	----a-w-	c:\windows\system32\cryptnet.dll
2013-08-15 17:47 . 2013-07-06 05:05	1293760	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-08-15 17:47 . 2013-07-25 08:57	1620992	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-08-15 17:47 . 2013-07-19 01:41	2048	----a-w-	c:\windows\system32\tzres.dll
2013-08-15 17:47 . 2013-06-15 03:38	31232	----a-w-	c:\windows\system32\drivers\tssecsrv.sys
2013-07-31 16:27 . 2013-07-31 16:27	138736	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2013-07-31 16:27 . 2013-07-31 16:27	281392	----a-w-	c:\windows\system32\PnkBstrB.xtr
2013-07-31 16:27 . 2013-07-31 16:27	--------	d-----w-	c:\users\Lisa\AppData\Local\PunkBuster
2013-07-30 21:42 . 2013-07-30 21:42	--------	d-----w-	C:\NvidiaLogging
2013-07-30 21:32 . 2013-05-14 19:28	34592	----a-w-	c:\windows\system32\drivers\nvvad32v.sys
2013-07-30 21:32 . 2013-05-14 19:27	28448	----a-w-	c:\windows\system32\nvaudcap32v.dll
2013-07-29 23:18 . 2013-07-30 00:01	--------	d-----w-	c:\users\Lisa\AppData\Local\Ubisoft Game Launcher
2013-07-29 22:54 . 2013-07-31 16:27	281392	----a-w-	c:\windows\system32\PnkBstrB.exe
2013-07-29 22:54 . 2013-07-29 22:54	189248	----a-w-	c:\windows\system32\PnkBstrB.ex0
2013-07-29 22:54 . 2013-07-31 16:27	76888	----a-w-	c:\windows\system32\PnkBstrA.exe
2013-07-29 22:54 . 2012-06-19 11:02	3123272	----a-w-	c:\windows\system32\pbsvc.exe
2013-07-29 19:37 . 2013-07-29 22:37	--------	d-----w-	c:\users\Lisa\AppData\Roaming\GetRightToGo
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-24 12:25 . 2013-08-23 11:23	60872	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{40728888-928B-4C5F-A765-C380E9B79554}\offreg.dll
2013-08-21 13:40 . 2012-04-11 10:00	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-08-21 13:40 . 2011-05-26 13:26	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-06 07:28 . 2013-08-23 09:28	7166848	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{40728888-928B-4C5F-A765-C380E9B79554}\mpengine.dll
2013-07-14 22:43 . 2013-02-01 10:41	16400	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2013-07-02 18:34 . 2013-07-02 18:34	348160	----a-w-	c:\windows\system32\msvcr71.dll
2013-07-01 14:46 . 2013-07-01 14:46	94632	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-07-01 14:46 . 2012-12-24 15:47	867240	----a-w-	c:\windows\system32\npdeployJava1.dll
2013-07-01 14:46 . 2010-07-14 16:29	789416	----a-w-	c:\windows\system32\deployJava1.dll
2013-06-27 14:28 . 2013-05-08 20:31	67168	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-06-21 12:02 . 2013-07-01 18:16	9069344	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:02 . 2013-07-01 18:16	893728	----a-w-	c:\windows\system32\nvdispgenco3232049.dll
2013-06-21 12:02 . 2013-07-01 18:16	7687592	----a-w-	c:\windows\system32\nvcuda.dll
2013-06-21 12:02 . 2013-07-01 18:16	6324360	----a-w-	c:\windows\system32\nvopencl.dll
2013-06-21 12:02 . 2013-07-01 18:16	467232	----a-w-	c:\windows\system32\NvIFR.dll
2013-06-21 12:02 . 2013-07-01 18:16	465184	----a-w-	c:\windows\system32\NvFBC.dll
2013-06-21 12:02 . 2013-07-01 18:16	2777888	----a-w-	c:\windows\system32\nvcuvid.dll
2013-06-21 12:02 . 2013-07-01 18:16	214448	----a-w-	c:\windows\system32\nvinit.dll
2013-06-21 12:02 . 2013-07-01 18:16	21102368	----a-w-	c:\windows\system32\nvoglv32.dll
2013-06-21 12:02 . 2013-07-01 18:16	2002720	----a-w-	c:\windows\system32\nvcuvenc.dll
2013-06-21 12:02 . 2013-07-01 18:16	181488	----a-w-	c:\windows\system32\nvoglshim32.dll
2013-06-21 12:02 . 2013-07-01 18:16	1024288	----a-w-	c:\windows\system32\nvdispco3232049.dll
2013-06-21 12:02 . 2013-07-01 18:16	17560352	----a-w-	c:\windows\system32\nvcompiler.dll
2013-06-21 12:02 . 2012-10-10 20:15	925648	----a-w-	c:\windows\system32\nvumdshim.dll
2013-06-21 12:02 . 2012-10-10 20:14	13411896	----a-w-	c:\windows\system32\nvwgf2um.dll
2013-06-21 12:02 . 2012-10-10 20:14	2597856	----a-w-	c:\windows\system32\nvapi.dll
2013-06-21 12:02 . 2012-10-10 20:14	12427240	----a-w-	c:\windows\system32\nvd3dum.dll
2013-06-21 09:52 . 2011-02-22 23:40	4192544	----a-w-	c:\windows\system32\nvcpl.dll
2013-06-21 09:52 . 2011-02-22 23:39	3045664	----a-w-	c:\windows\system32\nvsvc.dll
2013-06-21 09:52 . 2011-02-22 23:38	640288	----a-w-	c:\windows\system32\nvvsvc.exe
2013-06-21 09:52 . 2011-01-07 20:06	2555168	----a-w-	c:\windows\system32\nvsvcr.dll
2013-06-21 09:52 . 2009-07-14 12:29	62752	----a-w-	c:\windows\system32\nvshext.dll
2013-06-21 09:52 . 2011-02-22 23:38	223008	----a-w-	c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16	566048	----a-w-	c:\windows\system32\nvStreaming.exe
2013-06-05 03:05 . 2013-07-11 22:17	2347520	----a-w-	c:\windows\system32\win32k.sys
2013-06-04 04:53 . 2013-07-11 22:17	509440	----a-w-	c:\windows\system32\qedit.dll
2013-04-12 18:13 . 2013-04-12 18:13	263064	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
2008-12-15 16:18 . 2013-04-12 18:13	122880	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2013-04-25 1520776]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVD0.dll" [2011-11-16 2735200]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{17166733-40EA-4432-A85C-AE672FF0E236}]
2011-05-11 15:38	154216	----a-w-	c:\programdata\1und1InternetExplorerAddon\BHOXML.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2011-11-16 19:04	2735200	----a-w-	c:\program files\DVDVideoSoft\tbDVD0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVD0.dll" [2011-11-16 2735200]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\program files\DVDVideoSoft\tbDVD0.dll" [2011-11-16 2735200]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-31 68856]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-03-28 102400]
"Akamai NetSession Interface"="c:\users\Lisa\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"WEB.DE Application {sync-000021}"="c:\users\Lisa\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe" [2013-05-13 943616]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-12 405504]
"Bluetooth HCI Monitor"="HCIMNTR.DLL" [2006-12-07 9728]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2009-11-06 2090272]
"Corel File Shell Monitor"="c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2007-10-30 16200]
"SMSTray"="c:\program files\Samsung\EmoDio\SMSTray.exe" [2009-04-16 479232]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1425208]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-06-27 345144]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2013-04-25 1648264]
"BingDesktop"="c:\program files\Microsoft\BingDesktop\BingDesktop.exe" [2013-06-20 2249352]
"MailCheck IE Broker"="c:\program files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe" [2013-07-01 1519680]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2238704]
.
c:\users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-1-8 228448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-13 715568]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
LOLRecorder.lnk - c:\program files\LOLReplay\LOLRecorder.exe -minimize [2013-5-27 526336]
Nokia Ovi Suite.lnk - c:\program files\Nokia\Ovi\Suite\RunLauncher.exe /startup [2008-11-11 946176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2013-02-08 18:30	66800	----a-w-	c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2008-12-15 16:18	29744	----a-w-	c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2007-12-14 13:25	244208	----a-w-	c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2009-07-14 01:14	660480	----a-w-	c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" -osboot
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"AppleSyncNotifier"=c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe"
"BingDesktop"=c:\program files\Microsoft\BingDesktop\BingDesktop.exe /fromkey
"HFALoader"=c:\program files\Hamster Soft\Hamster Lite Archiver\HamsterArc.exe -loader
.
R2 gupdate1ca87bbb1afce56;Google Update Service (gupdate1ca87bbb1afce56);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 133104]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 40320]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-15 29744]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-08-24 40776]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-05-15 4264632]
R3 pmxmouse;pmxmouse;c:\windows\system32\DRIVERS\pmxmouse.sys [2007-06-01 18432]
R3 pmxusblf;pmxusblf;c:\windows\system32\DRIVERS\pmxusblf.sys [2007-05-24 19008]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
R3 TKFsAc;TKFsAc;c:\windows\system32\TKFsAc2k.sys [2010-06-03 127584]
R3 TKFsAv;TKFsAv;c:\windows\system32\TKFsAv2k.sys [2010-04-13 55776]
R3 TKFsFt;TKFsFt;c:\windows\system32\TKFsFt2k.sys [2010-06-03 81888]
R3 TKRgAc;TKRgAc;c:\windows\system32\TKRgAc2k.sys [2010-06-03 68192]
R3 TKRgFt;TKRgFt;c:\windows\system32\TKRgFtXp.sys [2010-06-03 30432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 XDva369;XDva369;c:\windows\system32\XDva369.sys [x]
R4 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
R4 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R4 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2007-12-14 309744]
R4 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2007-12-14 1112560]
R4 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2007-12-14 166384]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-03-30 37352]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2013-06-27 84024]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-06-20 173192]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-07-27 14592288]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-04-16 39056]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\sicherheit\Spybot-Search & Destroy\SDWinSec.exe [2008-01-28 810320]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2012-11-29 1723744]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2013-01-03 44296]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2013-01-03 12808]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-05-14 34592]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-08-29 10088]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
HPService	REG_MULTI_SZ   	HPSLPSVC
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-22 12:41	1177552	----a-w-	c:\program files\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 13:40]
.
2013-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 12:45]
.
2013-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 12:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://go.web.de/suchbox/webdesuche?su=%s
IE: An OneNote s&enden - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - c:\program files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll
FF - ProfilePath - c:\users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\
FF - prefs.js: browser.startup.homepage - hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CC81001E8CC7C0AB&affID=119357&tsp=4983
FF - prefs.js: network.proxy.ftp - 65.126.16.155
FF - prefs.js: network.proxy.ftp_port - 8089
FF - prefs.js: network.proxy.http - 65.126.16.155
FF - prefs.js: network.proxy.http_port - 8089
FF - prefs.js: network.proxy.socks - 65.126.16.155
FF - prefs.js: network.proxy.socks_port - 8089
FF - prefs.js: network.proxy.ssl - 65.126.16.155
FF - prefs.js: network.proxy.ssl_port - 8089
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2049-12-31 15:00; {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}; c:\users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF - ExtSQL: !HIDDEN! 2010-03-05 20:52; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - ExtSQL: !HIDDEN! 2010-03-05 20:54; {800b5000-a755-47e1-992b-48a1c1357f07}; c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - ExtSQL: !HIDDEN! 2010-03-05 20:57; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extentions.y2layers.installId - 32726400-c4f4-438c-9b73-d0758c53f26d
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - cc8142a1000000000000001e8cc7c0ab
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15940
FF - user.js: extensions.delta.vrsn - 1.8.24.6
FF - user.js: extensions.delta.vrsni - 1.8.24.6
FF - user.js: extensions.delta.vrsnTs - 1.8.24.619:21
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119357&tsp=4983
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-AdobeUpdater - c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
AddRemove-Zanzarah - c:\windows\IsUn0407.exe
AddRemove-{9B8E1C10-3952-48D3-BC66-F223DDC3A556} - c:\programdata\{B35DFC47-860C-44AC-9747-AD6208420DED}\Firefox-3.6-WEB.DE-Edition.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3783709258-2247286899-232976329-1000\Software\SecuROM\License information*]
"datasecu"=hex:55,86,f4,94,a1,f8,64,77,60,b2,89,44,85,a6,bf,76,a9,37,e3,fe,d0,
   9c,16,88,df,c7,e9,ad,f2,91,b7,5f,c1,62,7a,b7,90,f1,e2,a3,b6,29,e9,1d,ed,2a,\
"rkeysecu"=hex:bc,7e,84,81,8b,dc,4f,b5,74,d2,96,a5,95,dc,74,50
.
[HKEY_USERS\S-1-5-21-3783709258-2247286899-232976329-1000_Classes\VirtualStore\MACHINE\SOFTWARE\GameHouse\FeedingFrenzy]
@DACL=(02 0000)
"SaverInstallPath"="c:\\Program Files\\Zylom Games\\Feeding Frenzy Deluxe"
.
[HKEY_USERS\S-1-5-21-3783709258-2247286899-232976329-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Sandlot Games\CakeMania]
@Class="Key"
@DACL=(02 0000)
"AppFolder"="c:\\ProgramData\\Sandlot Games\\Cake Mania\\"
"InProgress"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1460)
c:\users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\STacSV.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\taskhost.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\WUDFHost.exe
c:\windows\System32\rundll32.exe
c:\program files\XPSMiniViewGadget\XPSMiniViewGadget.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Logitech\SetPointP\LBTWiz.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\LOLReplay\LOLRecorder.exe
c:\users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files\Microsoft Office\Office14\ONENOTEM.EXE
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-08-24  15:27:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-08-24 13:27
.
Vor Suchlauf: 25 Verzeichnis(se), 190.009.393.152 Bytes frei
Nach Suchlauf: 33 Verzeichnis(se), 191.653.482.496 Bytes frei
.
- - End Of File - - EEC50CB621600A41A1734151D9AAF23A
A36C5E4F47E84449FF07ED3517B43A31
         


