Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
ADWARE/InstallCore.Gen' + Adware/Vittalia.AB + TR/Agent.887358 Infektion !

ADWARE/InstallCore.Gen' + Adware/Vittalia.AB + TR/Agent.887358 Infektion !


Plagegeister aller Art und deren Bekämpfung: ADWARE/InstallCore.Gen' + Adware/Vittalia.AB + TR/Agent.887358 Infektion !

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.09.2013, 16:44   #1
acerp225hq
 
ADWARE/InstallCore.Gen' + Adware/Vittalia.AB + TR/Agent.887358 Infektion ! - Standard

ADWARE/InstallCore.Gen' + Adware/Vittalia.AB + TR/Agent.887358 Infektion !


Hallo,

Habe nach einem Antivir-Scan die oben bereits genannten Funde gemeldet bekommen.
Es öffnen sich ständig Pop Up´s und auf jeder Seite werde ich mit Werbung überhäuft.
Ich hoffe es kann mir hier einer weiter helfen.






Avira Free Antivir Bericht :

Exportierte Ereignisse:

Code:
ATTFilter
Exportierte Ereignisse:

12.09.2013 10:33 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Antje und Michel\Downloads\PDFConverterSetup.exe'
      enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' 
      [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56ebef39.qua' 
      verschoben!

12.09.2013 10:33 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Antje und Michel\Downloads\installer_ccleaner_Deutsch.exe'
      enthielt einen Virus oder unerwünschtes Programm 'Adware/Vittalia.AB' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4eafc0c8.qua' 
      verschoben!

12.09.2013 10:27 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Antje und 
      Michel\Downloads\installer_ccleaner_Deutsch.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Vittalia.AB' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

12.09.2013 10:27 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Antje und Michel\Downloads\PDFConverterSetup.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

10.09.2013 19:06 [System-Scanner] Malware gefunden
      Die Datei 'C:\Program Files (x86)\Win7codecs\Tools\Settings32.exe'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Agent.887358' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4d86da66.qua' 
      verschoben!



OTL-Logfile :


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.09.2013 17:19:08 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Antje und Michel\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 51,43% Memory free
7,50 Gb Paging File | 5,23 Gb Available in Paging File | 69,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,14 Gb Total Space | 163,97 Gb Free Space | 67,16% Space Free | Partition Type: NTFS
Drive D: | 221,62 Gb Total Space | 54,02 Gb Free Space | 24,38% Space Free | Partition Type: NTFS
 