Alt 24.08.2013, 19:09   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Ich habe einen Trojaner (Logfile gemacht)

Alt 24.08.2013, 20:44   #7
lisa2
 
Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)



Hallo,

hier ist der Log von Malwarebytes (Quick-Scan):

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.24.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16660
Lisa :: LISA-PC [Administrator]

24.08.2013 19:57:58
mbam-log-2013-08-24 (19-57-58).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 286526
Laufzeit: 22 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Daten: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Hier von AdwCleaner:

Code:
ATTFilter
# AdwCleaner v3.001 - Report created 24/08/2013 at 20:26:16
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Lisa - LISA-PC
# Running from : C:\Users\Lisa\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : ICQ Service

***** [ Files / Folders ] *****

Folder Deleted : C:\DVDVideoSoft
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\ProgramData\GamesBar
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\iWin
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Alawar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\delta
Folder Deleted : C:\Program Files\GamesBar
Folder Deleted : C:\Program Files\ICQ\ICQToolbar
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\Program Files\DVDVideoSoft
Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft
Folder Deleted : C:\Users\Lisa\AppData\Local\PackageAware
Folder Deleted : C:\Users\Lisa\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Lisa\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Lisa\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Lisa\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Lisa\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Lisa\AppData\LocalLow\DVDVideoSoft
Folder Deleted : C:\Users\Lisa\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Lisa\AppData\Roaming\iWin
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Alawar
Folder Deleted : C:\Users\Lisa\AppData\Roaming\DVDVideoSoft
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Lisa\Documents\DVDVideoSoft
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Conduit
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\ConduitEngine
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\jetpack
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\CT2438727
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\CT2269050
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\engine@conduit.com
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\ffxtlbr@delta.com
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\toolbar@ask.com
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Folder Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\plugin@yontoo.com.xpi
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\11-suche.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\bProtector_extensions.rdf
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\bprotector_prefs.js
File Deleted : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\user.js
File Deleted : C:\Windows\System32\Tasks\BrowserDefendert
File Deleted : C:\Windows\System32\Tasks\EPUpdater
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17B66022-92A3-4916-9838-F0F3ADC1607F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17B66022-92A3-4916-9838-F0F3ADC1607F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F077C86-7C66-4D9F-B871-04EA76B74513}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F077C86-7C66-4D9F-B871-04EA76B74513}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC7C703B-30A1-477D-86B7-236B65D8B47D}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC7C703B-30A1-477D-86B7-236B65D8B47D}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKCU\Software\855d6d8b03ebd40
Key Deleted : HKLM\SOFTWARE\855d6d8b03ebd40
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hamster-free-video-converter_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hamster-free-video-converter_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5785E1-D769-4F9D-A619-9F7F3F86C9DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AB51C4FE-F530-4C7E-9F9A-FDE7AEC1598A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AB51C4FE-F530-4C7E-9F9A-FDE7AEC1598A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks []
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks []
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}]
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\DVDVideoSoft
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\lyrixeeker
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoft
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\GamesBarSetup
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\DVDVideoSoft
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoft Toolbar
Product Deleted : Ask Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v20.0.1 (de)

[ File : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\prefs.js ]

Line Deleted : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2269050.CTID", "CT2269050");
Line Deleted : user_pref("CT2269050.CurrentServerDate", "15-7-2010");
Line Deleted : user_pref("CT2269050.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2269050.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2269050.EMailNotifierPollDate", "Thu Jul 15 2010 19:20:49 GMT+0200");
Line Deleted : user_pref("CT2269050.ExternalComponentPollDate8877840225553681985", "Wed Jul 14 2010 21:45:10 GMT+0200");
Line Deleted : user_pref("CT2269050.FirstServerDate", "4-1-2010");
Line Deleted : user_pref("CT2269050.FirstTime", true);
Line Deleted : user_pref("CT2269050.FirstTimeFF3", true);
Line Deleted : user_pref("CT2269050.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT2269050.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2269050.Initialize", true);
Line Deleted : user_pref("CT2269050.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2269050.InstallationAndCookieDataSentCount", 2);
Line Deleted : user_pref("CT2269050.InstalledDate", "Tue Dec 29 2009 21:25:43 GMT+0100");
Line Deleted : user_pref("CT2269050.InvalidateCache", false);
Line Deleted : user_pref("CT2269050.IsGrouping", false);
Line Deleted : user_pref("CT2269050.IsMulticommunity", false);
Line Deleted : user_pref("CT2269050.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT2269050.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2269050.LanguagePackLastCheckTime", "Wed Jul 14 2010 21:45:10 GMT+0200");
Line Deleted : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2269050.LastLogin_2.4.0.4", "Sun Jan 03 2010 21:49:55 GMT+0100");
Line Deleted : user_pref("CT2269050.LastLogin_2.5.2.14", "Mon Jan 25 2010 16:54:56 GMT+0100");
Line Deleted : user_pref("CT2269050.LastLogin_2.5.6.0", "Fri Feb 12 2010 13:23:49 GMT+0100");
Line Deleted : user_pref("CT2269050.LastLogin_2.7.0.14", "Thu Jul 15 2010 19:15:46 GMT+0200");
Line Deleted : user_pref("CT2269050.LatestVersion", "2.1.0.18");
Line Deleted : user_pref("CT2269050.Locale", "en");
Line Deleted : user_pref("CT2269050.LoginCache", 4);
Line Deleted : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2269050.RadioIsPodcast", false);
Line Deleted : user_pref("CT2269050.RadioLastCheckTime", "Thu Jul 15 2010 21:45:21 GMT+0200");
Line Deleted : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Line Deleted : user_pref("CT2269050.RadioMediaID", "12473383");
Line Deleted : user_pref("CT2269050.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Line Deleted : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Line Deleted : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Line Deleted : user_pref("CT2269050.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT2269050.SearchBoxWidth", 100);
Line Deleted : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2269050&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=");
Line Deleted : user_pref("CT2269050.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Thu Jul 15 2010 21:45:11 GMT+0200");
Line Deleted : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2269050.SettingsLastCheckTime", "Thu Jul 15 2010 19:15:40 GMT+0200");
Line Deleted : user_pref("CT2269050.SettingsLastUpdate", "1277823092");
Line Deleted : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Wed Jul 14 2010 21:45:03 GMT+0200");
Line Deleted : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1277823092");
Line Deleted : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Deleted : user_pref("CT2269050.UserID", "UN18937493875262190");
Line Deleted : user_pref("CT2269050.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2269050.WeatherNetwork", "");
Line Deleted : user_pref("CT2269050.WeatherPollDate", "Thu Jul 15 2010 19:15:49 GMT+0200");
Line Deleted : user_pref("CT2269050.WeatherUnit", "C");
Line Deleted : user_pref("CT2269050.alertChannelId", "666138");
Line Deleted : user_pref("CT2269050.clientLogIsEnabled", true);
Line Deleted : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2269050.myStuffEnabled", true);
Line Deleted : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2438727.CTID", "CT2438727");
Line Deleted : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Line Deleted : user_pref("CT2438727.CurrentServerDate", "7-7-2010");
Line Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2438727.FirstServerDate", "12-2-2010");
Line Deleted : user_pref("CT2438727.FirstTime", true);
Line Deleted : user_pref("CT2438727.FirstTimeFF3", true);
Line Deleted : user_pref("CT2438727.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT2438727.GroupingLastCheckTime", "0");
Line Deleted : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Line Deleted : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2438727.Initialize", true);
Line Deleted : user_pref("CT2438727.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2438727.InstalledDate", "Fri Feb 12 2010 13:27:40 GMT+0100");
Line Deleted : user_pref("CT2438727.InvalidateCache", false);
Line Deleted : user_pref("CT2438727.IsGrouping", false);
Line Deleted : user_pref("CT2438727.IsMulticommunity", false);
Line Deleted : user_pref("CT2438727.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2438727.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Tue Jul 06 2010 18:28:29 GMT+0200");
Line Deleted : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2438727.LastLogin_2.5.6.0", "Wed Jul 07 2010 14:11:28 GMT+0200");
Line Deleted : user_pref("CT2438727.LatestVersion", "2.1.0.18");
Line Deleted : user_pref("CT2438727.Locale", "en");
Line Deleted : user_pref("CT2438727.LoginCache", 4);
Line Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2438727.RadioLastCheckTime", "0");
Line Deleted : user_pref("CT2438727.RadioLastUpdateIPServer", "0");
Line Deleted : user_pref("CT2438727.RadioLastUpdateServer", "0");
Line Deleted : user_pref("CT2438727.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT2438727.SearchBoxWidth", 100);
Line Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");
Line Deleted : user_pref("CT2438727.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Tue Jul 06 2010 18:28:17 GMT+0200");
Line Deleted : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Wed Jul 07 2010 14:11:19 GMT+0200");
Line Deleted : user_pref("CT2438727.SettingsLastUpdate", "1275607866");
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Tue Jun 29 2010 22:06:08 GMT+0200");
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1275546478");
Line Deleted : user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Deleted : user_pref("CT2438727.UserID", "UN82334188226881893");
Line Deleted : user_pref("CT2438727.ValidationData_Search", 0);
Line Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2438727.alertChannelId", "832836");
Line Deleted : user_pref("CT2438727.clientLogIsEnabled", true);
Line Deleted : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2438727.myStuffEnabled", true);
Line Deleted : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"80927e5f86f7cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2.1", "\"0652eeacc6cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Line Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/MarketPlace/3d/f6/3da3ff3d-3fb4-4a03-be93-468e59eee9f6/Gadgets/6f84459b-aa48-4d42-a112-f694a40444c0.html", "47x151");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,CT2438727,ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050,CT2438727");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Apr 12 2011 22:04:05 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed May 18 2011 20:30:05 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed May 18 2011 13:53:01 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "b179dae5-9e09-4546-8422-2a5e5b2629a7");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jul 15 2010 21:45:12 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat May 14 2011 20:26:15 GMT+0200");
Line Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Line Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed May 18 2011 13:53:02 GMT+0200");
Line Deleted : user_pref("ConduitEngine.FirstServerDate", "03/21/2011 14");
Line Deleted : user_pref("ConduitEngine.FirstTime", true);
Line Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Line Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line Deleted : user_pref("ConduitEngine.Initialize", true);
Line Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line Deleted : user_pref("ConduitEngine.InstalledDate", "Mon Mar 21 2011 13:26:23 GMT+0100");
Line Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Line Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed May 18 2011 13:53:02 GMT+0200");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Tue Mar 22 2011 22:18:17 GMT+0100");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Wed May 18 2011 20:30:04 GMT+0200");
Line Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Wed May 18 2011 20:30:06 GMT+0200");
Line Deleted : user_pref("ConduitEngine.UserID", "UN64127379424137561");
Line Deleted : user_pref("ConduitEngine.componentAlertEnabled", false);
Line Deleted : user_pref("ConduitEngine.counterAppsAdded", 2);
Line Deleted : user_pref("ConduitEngine.engineLocale", "de");
Line Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed May 18 2011 13:53:02 GMT+0200");
Line Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed May 18 2011 20:30:04 GMT+0200");
Line Deleted : user_pref("ConduitEngine.initDone", true);
Line Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Line Deleted : user_pref("ConduitEngine.usagesFlag", 2);
Line Deleted : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=CC81001E8CC7C0AB&affID=119357&tsp=4983");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CC81001E8CC7C0AB&affID=119357&tsp=4983");
Line Deleted : user_pref("extensions.aniweather.timeShifted", 1593868);
Line Deleted : user_pref("extensions.enabledAddons", "externalip%40erik.morlin:0.9.9.6,googleimagehelp%40shivam.org:3.1,MouseControl%40neocodex.us:1.5.1,%7B097d3191-e6fa-4728-9826-b533d755359d%7D:0.7.18,%7Bd40f5e7b-[...]
Line Deleted : user_pref("extensions.enabledItems", "{097d3191-e6fa-4728-9826-b533d755359d}:0.7.13,en-GB@dictionaries.addons.mozilla.org:1.19.1,{0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5,piclens@cooliris.com:1.12.[...]
Line Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\M[...]
Line Deleted : user_pref("extensions.startxxl.originalHomepage", "hxxp://de.ask.com/?l=dis&o=1586&gct=hp");
Line Deleted : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,ezLooker,pagerage,buzzdock,toprelatedtopics");
Line Deleted : user_pref("extentions.y2layers.installId", "32726400-c4f4-438c-9b73-d0758c53f26d");
Line Deleted : user_pref("extentions.y2layers.lastDnsTest", 371874);
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", true);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1305579617);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "k%C3%BCken||feuer||ph%C3%B6nix||ph%C3%B6nix%20aus%20der%20asche||bewerbungsvorlagen%20praktikum||bewerbungsvorlage%20wirtschaftspr%C3%BCfer%2Fsteuerberater||bewerbung%[...]
Line Deleted : user_pref("icqtoolbar.icqgeo", 49);
Line Deleted : user_pref("icqtoolbar.installTime", "1304971412");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "4.0.1");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "120897317512089731751209052195780");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1305719585);
Line Deleted : user_pref("icqtoolbar.version", "1.1.9");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "de");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");

-\\ Google Chrome v29.0.1547.57

[ File : C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [44790 octets] - [24/08/2013 20:23:21]
AdwCleaner[S0].txt - [39799 octets] - [24/08/2013 20:26:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [39860 octets] ##########
         
Hier von JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Home Premium x86
Ran by Lisa on 24.08.2013 at 20:33:47,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2269050
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ConfigTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ConfigTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ZY-SherlockHolmes_TheHoundofTheBaskervilles_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ZY-SherlockHolmes_TheHoundofTheBaskervilles_RASMANCS



~~~ Files

Successfully deleted: [File] "C:\Windows\system32\turegopt.exe"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Lisa\AppData\Roaming\big fish games"
Successfully deleted: [Folder] "C:\Program Files\icqtoolbar"
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{1665FC9B-8CA8-4C97-B48F-E9F5AA836651}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{1ECDCEB8-E67C-4169-96D3-50F22C3370CE}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{234F7C63-98CC-4DAA-AC92-73ED74E385B4}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{256022BE-FEE6-4782-A408-846D2CBC912D}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{26CA32D1-7484-4B31-9849-694752C92075}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{38486736-2C75-4FF7-8545-3A809F0D47BA}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{4294DEDB-31C9-4B4F-8DCC-DE7446C57B96}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{46CD7A35-5FFD-49D7-A84F-6DD5CE107C6D}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{53E54233-EC2B-4741-80F6-BA964729749E}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{53F524F4-97B3-414B-AF65-8FF9E7AFEBFA}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{55E2B379-F67F-4BE5-BED1-640272430B7B}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{56D9F6CA-04EB-4403-ADAA-D7F2E580FFEE}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{5AD880F2-7D0A-4C23-A1E1-F3FFB978C267}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{7A8B373A-A19E-403E-AB6B-D4D75723DE12}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{801B415C-95FC-42F1-A40B-C68FEEFB5836}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{8776001D-CF02-4264-AED1-0FD4B68823DD}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{8ADE48C9-3B76-423B-BA24-4B3D37418E66}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{9214AC4E-1C39-4041-AAA1-19972622C22F}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{A1C6A4D2-026E-4289-8569-1F8995FD11BA}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{A845FF7F-03AA-4AA3-96CF-C969F4E37913}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{B6BD2D67-C3F1-437A-8B73-F5D36A1FDE34}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{B9864B20-0EBA-4D1E-A6B0-0F79B69EBACA}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{BE5A5094-64CD-453A-8DBE-2C7DCCF5EC3A}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{C4208065-5E32-4BFF-91CE-1AC27753CBA6}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{CC781535-80FB-4073-9186-304B7803F36C}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{DC050C01-D2E3-4E60-A80B-55733F8D9A8E}
Successfully deleted: [Empty Folder] C:\Users\Lisa\appdata\local\{E906CE18-540A-4D8E-B75E-59879B109EC5}



~~~ FireFox

Successfully deleted: [File] C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\6dx3b5so.default\extensions\searchy@searchy.xpi
Successfully deleted: [Folder] C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\6dx3b5so.default\extensions\staged
Successfully deleted the following from C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\6dx3b5so.default\prefs.js

user_pref("google.toolbar.button_option.cached.gtbSearchBlogs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBlogs\" t
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_CTK0Y7F4MTG6NKYH03WT-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/
user_pref("samfind.social.notused", "allvoices,attentionmeter,ballhype,barrapunto,bebo,bitly,bizsugar,blinklist,blogger,blogmemesfr,bookmarksfr,bx,care2,citeulike,cliqset,conn
Emptied folder: C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\6dx3b5so.default\minidumps [112 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\epojlgbehpaeekopencdagbdamnkppci