Computer Name: DOHÄÄM | User Name: Antje und Michel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.09.12 17:17:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Antje und Michel\Downloads\OTL.exe
PRC - [2013.09.11 21:00:20 | 001,862,024 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
PRC - [2013.09.10 19:02:19 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.09.10 19:01:08 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2013.09.10 19:00:51 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.09.10 19:00:49 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.09.10 19:00:45 | 000,328,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
PRC - [2013.09.09 08:48:42 | 000,246,616 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2013.08.18 11:52:49 | 002,314,416 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013.08.18 11:52:49 | 001,643,184 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
PRC - [2013.08.18 11:52:49 | 000,161,968 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
PRC - [2013.08.14 19:55:19 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.07.26 22:30:39 | 000,168,400 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.07.26 22:30:31 | 001,558,480 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013.07.25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013.05.29 12:34:28 | 000,449,248 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2013.05.16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013.05.16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013.05.15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.02.04 18:13:54 | 000,070,832 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012.12.12 11:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2012.10.30 19:34:33 | 000,107,520 | ---- | M] () -- C:\Users\Antje und Michel\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
PRC - [2011.10.04 13:32:18 | 001,531,396 | ---- | M] (NCH Software) -- C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe
PRC - [2010.07.29 09:47:08 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009.10.15 15:11:48 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.10.15 15:11:44 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2008.06.06 12:40:00 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2008.06.04 18:59:34 | 000,090,112 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2007.02.20 06:10:26 | 000,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2006.11.15 23:12:54 | 000,064,288 | ---- | M] (Logitech Inc.) -- c:\program files (x86)\common files\logitech\lvmvfm\LVPrS64H.exe
PRC - [2006.11.15 23:01:52 | 000,244,512 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\Logitech\LComMgr\LVComSX.exe
PRC - [2006.11.15 22:58:40 | 000,746,520 | ---- | M] () -- C:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe
PRC - [2006.11.15 22:57:20 | 000,171,544 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2006.10.31 02:03:48 | 000,284,184 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\Logitech\LComMgr\Communications_Helper.exe
PRC - [2002.08.22 16:27:28 | 000,217,088 | ---- | M] (CASIO COMPUTER CO.,LTD.) -- C:\Program Files (x86)\CASIO\Photo Loader\Plauto.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.09.11 21:00:20 | 016,177,544 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
MOD - [2013.09.10 19:02:29 | 000,394,824 | ---- | M] () -- C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2013.08.18 11:52:49 | 002,314,416 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2013.08.18 11:52:49 | 000,521,904 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\log4cplusU.dll
MOD - [2013.08.18 11:52:49 | 000,144,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\SiteSafety.dll
MOD - [2013.08.14 19:55:36 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.07.05 10:47:28 | 000,607,232 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2013.05.20 12:58:08 | 000,620,718 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
MOD - [2013.05.17 10:51:16 | 000,207,872 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2013.05.16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013.05.16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2013.02.04 18:13:54 | 000,070,832 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012.04.30 11:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2011.07.07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.11.01 15:11:55 | 002,052,096 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxCmp.dll
MOD - [2010.11.01 15:11:55 | 001,339,392 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxCommon.dll
MOD - [2010.11.01 15:11:55 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxBase.dll
MOD - [2010.11.01 15:11:55 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxXML2.dll
MOD - [2010.11.01 15:11:55 | 000,770,048 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxIm.dll
MOD - [2010.11.01 15:11:55 | 000,679,936 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2010.11.01 15:11:55 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxProc.dll
MOD - [2010.11.01 15:11:55 | 000,430,080 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxFF.dll
MOD - [2010.11.01 15:11:55 | 000,232,448 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2010.11.01 15:11:55 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2010.11.01 15:11:54 | 001,564,672 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\AreaIFDLL.dll
MOD - [2010.11.01 15:11:54 | 001,035,264 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2010.11.01 15:11:54 | 000,688,128 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocVistaControls.dll
MOD - [2010.11.01 15:11:54 | 000,667,648 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2010.11.01 15:11:54 | 000,405,504 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Escom.dll
MOD - [2010.11.01 15:11:54 | 000,338,944 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Kfx.dll
MOD - [2010.11.01 15:11:54 | 000,338,944 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2010.11.01 15:11:54 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2010.11.01 15:11:54 | 000,303,104 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2010.11.01 15:11:54 | 000,246,272 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2010.11.01 15:11:54 | 000,223,744 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2010.11.01 15:11:54 | 000,171,008 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2010.11.01 15:11:54 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocESEmail.dll
MOD - [2010.11.01 15:11:54 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocVistaCDBackup.dll
MOD - [2010.11.01 15:11:54 | 000,120,832 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2010.11.01 15:11:54 | 000,115,200 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2010.11.01 15:11:54 | 000,095,744 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2010.11.01 15:11:54 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocVistaPrintOnLine.dll
MOD - [2010.11.01 15:11:54 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2010.11.01 15:11:54 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2010.11.01 15:11:54 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2010.11.01 15:11:54 | 000,077,312 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2010.11.01 15:11:54 | 000,061,952 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2010.11.01 15:11:54 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2010.11.01 15:11:54 | 000,051,712 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2010.11.01 15:11:54 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\MEshim.dll