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.08.2013 at 20:35:47,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Und hier nochmal das frische FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-08-2013 01
Ran by Lisa (administrator) on 24-08-2013 20:39:15
Running from C:\Users\Lisa\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(SigmaTel, Inc.) C:\Windows\system32\STacSV.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Safer Networking Ltd.) C:\Program Files\sicherheit\Spybot-Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
() C:\Program Files\XPSMiniViewGadget\XPSMiniViewGadget.exe
(SigmaTel, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Nokia) C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
(SAMSUNG ELECTRONICS) C:\Program Files\Samsung\EmoDio\SMSTray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LBTWiz.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(1und1 Mail und Media GmbH) C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Akamai Technologies, Inc.) C:\Users\Lisa\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Lisa\AppData\Local\Akamai\netsession_win.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(LOL Replay) C:\Program Files\LOLReplay\LOLRecorder.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Dropbox, Inc.) C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
(Farbar) C:\Users\Lisa\Downloads\FRST (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-12] (SigmaTel, Inc.)
HKLM\...\Run: [Bluetooth HCI Monitor] - C:\Windows\System32\HCIMNTR.DLL [9728 2006-12-08] (Logitech Inc.)
HKLM\...\Run: [ECenter] - C:\Dell\E-Center\EULALauncher.exe [17920 2008-01-18] ( )
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [NokiaMServer] - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [x]
HKLM\...\Run: [NokiaMusic FastStart] - C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2090272 2009-11-06] (Nokia)
HKLM\...\Run: [Corel File Shell Monitor] - C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16200 2007-10-30] ()
HKLM\...\Run: [SMSTray] - C:\Program Files\Samsung\EmoDio\SMSTray.exe [479232 2009-04-16] (SAMSUNG ELECTRONICS)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1425208 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Bluetooth Connection Assistant] - LBTWIZ.EXE -silent [x]
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM\...\Run: [MailCheck IE Broker] - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [1519680 2013-07-01] (1und1 Mail und Media GmbH)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2238704 2013-02-21] (Logitech, Inc.)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-09-30] (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-03-31] (Google Inc.)
HKCU\...\Run: [AutoStartNPSAgent] - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2010-03-28] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Lisa\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [WEB.DE Application {sync-000021}] - C:\Users\Lisa\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [943616 2013-05-13] (1&1 Mail & Media GmbH)
HKCU\...\Run: [Xvid] - C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\Gast\...\Run: [DellSupportCenter] - "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [x]
HKU\Gast\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2010-11-20] (Microsoft Corporation)
HKU\Gast\...\Run: [SpybotSD TeaTimer] - C:\Program Files\sicherheit\Spybot-Search & Destroy\TeaTimer.exe [ 2008-01-28] (Safer Networking Limited)
HKU\Gast\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2008-03-31] (Google Inc.)
HKU\Gast\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [ 2010-11-20] (Microsoft Corporation)
HKU\Gast\...\RunOnce: [DPAPIKeyMig] - C:\Windows\system32\dpapimig.exe [ 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files\LOLReplay\LOLRecorder.exe (LOL Replay)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nokia Ovi Suite.lnk
ShortcutTarget: Nokia Ovi Suite.lnk -> C:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe (Nokia)
Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default
FF NetworkProxy: "ftp", "65.126.16.155"
FF NetworkProxy: "ftp_port", 8089
FF NetworkProxy: "http", "65.126.16.155"
FF NetworkProxy: "http_port", 8089
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "65.126.16.155"
FF NetworkProxy: "socks_port", 8089
FF NetworkProxy: "ssl", "65.126.16.155"
FF NetworkProxy: "ssl_port", 8089
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\amazonde.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\preisvergleich.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\GoogleDesktopMozilla.png
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\GoogleDesktopMozilla.src
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\allglassv2@ambroos.neowin.net
FF Extension: Deutsches Wörterbuch - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: LavaFox V2-Blue - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\djziggy@gmail.com
FF Extension: British English Dictionary - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\en-GB@dictionaries.addons.mozilla.org
FF Extension: United States English Spellchecker - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\en-US@dictionaries.addons.mozilla.org
FF Extension: external IP - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\externalip@erik.morlin
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\FirefoxAddon@similarWeb.com
FF Extension: LavaFox V2 - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\info@djzig.com
FF Extension: Scale tabs - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\jid0-wQgRuE1ziTuF2sAupFeSZa9xUGU@jetpack
FF Extension: MouseControl - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\MouseControl@neocodex.us
FF Extension: Cooliris - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\piclens@cooliris.com
FF Extension: samfind Bookmarks Bar - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\sam@samfind.com
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\swiffout@grownsoftware.com
FF Extension: LavaFox V2-Purple - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\zigboom555@aol.com
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF Extension: Flagfox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Google Toolbar for Firefox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: FT DeepDark - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
FF Extension: iMacros for Firefox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
FF Extension: Update Notifier - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{95f24680-9e31-11da-a746-0800200c9a66}
FF Extension: WOT - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: ReminderFox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF Extension: DownloadHelper - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: adblockpopups - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: bizdom - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\bizdom@wizbites.com.xpi
FF Extension: canitbecheaper - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi
FF Extension: dendzones - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\dendzones@captaincaveman.nl.xpi
FF Extension: feedly - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\feedly@devhd.xpi
FF Extension: finder - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\finder@meingutscheincode.de.xpi
FF Extension: firebug - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: GodLesZ.XxSoulCatcherxX - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\GodLesZ.XxSoulCatcherxX@ShaiyaChecker.de.xpi
FF Extension: googleimagehelp - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\googleimagehelp@shivam.org.xpi
FF Extension: jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi
FF Extension: personas - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\personas@christopher.beard.xpi
FF Extension: plugin - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\plugin@apture.com.xpi
FF Extension: quickdrag - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\quickdrag@mozilla.ktechcomputing.com.xpi
FF Extension: silvermelxt - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\silvermelxt@pardal.de.xpi
FF Extension: stealthyextension - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: support - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\support@startxxl.com.xpi
FF Extension: tabscope - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\tabscope@xuldev.org.xpi
FF Extension: toolbar - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\toolbar@web.de.xpi
FF Extension: videosurf_enhanced - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\videosurf_enhanced@videosurf.com.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{75df891f-e299-4725-b14f-7d52f086dea2}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{a82d0125-000a-4a57-abbc-5d4b0dbaab54}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{E10A6337-382E-4FE6-96DE-936ADC34DD04}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files\LyriXeeker\128.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CC81001E8CC7C0AB&affID=119357&tsp=4983"
CHR DefaultSearchURL: (Google) - https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs
CHR DefaultSuggestURL: (Google) - https://www.google.com/complete/search?q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Turn Off the Lights) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.21_0
CHR Extension: (Adblock Plus) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0
CHR Extension: (Warrior Girl) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbngkgeakdhomabndkmfcjijooohmpff\1_0
CHR Extension: (Springpad Clipper) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj\1.1212.12.6_0
CHR Extension: (Logitech SetPoint) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0
CHR Extension: (Black Menu for Google\u2122) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke\4.7.2_0
CHR Extension: (Chrome Toolbox (by Google)) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.32_0
CHR Extension: (Checker Plus for Google Calendar\u2122) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhggnncdpfibdhinjiegagmopldibha\13.8.5_0
CHR Extension: (RealDownloader) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Stealthy) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\3.0.1_0
CHR Extension: (WEB.DE MailCheck) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo\1.2_0
CHR Extension: (Panel View for Keep) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\1.8_0
CHR Extension: (Flava Clipper) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnpejdnkidnilbdgonnnnpbahhhlkheo\0.2.3_0
CHR Extension: (Skype Click to Call) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Ghostery) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.2_0
CHR Extension: (Flava\u2122) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbgeoblgfklfhenfldifemcjfchgdhj\0.9_0
CHR Extension: (Springpad Extension) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR HKLM\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

========================== Services (Whitelisted) =================

R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S3 GoogleDesktopManager-061008-081103; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [29744 2008-12-15] (Google)
S2 gupdate1ca87bbb1afce56; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-12-28] (Google Inc.)
S3 npggsvc; C:\Windows\system32\GameMon.des [4264632 2011-05-15] (INCA Internet Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14592288 2013-07-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-07-31] ()
S4 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S4 RoxLiveShare10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [309744 2007-12-14] (Sonic Solutions)
R2 SBSDWSCService; C:\Program Files\sicherheit\Spybot-Search & Destroy\SDWinSec.exe [810320 2008-01-28] (Safer Networking Ltd.)
S3 ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [651776 2009-09-17] (Nokia)
R2 STacSV; C:\Windows\system32\STacSV.exe [94208 2007-09-12] (SigmaTel, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1723744 2012-11-29] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2010-06-16] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-02-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-30] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-05] (Intel Corporation)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] ()
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [60104 2010-07-12] (FTDI Ltd.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [44296 2013-01-03] (Logitech, Inc.)
R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [12808 2013-01-03] (Logitech, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-02-28] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34592 2013-05-14] (NVIDIA Corporation)
S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [50176 2006-03-24] (Protection Technology (StarForce))
S0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-10] (Avira GmbH)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-09-12] (SigmaTel, Inc.)
S3 TKFsAc; C:\Windows\system32\TKFsAc2k.sys [127584 2010-06-03] (INCA Internet Co., Ltd.)
S3 TKFsAv; C:\Windows\system32\TKFsAv2k.sys [55776 2010-04-13] (Copyright (C) INCA Internet. 2000-2010)
S3 TKFsFt; C:\Windows\system32\TKFsFt2k.sys [81888 2010-06-03] (INCA Internet Co., Ltd.)
S3 TKRgAc; C:\Windows\system32\TKRgAc2k.sys [68192 2010-06-03] (INCA Internet Co., Ltd.)
S3 TKRgFt; C:\Windows\system32\TKRgFtXp.sys [30432 2010-06-03] (INCA Internet Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-08-29] (TuneUp Software)
S3 vsdatant; C:\Windows\system32\vsdatant.sys [394192 2007-03-09] (Zone Labs, LLC)
S3 catchme; \??\C:\Users\Lisa\AppData\Local\Temp\catchme.sys [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 XDva369; \??\C:\Windows\system32\XDva369.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-24 20:34 - 2013-08-24 20:36 - 00000000 ____D C:\Users\Lisa\Desktop\Neuer Ordner
2013-08-24 20:33 - 2013-08-24 20:33 - 01021434 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2013-08-24 20:33 - 2013-08-24 20:33 - 00000000 ____D C:\Windows\ERUNT
2013-08-24 20:23 - 2013-08-24 20:28 - 00000000 ____D C:\AdwCleaner
2013-08-24 20:21 - 2013-08-24 20:21 - 00994642 _____ C:\Users\Lisa\Downloads\adwcleaner.exe
2013-08-24 19:56 - 2013-08-24 19:56 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-24 19:56 - 2013-08-24 19:56 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-24 19:56 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-24 19:55 - 2013-08-24 19:55 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lisa\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-08-24 16:05 - 2013-08-24 16:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2013-08-24 16:04 - 2013-08-24 16:04 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2013-08-24 16:03 - 2013-08-24 16:03 - 07522680 _____ (Microsoft Corporation) C:\Users\Lisa\Desktop\Xbox360_32Deu.exe
2013-08-24 15:27 - 2013-08-24 15:27 - 00031542 _____ C:\ComboFix.txt
2013-08-24 15:05 - 2013-08-24 15:27 - 00000000 ____D C:\ComboFix
2013-08-24 15:05 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-24 15:02 - 2013-08-24 15:02 - 00001402 _____ C:\Users\Lisa\Desktop\ComboFix.exe - Verknüpfung.lnk
2013-08-24 14:21 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-24 14:21 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-24 14:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-24 14:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-24 14:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-24 14:21 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-24 14:21 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-24 14:20 - 2013-08-24 15:27 - 00000000 ____D C:\Qoobox
2013-08-24 14:20 - 2013-08-24 14:20 - 05111180 ____R (Swearware) C:\Users\Lisa\Downloads\ComboFix (1).exe
2013-08-24 14:19 - 2013-08-24 15:26 - 00000000 ____D C:\Windows\erdnt
2013-08-24 14:10 - 2013-08-24 14:10 - 05111180 ____R (Swearware) C:\Users\Lisa\Downloads\ComboFix.exe
2013-08-24 11:58 - 2013-08-24 11:58 - 00073702 _____ C:\Users\Lisa\Desktop\FRST1.txt
2013-08-24 11:58 - 2013-08-24 11:58 - 00034916 _____ C:\Users\Lisa\Desktop\Addition.txt
2013-08-24 11:57 - 2013-08-24 11:57 - 00034916 _____ C:\Users\Lisa\Downloads\Addition.txt
2013-08-24 11:55 - 2013-08-24 11:55 - 00000000 ____D C:\FRST
2013-08-24 11:54 - 2013-08-24 11:54 - 01070467 _____ (Farbar) C:\Users\Lisa\Downloads\FRST.exe
2013-08-23 21:36 - 2013-08-23 21:36 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Malwarebytes
2013-08-23 21:35 - 2013-08-23 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-23 21:34 - 2013-08-23 21:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lisa\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-23 21:27 - 2013-08-23 21:27 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2013-08-23 20:57 - 2013-08-23 20:57 - 00000000 ____D C:\Users\Lisa\AppData\Local\avgchrome
2013-08-23 19:21 - 2013-08-23 19:21 - 46960392 _____ (Trend Micro                                                 ) C:\Users\Lisa\Downloads\tis14de_1479_eval30.exe
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013.zip
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013 (1).zip
2013-08-20 13:21 - 2013-08-20 13:21 - 00092776 _____ (Spotify Ltd) C:\Users\Lisa\Downloads\SpotifySetup.exe
2013-08-16 02:51 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 02:51 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 02:51 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 02:51 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 02:51 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 02:51 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 02:51 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 02:51 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 19:47 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 19:47 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 19:47 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-15 19:47 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 19:47 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 19:47 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 19:47 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 19:47 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 19:47 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 19:47 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 19:47 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 19:47 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-07-31 18:27 - 2013-07-31 18:27 - 00281392 _____ C:\Windows\system32\PnkBstrB.xtr
2013-07-31 18:27 - 2013-07-31 18:27 - 00138736 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-07-31 18:27 - 2013-07-31 18:27 - 00000000 ____D C:\Users\Lisa\AppData\Local\PunkBuster
2013-07-30 23:42 - 2013-07-30 23:42 - 00000000 ____D C:\NvidiaLogging
2013-07-30 23:32 - 2013-05-14 21:28 - 00034592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2013-07-30 23:32 - 2013-05-14 21:27 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2013-07-30 13:25 - 2013-07-30 13:25 - 00000676 _____ C:\Users\Lisa\Desktop\Assassin's Creed III - Verknüpfung.lnk
2013-07-30 01:30 - 2013-07-31 18:28 - 00000000 ____D C:\Users\Lisa\Documents\Assassin's Creed III
2013-07-30 01:18 - 2013-07-30 02:01 - 00000000 ____D C:\Users\Lisa\AppData\Local\Ubisoft Game Launcher
2013-07-30 00:54 - 2013-07-31 18:27 - 00281392 _____ C:\Windows\system32\PnkBstrB.exe
2013-07-30 00:54 - 2013-07-31 18:27 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-07-30 00:54 - 2013-07-30 00:54 - 00189248 _____ C:\Windows\system32\PnkBstrB.ex0
2013-07-30 00:54 - 2013-07-30 00:54 - 00001161 _____ C:\Users\Lisa\Desktop\Uplay.lnk
2013-07-30 00:54 - 2013-07-30 00:54 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-07-30 00:54 - 2012-06-19 13:02 - 03123272 _____ C:\Windows\system32\pbsvc.exe
2013-07-29 21:37 - 2013-07-30 00:37 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\GetRightToGo
2013-07-29 21:36 - 2013-07-29 21:36 - 00435172 _____ C:\Users\Lisa\Downloads\Assassins_Creed_III_DownloadManager.zip