MOD - [2010.11.01 15:11:54 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocVistaAdapter.dll
MOD - [2010.11.01 15:11:54 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2010.11.01 15:11:54 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocPCD.dll
MOD - [2009.08.21 15:45:30 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2007.02.22 03:29:00 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\AddIn\VistaPCD.cyx
MOD - [2007.02.22 03:28:08 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\AddIn\VPCD.dll
MOD - [2007.02.22 03:22:36 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\AddIn\LocVistaPCD.dll
MOD - [2006.11.15 23:00:44 | 001,078,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\QuickCam10\LAppRes.dll
MOD - [2006.11.15 22:58:40 | 000,746,520 | ---- | M] () -- C:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe
MOD - [2006.10.31 02:04:12 | 000,022,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\Logitech\LComMgr\LCMServerPS.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2010.05.07 17:34:42 | 000,036,168 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.02.10 16:05:46 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013.09.11 21:00:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.09.10 19:02:19 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.09.10 19:01:08 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.09.10 19:00:51 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.09.09 08:48:42 | 000,246,616 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013.08.18 11:52:49 | 001,643,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
SRV - [2013.08.14 19:55:29 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.07.26 22:30:39 | 000,168,400 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.02.04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.30 19:34:33 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\Antje und Michel\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2011.10.04 13:32:18 | 001,531,396 | ---- | M] (NCH Software) [Auto | Running] -- C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe -- (BroadCamService)
SRV - [2010.10.31 15:22:24 | 000,607,048 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.05.07 17:40:04 | 001,403,208 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.05.07 17:34:32 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.15 15:11:48 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.06.06 12:40:00 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2008.06.04 18:59:34 | 000,090,112 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2007.01.11 05:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)
SRV - [2006.11.15 23:14:02 | 000,171,808 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Programme\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006.11.15 23:12:42 | 000,171,808 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Programme\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.09.10 19:02:55 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.09.10 19:02:55 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.09.10 19:02:55 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.08.18 11:52:49 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.01.05 12:22:08 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012.12.13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.04.27 04:25:14 | 000,172,032 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV:64bit: - [2010.04.27 04:25:14 | 000,136,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssm_bus.sys -- (ssm_bus)
DRV:64bit: - [2010.04.27 04:25:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV:64bit: - [2010.02.10 16:24:06 | 006,368,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.02.10 16:24:06 | 006,368,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.02.10 15:11:14 | 000,188,416 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009.12.22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.11.23 10:41:48 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 03:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008.06.04 18:59:44 | 000,020,520 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PdiPorts.sys -- (PdiPorts)
DRV:64bit: - [2007.10.12 03:00:22 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007.10.12 02:56:34 | 000,582,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV561V64.sys -- (PID_0928)
DRV:64bit: - [2006.11.15 23:12:08 | 000,030,496 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV:64bit: - [2006.11.15 23:11:56 | 002,345,120 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV:64bit: - [2006.11.15 23:11:00 | 000,997,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVCKap64.sys -- (LVcKap64)
DRV - [2010.06.14 02:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2010.02.25 12:18:08 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.rtl.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7F AC DD 72 0F 79 CB 01  [binary data]
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {b106b661-3e1b-4015-af5c-195e909f35c6} - No CLSID value found
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt3&mntrId=52FD6C626D87D384&affID=119357&tsp=4985
IE - HKCU\..\SearchScopes\{2B333777-F41A-4fad-B9EC-EA361FC77813}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=2860773539&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
IE - HKCU\..\SearchScopes\{4475C40D-0A6C-4676-A6A6-8FF5B5B40E18}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROW
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={71FEC2BD-B095-4792-B29D-D7348C7A32C1}&mid=b2b78631db1647d6b423bd2b2b633a77-c5043c1e3c1ccbd0bdbe64d7ba66f8a37c98d544&lang=de&ds=AVG&pr=fr&d=2011-12-12 17:10:32&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801937&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.rtl.de/cms/index.html"
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: %7BC9B68337-E93A-44EA-94DC-CB300EC06444%7D:4.51.0
FF - prefs.js..extensions.enabledAddons: %7BEB9394A3-4AD6-4918-9537-31A1FD8E8EDF%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.6.1
FF - prefs.js..extensions.enabledAddons: crossriderapp2258%40crossrider.com:0.91.146
FF - prefs.js..extensions.enabledAddons: addon%40defaulttab.com:2.1.34
FF - prefs.js..extensions.enabledAddons: firefox%40browsefox.com:1.0.0
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40delta.com:1.5.0
FF - prefs.js..extensions.enabledAddons: %7B4340308e-3e37-4dd7-9192-8cf05ce9c9f2%7D:1.130
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: toolbar_AVIRA-V7%40apn.ask.com:20.53263
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.01.06 18:56:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.26 14:30:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.08.26 14:30:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.26 14:30:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.08.26 14:30:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}: C:\Program Files (x86)\LyriXeeker\130.xpi [2013.08.26 13:12:32 | 000,005,394 | ---- | M] ()
 
[2010.10.31 17:47:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\Extensions
[2013.09.10 19:04:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\Firefox\Profiles\w05hla8v.default\extensions
[2013.01.05 19:40:07 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\Firefox\Profiles\w05hla8v.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013.08.27 16:49:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\Firefox\Profiles\w05hla8v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.04.08 11:57:30 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\Firefox\Profiles\w05hla8v.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.04.20 12:45:46 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\Firefox\Profiles\w05hla8v.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2013.07.16 15:34:51 | 000,000,000 | ---D | M] ("I Want This") -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\Firefox\Profiles\w05hla8v.default\extensions\crossriderapp2258@crossrider.com
[2013.08.25 17:17:39 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\Firefox\Profiles\w05hla8v.default\extensions\ffxtlbr@delta.com
[2013.08.23 17:40:27 | 000,000,000 | ---D | M] (BrowseFox) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\Firefox\Profiles\w05hla8v.default\extensions\firefox@browsefox.com
[2013.07.16 15:34:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\Firefox\Profiles\w05hla8v.default\extensions\crossriderapp2258@crossrider.com\chrome\content\extensionCode
[2013.08.23 17:36:05 | 000,037,942 | ---- | M] () (No name found) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\firefox\profiles\w05hla8v.default\extensions\addon@defaulttab.com.xpi
[2013.06.19 16:33:29 | 000,613,211 | ---- | M] () (No name found) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\firefox\profiles\w05hla8v.default\extensions\toolbar@web.de.xpi
[2013.07.26 22:31:20 | 000,713,729 | ---- | M] () (No name found) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\firefox\profiles\w05hla8v.default\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
[2012.12.11 13:13:02 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\firefox\profiles\w05hla8v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.07.14 20:45:10 | 000,000,915 | ---- | M] () -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\firefox\profiles\w05hla8v.default\searchplugins\conduit.xml
[2013.08.25 17:18:14 | 000,002,501 | ---- | M] () -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\firefox\profiles\w05hla8v.default\searchplugins\google.xml
[2013.09.12 17:14:35 | 000,001,977 | ---- | M] () -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\firefox\profiles\w05hla8v.default\searchplugins\search-here.xml
[2013.08.25 17:18:11 | 000,000,633 | ---- | M] () -- C:\Users\Antje und Michel\AppData\Roaming\mozilla\firefox\profiles\w05hla8v.default\searchplugins\yahoo.xml
[2013.08.26 14:30:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.08.26 14:30:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.08.26 15:31:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.08.26 15:31:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.08.26 13:12:32 | 000,005,394 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\LYRIXEEKER\130.XPI
[2013.02.19 06:56:46 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.04.20 12:40:52 | 000,002,313 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {11111111-1111-1111-1111-110011221158} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O2 - BHO: (no name) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Antje und Michel\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files (x86)\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files (x86)\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU "C:\Users\ANTJEU~1\AppData\Local\Temp\E_S9B3.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKLM..\RunOnceEx: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Antje und Michel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Antje und Michel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E35E6C7-09ED-40FA-96F2-BD084FA82A95}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll (AVG Secure Search)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{573b196e-8265-11e1-aeb4-6c626d87d384}\Shell - "" = AutoRun
O33 - MountPoints2\{573b196e-8265-11e1-aeb4-6c626d87d384}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{b74618de-07eb-11e3-b18e-6c626d87d384}\Shell - "" = AutoRun