==================== One Month Modified Files and Folders =======

2013-08-24 20:40 - 2009-12-28 14:58 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-24 20:39 - 2013-08-24 20:38 - 01070693 _____ (Farbar) C:\Users\Lisa\Downloads\FRST (1).exe
2013-08-24 20:37 - 2009-11-03 21:46 - 00009504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-24 20:37 - 2009-11-03 21:46 - 00009504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-24 20:36 - 2013-08-24 20:34 - 00000000 ____D C:\Users\Lisa\Desktop\Neuer Ordner
2013-08-24 20:33 - 2013-08-24 20:33 - 01021434 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2013-08-24 20:33 - 2013-08-24 20:33 - 00000000 ____D C:\Windows\ERUNT
2013-08-24 20:31 - 2012-10-20 23:17 - 00000000 ___RD C:\Users\Lisa\Dropbox
2013-08-24 20:31 - 2012-10-20 23:13 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Dropbox
2013-08-24 20:31 - 2009-02-14 20:55 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Skype
2013-08-24 20:29 - 2010-01-22 15:42 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-08-24 20:29 - 2009-12-28 14:58 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-24 20:29 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-24 20:29 - 2009-07-14 06:39 - 00475667 _____ C:\Windows\setupact.log
2013-08-24 20:29 - 2008-03-31 22:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-24 20:28 - 2013-08-24 20:23 - 00000000 ____D C:\AdwCleaner
2013-08-24 20:28 - 2010-03-05 22:20 - 01276274 _____ C:\Windows\WindowsUpdate.log
2013-08-24 20:21 - 2013-08-24 20:21 - 00994642 _____ C:\Users\Lisa\Downloads\adwcleaner.exe
2013-08-24 19:56 - 2013-08-24 19:56 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-24 19:56 - 2013-08-24 19:56 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-24 19:55 - 2013-08-24 19:55 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lisa\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-08-24 16:05 - 2013-08-24 16:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2013-08-24 16:04 - 2013-08-24 16:04 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2013-08-24 16:04 - 2008-03-31 21:56 - 00351036 _____ C:\Windows\DirectX.log
2013-08-24 16:03 - 2013-08-24 16:03 - 07522680 _____ (Microsoft Corporation) C:\Users\Lisa\Desktop\Xbox360_32Deu.exe
2013-08-24 15:27 - 2013-08-24 15:27 - 00031542 _____ C:\ComboFix.txt
2013-08-24 15:27 - 2013-08-24 15:05 - 00000000 ____D C:\ComboFix
2013-08-24 15:27 - 2013-08-24 14:20 - 00000000 ____D C:\Qoobox
2013-08-24 15:27 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-08-24 15:26 - 2013-08-24 14:19 - 00000000 ____D C:\Windows\erdnt
2013-08-24 15:21 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-08-24 15:20 - 2009-11-03 22:02 - 02618754 _____ C:\Windows\PFRO.log
2013-08-24 15:20 - 2009-07-14 04:03 - 76808192 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-08-24 15:20 - 2009-07-14 04:03 - 27787264 _____ C:\Windows\system32\config\SYSTEM.bak
2013-08-24 15:20 - 2009-07-14 04:03 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2013-08-24 15:20 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-08-24 15:20 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2013-08-24 15:19 - 2010-03-05 21:45 - 00000000 ____D C:\Users\Lisa
2013-08-24 15:19 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-08-24 15:02 - 2013-08-24 15:02 - 00001402 _____ C:\Users\Lisa\Desktop\ComboFix.exe - Verknüpfung.lnk
2013-08-24 14:58 - 2009-07-14 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-24 14:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-24 14:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2013-08-24 14:20 - 2013-08-24 14:20 - 05111180 ____R (Swearware) C:\Users\Lisa\Downloads\ComboFix (1).exe
2013-08-24 14:10 - 2013-08-24 14:10 - 05111180 ____R (Swearware) C:\Users\Lisa\Downloads\ComboFix.exe
2013-08-24 11:58 - 2013-08-24 11:58 - 00073702 _____ C:\Users\Lisa\Desktop\FRST1.txt
2013-08-24 11:58 - 2013-08-24 11:58 - 00034916 _____ C:\Users\Lisa\Desktop\Addition.txt
2013-08-24 11:57 - 2013-08-24 11:57 - 00034916 _____ C:\Users\Lisa\Downloads\Addition.txt
2013-08-24 11:55 - 2013-08-24 11:55 - 00000000 ____D C:\FRST
2013-08-24 11:54 - 2013-08-24 11:54 - 01070467 _____ (Farbar) C:\Users\Lisa\Downloads\FRST.exe
2013-08-24 02:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Cursors
2013-08-24 02:14 - 2013-04-14 18:41 - 00000000 ____D C:\Program Files\Jungle Timer
2013-08-24 00:11 - 2011-12-13 17:07 - 00000000 ____D C:\Users\Lisa\AppData\Local\PMB Files
2013-08-24 00:11 - 2011-12-13 17:07 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-23 21:36 - 2013-08-23 21:36 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Malwarebytes
2013-08-23 21:35 - 2013-08-23 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-23 21:35 - 2013-08-23 21:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lisa\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-23 21:27 - 2013-08-23 21:27 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2013-08-23 20:57 - 2013-08-23 20:57 - 00000000 ____D C:\Users\Lisa\AppData\Local\avgchrome
2013-08-23 19:21 - 2013-08-23 19:21 - 46960392 _____ (Trend Micro                                                 ) C:\Users\Lisa\Downloads\tis14de_1479_eval30.exe
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013.zip
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013 (1).zip
2013-08-22 21:40 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-08-22 01:52 - 2010-06-28 15:44 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\HpUpdate
2013-08-21 15:40 - 2012-04-11 12:00 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-21 15:40 - 2011-05-26 15:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-21 14:22 - 2012-05-20 21:13 - 00000000 ____D C:\Users\Lisa\AppData\Local\Origin
2013-08-21 14:22 - 2012-05-20 21:07 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Origin
2013-08-21 14:21 - 2012-05-20 21:07 - 00000000 ____D C:\Program Files\Origin
2013-08-21 13:46 - 2010-09-12 18:48 - 00000000 ____D C:\Users\Lisa\Desktop\Sonstiges
2013-08-20 13:21 - 2013-08-20 13:21 - 00092776 _____ (Spotify Ltd) C:\Users\Lisa\Downloads\SpotifySetup.exe
2013-08-16 16:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-08-16 15:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-16 12:20 - 2010-12-13 21:46 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\TS3Client
2013-08-16 02:59 - 2013-07-15 09:43 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 02:55 - 2010-03-13 21:00 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-16 02:53 - 2010-03-05 22:30 - 01657590 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-31 18:28 - 2013-07-30 01:30 - 00000000 ____D C:\Users\Lisa\Documents\Assassin's Creed III
2013-07-31 18:27 - 2013-07-31 18:27 - 00281392 _____ C:\Windows\system32\PnkBstrB.xtr
2013-07-31 18:27 - 2013-07-31 18:27 - 00138736 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-07-31 18:27 - 2013-07-31 18:27 - 00000000 ____D C:\Users\Lisa\AppData\Local\PunkBuster
2013-07-31 18:27 - 2013-07-30 00:54 - 00281392 _____ C:\Windows\system32\PnkBstrB.exe
2013-07-31 18:27 - 2013-07-30 00:54 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-07-30 23:42 - 2013-07-30 23:42 - 00000000 ____D C:\NvidiaLogging
2013-07-30 23:38 - 2010-05-09 20:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-30 13:25 - 2013-07-30 13:25 - 00000676 _____ C:\Users\Lisa\Desktop\Assassin's Creed III - Verknüpfung.lnk
2013-07-30 02:01 - 2013-07-30 01:18 - 00000000 ____D C:\Users\Lisa\AppData\Local\Ubisoft Game Launcher
2013-07-30 00:54 - 2013-07-30 00:54 - 00189248 _____ C:\Windows\system32\PnkBstrB.ex0
2013-07-30 00:54 - 2013-07-30 00:54 - 00001161 _____ C:\Users\Lisa\Desktop\Uplay.lnk
2013-07-30 00:54 - 2013-07-30 00:54 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-07-30 00:54 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-07-30 00:54 - 2008-04-04 21:55 - 00000000 ____D C:\Program Files\Ubisoft
2013-07-30 00:54 - 2008-03-31 21:47 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-30 00:37 - 2013-07-29 21:37 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\GetRightToGo
2013-07-29 21:36 - 2013-07-29 21:36 - 00435172 _____ C:\Users\Lisa\Downloads\Assassins_Creed_III_DownloadManager.zip
2013-07-27 16:44 - 2008-03-31 21:53 - 00000000 ____D C:\Program Files\Google
2013-07-26 05:13 - 2013-08-16 02:51 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 05:13 - 2013-08-16 02:51 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 05:13 - 2013-08-16 02:51 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 05:12 - 2013-08-16 02:51 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 05:11 - 2013-08-16 02:51 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 05:11 - 2013-08-16 02:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 04:49 - 2013-08-16 02:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 03:59 - 2013-08-16 02:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-25 10:57 - 2013-08-15 19:47 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

Files to move or delete:
====================
C:\Users\Lisa\AppData\Local\Temp\catchme.dll
C:\Users\Lisa\AppData\Local\Temp\Quarantine.exe
C:\Users\Lisa\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\Lisa\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest
C:\Users\Lisa\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-22 19:21

==================== End Of Log ============================
         
--- --- ---

Alt 25.08.2013, 07:02   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.08.2013, 20:12   #9
lisa2
 
Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)



Okay hier das Log von ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=79e876679e5e824484752b0fd2359695
# engine=14893
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-25 05:25:12
# local_time=2013-08-25 07:25:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 97 0 123218396 20758 0
# compatibility_mode=5893 16776573 100 94 81859 129082703 0 0
# compatibility_mode=9217 16777214 25 9 109632532 121566010 0 0
# scanned=392439
# found=3
# cleaned=0
# scan_time=25532
sh=354BDD57F49997D0A1AB3BADA1339CB33765898B ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\plugin@yontoo.com.xpi.vir"
sh=EC1F5EFCFF0C2900FBC2B718C3CD0EC5055722F0 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.E trojan" ac=I fn="C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013 (1).zip"
sh=EC1F5EFCFF0C2900FBC2B718C3CD0EC5055722F0 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.E trojan" ac=I fn="C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013.zip"
         
von SecurityCheck:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.72  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 SpywareBlaster v3.5.1    
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 TuneUp Utilities 2013   
 TuneUp Utilities Language Pack (de-DE) 
 Java 7 Update 25  
 Java(TM) SE Runtime Environment 6 
 Adobe Flash Player 	11.8.800.94  
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
 Mozilla Firefox 20.0.1 Firefox out of Date!  
 Google Chrome 28.0.1500.95  
 Google Chrome 29.0.1547.57  
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Lisa AppData Local WEB.DE Application {sync-000021}\webde_onlinespeicher.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
und das neue FRST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-08-2013 02
Ran by Lisa (administrator) on 25-08-2013 20:03:58
Running from C:\Users\Lisa\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SigmaTel, Inc.) C:\Windows\system32\STacSV.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Safer Networking Ltd.) C:\Program Files\sicherheit\Spybot-Search & Destroy\SDWinSec.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\XPSMiniViewGadget\XPSMiniViewGadget.exe
(SigmaTel, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Nokia) C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
(SAMSUNG ELECTRONICS) C:\Program Files\Samsung\EmoDio\SMSTray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LBTWiz.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(1und1 Mail und Media GmbH) C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Akamai Technologies, Inc.) C:\Users\Lisa\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Lisa\AppData\Local\Akamai\netsession_win.exe
(1&1 Mail & Media GmbH) C:\Users\Lisa\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(LOL Replay) C:\Program Files\LOLReplay\LOLRecorder.exe
(Dropbox, Inc.) C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
(Farbar) C:\Users\Lisa\Downloads\FRST (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-12] (SigmaTel, Inc.)
HKLM\...\Run: [Bluetooth HCI Monitor] - C:\Windows\System32\HCIMNTR.DLL [9728 2006-12-08] (Logitech Inc.)
HKLM\...\Run: [ECenter] - C:\Dell\E-Center\EULALauncher.exe [17920 2008-01-18] ( )
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [NokiaMServer] - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [x]
HKLM\...\Run: [NokiaMusic FastStart] - C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2090272 2009-11-06] (Nokia)
HKLM\...\Run: [Corel File Shell Monitor] - C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16200 2007-10-30] ()
HKLM\...\Run: [SMSTray] - C:\Program Files\Samsung\EmoDio\SMSTray.exe [479232 2009-04-16] (SAMSUNG ELECTRONICS)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1425208 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Bluetooth Connection Assistant] - LBTWIZ.EXE -silent [x]
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM\...\Run: [MailCheck IE Broker] - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [1519680 2013-07-01] (1und1 Mail und Media GmbH)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2238704 2013-02-21] (Logitech, Inc.)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-09-30] (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-03-31] (Google Inc.)
HKCU\...\Run: [AutoStartNPSAgent] - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2010-03-28] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Lisa\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [WEB.DE Application {sync-000021}] - C:\Users\Lisa\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [943616 2013-05-13] (1&1 Mail & Media GmbH)
HKCU\...\Run: [Xvid] - C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\Gast\...\Run: [DellSupportCenter] - "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [x]
HKU\Gast\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2010-11-20] (Microsoft Corporation)
HKU\Gast\...\Run: [SpybotSD TeaTimer] - C:\Program Files\sicherheit\Spybot-Search & Destroy\TeaTimer.exe [ 2008-01-28] (Safer Networking Limited)
HKU\Gast\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2008-03-31] (Google Inc.)
HKU\Gast\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [ 2010-11-20] (Microsoft Corporation)
HKU\Gast\...\RunOnce: [DPAPIKeyMig] - C:\Windows\system32\dpapimig.exe [ 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files\LOLReplay\LOLRecorder.exe (LOL Replay)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nokia Ovi Suite.lnk
ShortcutTarget: Nokia Ovi Suite.lnk -> C:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe (Nokia)
Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default
FF NetworkProxy: "ftp", "65.126.16.155"
FF NetworkProxy: "ftp_port", 8089
FF NetworkProxy: "http", "65.126.16.155"
FF NetworkProxy: "http_port", 8089
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "65.126.16.155"
FF NetworkProxy: "socks_port", 8089
FF NetworkProxy: "ssl", "65.126.16.155"
FF NetworkProxy: "ssl_port", 8089
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\amazonde.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\preisvergleich.xml
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\GoogleDesktopMozilla.png
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\GoogleDesktopMozilla.src
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\allglassv2@ambroos.neowin.net
FF Extension: Deutsches Wörterbuch - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: LavaFox V2-Blue - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\djziggy@gmail.com
FF Extension: British English Dictionary - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\en-GB@dictionaries.addons.mozilla.org
FF Extension: United States English Spellchecker - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\en-US@dictionaries.addons.mozilla.org
FF Extension: external IP - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\externalip@erik.morlin
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\FirefoxAddon@similarWeb.com
FF Extension: LavaFox V2 - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\info@djzig.com
FF Extension: Scale tabs - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\jid0-wQgRuE1ziTuF2sAupFeSZa9xUGU@jetpack
FF Extension: MouseControl - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\MouseControl@neocodex.us
FF Extension: Cooliris - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\piclens@cooliris.com
FF Extension: samfind Bookmarks Bar - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\sam@samfind.com
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\swiffout@grownsoftware.com
FF Extension: LavaFox V2-Purple - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\zigboom555@aol.com
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF Extension: Flagfox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Google Toolbar for Firefox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: FT DeepDark - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
FF Extension: iMacros for Firefox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
FF Extension: Update Notifier - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{95f24680-9e31-11da-a746-0800200c9a66}
FF Extension: WOT - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: ReminderFox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF Extension: DownloadHelper - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: adblockpopups - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: bizdom - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\bizdom@wizbites.com.xpi
FF Extension: canitbecheaper - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi
FF Extension: dendzones - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\dendzones@captaincaveman.nl.xpi
FF Extension: feedly - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\feedly@devhd.xpi
FF Extension: finder - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\finder@meingutscheincode.de.xpi
FF Extension: firebug - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: GodLesZ.XxSoulCatcherxX - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\GodLesZ.XxSoulCatcherxX@ShaiyaChecker.de.xpi
FF Extension: googleimagehelp - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\googleimagehelp@shivam.org.xpi
FF Extension: jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi
FF Extension: personas - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\personas@christopher.beard.xpi
FF Extension: plugin - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\plugin@apture.com.xpi
FF Extension: quickdrag - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\quickdrag@mozilla.ktechcomputing.com.xpi
FF Extension: silvermelxt - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\silvermelxt@pardal.de.xpi
FF Extension: stealthyextension - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: support - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\support@startxxl.com.xpi
FF Extension: tabscope - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\tabscope@xuldev.org.xpi
FF Extension: toolbar - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\toolbar@web.de.xpi
FF Extension: videosurf_enhanced - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\videosurf_enhanced@videosurf.com.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{75df891f-e299-4725-b14f-7d52f086dea2}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{a82d0125-000a-4a57-abbc-5d4b0dbaab54}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{E10A6337-382E-4FE6-96DE-936ADC34DD04}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\6dx3b5so.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files\LyriXeeker\128.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchURL: (Google) - https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs
CHR DefaultSuggestURL: (Google) - https://www.google.com/complete/search?q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Turn Off the Lights) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.21_0
CHR Extension: (Adblock Plus) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0
CHR Extension: (Warrior Girl) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbngkgeakdhomabndkmfcjijooohmpff\1_0
CHR Extension: (Springpad Clipper) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj\1.1212.12.6_0
CHR Extension: (Logitech SetPoint) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0
CHR Extension: (Black Menu for Google\u2122) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke\4.7.2_0
CHR Extension: (Chrome Toolbox (by Google)) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.32_0
CHR Extension: (Checker Plus for Google Calendar\u2122) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhggnncdpfibdhinjiegagmopldibha\13.8.5_0
CHR Extension: (RealDownloader) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Stealthy) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\3.0.1_0
CHR Extension: (WEB.DE MailCheck) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo\1.2_0
CHR Extension: (Panel View for Keep) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\1.8_0
CHR Extension: (Flava Clipper) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnpejdnkidnilbdgonnnnpbahhhlkheo\0.2.3_0
CHR Extension: (Skype Click to Call) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Ghostery) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.2_0
CHR Extension: (Flava\u2122) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbgeoblgfklfhenfldifemcjfchgdhj\0.9_0
CHR Extension: (Springpad Extension) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR HKLM\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

========================== Services (Whitelisted) =================

R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S3 GoogleDesktopManager-061008-081103; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [29744 2008-12-15] (Google)
S2 gupdate1ca87bbb1afce56; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-12-28] (Google Inc.)
S3 npggsvc; C:\Windows\system32\GameMon.des [4264632 2011-05-15] (INCA Internet Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14592288 2013-07-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-07-31] ()
S4 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S4 RoxLiveShare10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [309744 2007-12-14] (Sonic Solutions)
R2 SBSDWSCService; C:\Program Files\sicherheit\Spybot-Search & Destroy\SDWinSec.exe [810320 2008-01-28] (Safer Networking Ltd.)
S3 ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [651776 2009-09-17] (Nokia)
R2 STacSV; C:\Windows\system32\STacSV.exe [94208 2007-09-12] (SigmaTel, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1723744 2012-11-29] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2010-06-16] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-02-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-30] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-05] (Intel Corporation)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] ()
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [60104 2010-07-12] (FTDI Ltd.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [44296 2013-01-03] (Logitech, Inc.)
R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [12808 2013-01-03] (Logitech, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-02-28] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34592 2013-05-14] (NVIDIA Corporation)
S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [50176 2006-03-24] (Protection Technology (StarForce))
S0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-10] (Avira GmbH)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-09-12] (SigmaTel, Inc.)
S3 TKFsAc; C:\Windows\system32\TKFsAc2k.sys [127584 2010-06-03] (INCA Internet Co., Ltd.)
S3 TKFsAv; C:\Windows\system32\TKFsAv2k.sys [55776 2010-04-13] (Copyright (C) INCA Internet. 2000-2010)
S3 TKFsFt; C:\Windows\system32\TKFsFt2k.sys [81888 2010-06-03] (INCA Internet Co., Ltd.)
S3 TKRgAc; C:\Windows\system32\TKRgAc2k.sys [68192 2010-06-03] (INCA Internet Co., Ltd.)
S3 TKRgFt; C:\Windows\system32\TKRgFtXp.sys [30432 2010-06-03] (INCA Internet Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-08-29] (TuneUp Software)
S3 vsdatant; C:\Windows\system32\vsdatant.sys [394192 2007-03-09] (Zone Labs, LLC)
S3 catchme; \??\C:\Users\Lisa\AppData\Local\Temp\catchme.sys [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 XDva369; \??\C:\Windows\system32\XDva369.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-25 12:20 - 2013-08-25 20:01 - 00000000 ____D C:\Users\Lisa\Desktop\Neuer Ordner
2013-08-25 12:18 - 2013-08-25 12:18 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu (1).exe
2013-08-24 20:33 - 2013-08-24 20:33 - 01021434 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2013-08-24 20:33 - 2013-08-24 20:33 - 00000000 ____D C:\Windows\ERUNT
2013-08-24 20:23 - 2013-08-24 20:28 - 00000000 ____D C:\AdwCleaner
2013-08-24 20:21 - 2013-08-24 20:21 - 00994642 _____ C:\Users\Lisa\Downloads\adwcleaner.exe
2013-08-24 19:56 - 2013-08-24 19:56 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-24 19:56 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-24 19:55 - 2013-08-24 19:55 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lisa\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-08-24 16:05 - 2013-08-24 16:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2013-08-24 16:04 - 2013-08-24 16:04 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2013-08-24 15:27 - 2013-08-24 15:27 - 00031542 _____ C:\ComboFix.txt
2013-08-24 15:05 - 2013-08-24 15:27 - 00000000 ____D C:\ComboFix
2013-08-24 15:05 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-24 14:21 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-24 14:21 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-24 14:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-24 14:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-24 14:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-24 14:21 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-24 14:21 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-24 14:20 - 2013-08-24 15:27 - 00000000 ____D C:\Qoobox
2013-08-24 14:20 - 2013-08-24 14:20 - 05111180 ____R (Swearware) C:\Users\Lisa\Downloads\ComboFix (1).exe
2013-08-24 14:19 - 2013-08-24 15:26 - 00000000 ____D C:\Windows\erdnt
2013-08-24 14:10 - 2013-08-24 14:10 - 05111180 ____R (Swearware) C:\Users\Lisa\Downloads\ComboFix.exe
2013-08-24 11:57 - 2013-08-24 11:57 - 00034916 _____ C:\Users\Lisa\Downloads\Addition.txt
2013-08-24 11:55 - 2013-08-24 11:55 - 00000000 ____D C:\FRST
2013-08-24 11:54 - 2013-08-24 11:54 - 01070467 _____ (Farbar) C:\Users\Lisa\Downloads\FRST.exe
2013-08-23 21:36 - 2013-08-23 21:36 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Malwarebytes
2013-08-23 21:35 - 2013-08-23 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-23 21:34 - 2013-08-23 21:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lisa\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-23 21:27 - 2013-08-23 21:27 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2013-08-23 20:57 - 2013-08-23 20:57 - 00000000 ____D C:\Users\Lisa\AppData\Local\avgchrome
2013-08-23 19:21 - 2013-08-23 19:21 - 46960392 _____ (Trend Micro                                                 ) C:\Users\Lisa\Downloads\tis14de_1479_eval30.exe
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013.zip
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013 (1).zip
2013-08-20 13:21 - 2013-08-20 13:21 - 00092776 _____ (Spotify Ltd) C:\Users\Lisa\Downloads\SpotifySetup.exe
2013-08-16 02:51 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 02:51 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 02:51 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 02:51 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 02:51 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 02:51 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 02:51 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 02:51 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 02:51 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 19:47 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 19:47 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 19:47 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-15 19:47 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 19:47 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 19:47 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 19:47 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 19:47 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 19:47 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 19:47 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 19:47 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 19:47 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-07-31 18:27 - 2013-07-31 18:27 - 00281392 _____ C:\Windows\system32\PnkBstrB.xtr
2013-07-31 18:27 - 2013-07-31 18:27 - 00138736 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-07-31 18:27 - 2013-07-31 18:27 - 00000000 ____D C:\Users\Lisa\AppData\Local\PunkBuster
2013-07-30 23:42 - 2013-07-30 23:42 - 00000000 ____D C:\NvidiaLogging
2013-07-30 23:32 - 2013-05-14 21:28 - 00034592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2013-07-30 23:32 - 2013-05-14 21:27 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2013-07-30 13:25 - 2013-07-30 13:25 - 00000676 _____ C:\Users\Lisa\Desktop\Assassin's Creed III - Verknüpfung.lnk
2013-07-30 01:30 - 2013-07-31 18:28 - 00000000 ____D C:\Users\Lisa\Documents\Assassin's Creed III
2013-07-30 01:18 - 2013-07-30 02:01 - 00000000 ____D C:\Users\Lisa\AppData\Local\Ubisoft Game Launcher
2013-07-30 00:54 - 2013-07-31 18:27 - 00281392 _____ C:\Windows\system32\PnkBstrB.exe
2013-07-30 00:54 - 2013-07-31 18:27 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-07-30 00:54 - 2013-07-30 00:54 - 00189248 _____ C:\Windows\system32\PnkBstrB.ex0
2013-07-30 00:54 - 2013-07-30 00:54 - 00001161 _____ C:\Users\Lisa\Desktop\Uplay.lnk
2013-07-30 00:54 - 2013-07-30 00:54 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-07-30 00:54 - 2012-06-19 13:02 - 03123272 _____ C:\Windows\system32\pbsvc.exe
2013-07-29 21:37 - 2013-07-30 00:37 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\GetRightToGo
2013-07-29 21:36 - 2013-07-29 21:36 - 00435172 _____ C:\Users\Lisa\Downloads\Assassins_Creed_III_DownloadManager.zip

==================== One Month Modified Files and Folders =======

2013-08-25 20:03 - 2013-08-25 20:03 - 01070523 _____ (Farbar) C:\Users\Lisa\Downloads\FRST (1).exe
2013-08-25 20:01 - 2013-08-25 12:20 - 00000000 ____D C:\Users\Lisa\Desktop\Neuer Ordner
2013-08-25 19:51 - 2010-03-05 22:20 - 01355468 _____ C:\Windows\WindowsUpdate.log
2013-08-25 19:43 - 2009-02-14 20:55 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Skype
2013-08-25 19:40 - 2012-04-11 12:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-25 19:40 - 2009-12-28 14:58 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-25 17:15 - 2009-07-14 06:39 - 00475891 _____ C:\Windows\setupact.log
2013-08-25 12:18 - 2013-08-25 12:18 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu (1).exe
2013-08-25 11:48 - 2011-12-13 17:07 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-25 11:43 - 2009-11-03 21:46 - 00009504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-25 11:43 - 2009-11-03 21:46 - 00009504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-25 11:35 - 2012-10-20 23:17 - 00000000 ___RD C:\Users\Lisa\Dropbox
2013-08-25 11:35 - 2012-10-20 23:13 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Dropbox
2013-08-25 11:33 - 2010-01-22 15:42 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-08-25 11:33 - 2009-12-28 14:58 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-25 11:33 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-25 11:33 - 2008-03-31 22:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-24 20:33 - 2013-08-24 20:33 - 01021434 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2013-08-24 20:33 - 2013-08-24 20:33 - 00000000 ____D C:\Windows\ERUNT
2013-08-24 20:28 - 2013-08-24 20:23 - 00000000 ____D C:\AdwCleaner
2013-08-24 20:26 - 2008-04-23 21:03 - 00000000 ____D C:\ProgramData\ICQ
2013-08-24 20:26 - 2008-04-23 21:03 - 00000000 ____D C:\Program Files\ICQ
2013-08-24 20:21 - 2013-08-24 20:21 - 00994642 _____ C:\Users\Lisa\Downloads\adwcleaner.exe
2013-08-24 19:56 - 2013-08-24 19:56 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-24 19:55 - 2013-08-24 19:55 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lisa\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-08-24 16:05 - 2013-08-24 16:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2013-08-24 16:04 - 2013-08-24 16:04 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2013-08-24 16:04 - 2008-03-31 21:56 - 00351036 _____ C:\Windows\DirectX.log
2013-08-24 15:27 - 2013-08-24 15:27 - 00031542 _____ C:\ComboFix.txt
2013-08-24 15:27 - 2013-08-24 15:05 - 00000000 ____D C:\ComboFix
2013-08-24 15:27 - 2013-08-24 14:20 - 00000000 ____D C:\Qoobox
2013-08-24 15:27 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-08-24 15:26 - 2013-08-24 14:19 - 00000000 ____D C:\Windows\erdnt
2013-08-24 15:21 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-08-24 15:20 - 2009-11-03 22:02 - 02618754 _____ C:\Windows\PFRO.log
2013-08-24 15:20 - 2009-07-14 04:03 - 76808192 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-08-24 15:20 - 2009-07-14 04:03 - 27787264 _____ C:\Windows\system32\config\SYSTEM.bak
2013-08-24 15:20 - 2009-07-14 04:03 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2013-08-24 15:20 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-08-24 15:20 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2013-08-24 15:19 - 2010-03-05 21:45 - 00000000 ____D C:\Users\Lisa
2013-08-24 15:19 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-08-24 14:58 - 2009-07-14 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-24 14:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-24 14:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2013-08-24 14:20 - 2013-08-24 14:20 - 05111180 ____R (Swearware) C:\Users\Lisa\Downloads\ComboFix (1).exe
2013-08-24 14:10 - 2013-08-24 14:10 - 05111180 ____R (Swearware) C:\Users\Lisa\Downloads\ComboFix.exe
2013-08-24 11:57 - 2013-08-24 11:57 - 00034916 _____ C:\Users\Lisa\Downloads\Addition.txt
2013-08-24 11:55 - 2013-08-24 11:55 - 00000000 ____D C:\FRST
2013-08-24 11:54 - 2013-08-24 11:54 - 01070467 _____ (Farbar) C:\Users\Lisa\Downloads\FRST.exe
2013-08-24 02:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Cursors
2013-08-24 02:14 - 2013-04-14 18:41 - 00000000 ____D C:\Program Files\Jungle Timer
2013-08-23 21:36 - 2013-08-23 21:36 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Malwarebytes
2013-08-23 21:35 - 2013-08-23 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-23 21:35 - 2013-08-23 21:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lisa\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-23 21:27 - 2013-08-23 21:27 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2013-08-23 20:57 - 2013-08-23 20:57 - 00000000 ____D C:\Users\Lisa\AppData\Local\avgchrome
2013-08-23 19:21 - 2013-08-23 19:21 - 46960392 _____ (Trend Micro                                                 ) C:\Users\Lisa\Downloads\tis14de_1479_eval30.exe
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013.zip
2013-08-23 19:07 - 2013-08-23 19:07 - 00143980 _____ C:\Users\Lisa\Downloads\Ausgleich der stornierten Lastschrift Ihrer Bestellung 23.08.2013 (1).zip
2013-08-22 21:40 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-08-22 01:52 - 2010-06-28 15:44 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\HpUpdate
2013-08-21 15:40 - 2012-04-11 12:00 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-21 15:40 - 2011-05-26 15:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-21 14:22 - 2012-05-20 21:13 - 00000000 ____D C:\Users\Lisa\AppData\Local\Origin
2013-08-21 14:22 - 2012-05-20 21:07 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Origin
2013-08-21 14:21 - 2012-05-20 21:07 - 00000000 ____D C:\Program Files\Origin
2013-08-21 13:46 - 2010-09-12 18:48 - 00000000 ____D C:\Users\Lisa\Desktop\Sonstiges
2013-08-20 13:21 - 2013-08-20 13:21 - 00092776 _____ (Spotify Ltd) C:\Users\Lisa\Downloads\SpotifySetup.exe
2013-08-16 16:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-08-16 15:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-16 12:20 - 2010-12-13 21:46 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\TS3Client
2013-08-16 02:59 - 2013-07-15 09:43 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 02:55 - 2010-03-13 21:00 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-16 02:53 - 2010-03-05 22:30 - 01657590 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-31 18:28 - 2013-07-30 01:30 - 00000000 ____D C:\Users\Lisa\Documents\Assassin's Creed III
2013-07-31 18:27 - 2013-07-31 18:27 - 00281392 _____ C:\Windows\system32\PnkBstrB.xtr
2013-07-31 18:27 - 2013-07-31 18:27 - 00138736 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-07-31 18:27 - 2013-07-31 18:27 - 00000000 ____D C:\Users\Lisa\AppData\Local\PunkBuster
2013-07-31 18:27 - 2013-07-30 00:54 - 00281392 _____ C:\Windows\system32\PnkBstrB.exe
2013-07-31 18:27 - 2013-07-30 00:54 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-07-30 23:42 - 2013-07-30 23:42 - 00000000 ____D C:\NvidiaLogging
2013-07-30 23:38 - 2010-05-09 20:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-30 13:25 - 2013-07-30 13:25 - 00000676 _____ C:\Users\Lisa\Desktop\Assassin's Creed III - Verknüpfung.lnk
2013-07-30 02:01 - 2013-07-30 01:18 - 00000000 ____D C:\Users\Lisa\AppData\Local\Ubisoft Game Launcher
2013-07-30 00:54 - 2013-07-30 00:54 - 00189248 _____ C:\Windows\system32\PnkBstrB.ex0
2013-07-30 00:54 - 2013-07-30 00:54 - 00001161 _____ C:\Users\Lisa\Desktop\Uplay.lnk
2013-07-30 00:54 - 2013-07-30 00:54 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-07-30 00:54 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-07-30 00:54 - 2008-04-04 21:55 - 00000000 ____D C:\Program Files\Ubisoft
2013-07-30 00:54 - 2008-03-31 21:47 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-30 00:37 - 2013-07-29 21:37 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\GetRightToGo
2013-07-29 21:36 - 2013-07-29 21:36 - 00435172 _____ C:\Users\Lisa\Downloads\Assassins_Creed_III_DownloadManager.zip
2013-07-27 16:44 - 2008-03-31 21:53 - 00000000 ____D C:\Program Files\Google
2013-07-26 05:13 - 2013-08-16 02:51 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 05:13 - 2013-08-16 02:51 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 05:13 - 2013-08-16 02:51 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 05:12 - 2013-08-16 02:51 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 05:12 - 2013-08-16 02:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 05:11 - 2013-08-16 02:51 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 05:11 - 2013-08-16 02:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 04:49 - 2013-08-16 02:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 03:59 - 2013-08-16 02:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

Files to move or delete:
====================
C:\Users\Lisa\AppData\Local\Temp\catchme.dll
C:\Users\Lisa\AppData\Local\Temp\Quarantine.exe
C:\Users\Lisa\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\Lisa\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest
C:\Users\Lisa\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-22 19:21

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Nein, Probleme gibts keine Dann sollte der Trojaner jetzt wieder weg sein, richtig ?

Alt 26.08.2013, 09:21   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)



Adobe und Java updaten. Die beiden von ESET angemeckerten ZIP im Downloadordner manuell löschen.

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.08.2013, 19:51   #11
lisa2
 
Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)



Ja, passt alles Vielen Dank für deine schnelle Hilfe und die guten Tipps am Ende! *thumps up*

Ich werde euch/dich auf jeden Fall weiterempfehlen

Viele Grüße und einen schönen Abend

Alt 28.08.2013, 09:03   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Ich habe einen Trojaner (Logfile gemacht) - Standard

Ich habe einen Trojaner (Logfile gemacht)



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Ich habe einen Trojaner (Logfile gemacht)
.zip datei, delta chrome toolbar, download.exe, extension.mismatch, hoax.badjoke.autoit, install.exe, jungle, malwarebytes, pup.babylon.a, pup.bprotector, pup.downloader.zyl, pup.optional.babsolution.a, pup.optional.babylon.a, pup.optional.browserdefender.a, pup.optional.datamngr, pup.optional.delta, pup.optional.delta.a, pup.optional.installcore.a, pup.optional.lyricxeeker.a, pup.optional.opencandy, pup.optional.softonic, pup.optional.tarma.a, trojan.bho, trojan.msil, win32/adware.yontoo, win32/trustezeb.e



Ähnliche Themen: Ich habe einen Trojaner (Logfile gemacht)


  1. ich habe einen Trojaner auf dem PC
    Plagegeister aller Art und deren Bekämpfung - 14.10.2014 (14)
  2. versuch mit OTL trojaner PUM.UserWLoad und Trojan.Agent zu entfernen.. hoffe habe alles richtig gemacht
    Log-Analyse und Auswertung - 23.06.2013 (3)
  3. Gmx Mail Account gehackt? Habe ich einen Trojaner oder einen Spybot auf dem Rechner?
    Log-Analyse und Auswertung - 01.05.2013 (18)
  4. ich glaub ich habe einen virus(trojaner>JS/Exploit-Blacole.ht< unter anderen.) sorry habe im ersten thema so ziemlich alles falsch gemacht
    Mülltonne - 21.12.2012 (4)
  5. (2x) Habe ich einen Trojaner?
    Mülltonne - 15.10.2012 (1)
  6. Logfile: Habe ich mir einen Trokaner eingefangen?
    Log-Analyse und Auswertung - 09.08.2010 (2)
  7. HiJack Logfile - Habe ich noch einen Virus auf meinem PC?
    Log-Analyse und Auswertung - 10.05.2010 (3)
  8. Guten Morgen ich habe ein Gefühl ich habe nun einen Virus/Trojaner
    Log-Analyse und Auswertung - 23.12.2009 (1)
  9. Dummheit gemacht und vermute einen Trojaner
    Log-Analyse und Auswertung - 28.10.2009 (5)
  10. Bitte Logfile anschauen, habe einen Trojaner
    Log-Analyse und Auswertung - 20.01.2009 (0)
  11. Habe ich einen Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 22.11.2008 (4)
  12. Habe mir glaube ich einen Swizzor eingefangen. Bitte LogFile anschauen!
    Log-Analyse und Auswertung - 12.07.2008 (10)
  13. Logfile. Habe wahrscheinlich einen Trojaner. Vermutlich syskontroller...?
    Mülltonne - 05.07.2008 (0)
  14. Ich habe einen Trojaner!?
    Log-Analyse und Auswertung - 13.06.2008 (6)
  15. Habe ich einen Trojaner??
    Log-Analyse und Auswertung - 18.08.2007 (3)
  16. Habe ich einen Trojaner
    Plagegeister aller Art und deren Bekämpfung - 02.11.2005 (1)
  17. Hab ich einen Fehler gemacht? help
    Log-Analyse und Auswertung - 20.10.2004 (2)

Zum Thema Ich habe einen Trojaner (Logfile gemacht) - Hallo, ich habe mir heute einen Trojaner eingefangen und bitte euch um Hilfe, weil ich mir da nicht wirklich zu helfen weiß Folgendes ist heute passiert (kurz erklärt): Ich bekam - Ich habe einen Trojaner (Logfile gemacht)...
Archiv
Du betrachtest: Ich habe einen Trojaner (Logfile gemacht) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.