O33 - MountPoints2\{b74618de-07eb-11e3-b18e-6c626d87d384}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.09.12 09:55:15 | 000,000,000 | R--D | C] -- C:\Users\Antje und Michel\Saved Games
[2013.09.11 20:35:33 | 000,000,000 | ---D | C] -- C:\Users\Antje und Michel\Documents\Sony
[2013.09.10 19:05:10 | 000,081,112 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.09.10 19:04:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013.09.10 19:04:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013.09.10 19:04:13 | 000,000,000 | ---D | C] -- C:\Users\Antje und Michel\AppData\Roaming\Avira
[2013.09.10 19:04:07 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013.09.10 19:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.09.10 19:03:14 | 000,132,088 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.09.10 19:03:14 | 000,105,344 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.09.10 19:03:14 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.09.10 19:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.09.10 19:03:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.08.26 14:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.08.26 13:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyriXeeker
[2013.08.25 17:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.08.25 17:30:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.08.25 17:30:43 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013.08.25 17:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013.08.25 17:29:42 | 000,000,000 | ---D | C] -- C:\Users\Antje und Michel\AppData\Local\Programs
[2013.08.25 17:17:35 | 000,000,000 | ---D | C] -- C:\Users\Antje und Michel\AppData\Roaming\Delta
[2013.08.25 11:39:20 | 000,000,000 | ---D | C] -- C:\Users\Antje und Michel\AppData\Roaming\MetaCrawler
[2013.08.24 07:28:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.08.23 17:41:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.08.23 17:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.08.23 17:40:30 | 000,000,000 | ---D | C] -- C:\Users\Antje und Michel\AppData\Local\avgchrome
[2013.08.23 17:40:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2013.08.23 17:40:25 | 000,000,000 | ---D | C] -- C:\Users\Antje und Michel\AppData\Roaming\BabSolution
[2013.08.23 17:40:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowseFox
[2013.08.18 13:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2013.08.18 13:08:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2013.08.18 13:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013.08.18 13:01:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2013.08.18 13:01:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013.08.18 12:44:32 | 000,000,000 | ---D | C] -- C:\Users\Antje und Michel\Desktop\Xperia U 25 i
[2013.08.14 11:10:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2012.01.29 16:04:32 | 054,711,704 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Antje und Michel\AdbeRdr1012_de_DE.exe
[2011.02.23 19:59:22 | 010,110,880 | ---- | C] (Geek Software GmbH                                          ) -- C:\Users\Antje und Michel\pdf24-creator.exe
[2011.02.23 19:54:59 | 017,468,504 | ---- | C] (pdfforge GbR) -- C:\Users\Antje und Michel\PDFCreator-1_2_0_setup.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.09.12 17:13:59 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.12 17:13:59 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.12 17:06:18 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2013.09.12 17:06:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.12 17:05:57 | 3019,251,712 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.12 10:45:00 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\Dealply.job
[2013.09.12 10:00:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.12 09:54:08 | 000,416,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.11 20:34:27 | 001,507,406 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.11 20:34:27 | 000,657,660 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.09.11 20:34:27 | 000,618,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.11 20:34:27 | 000,131,032 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.09.11 20:34:27 | 000,107,256 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.11 20:00:25 | 000,000,306 | RHS- | M] () -- C:\Users\Antje und Michel\ntuser.pol
[2013.09.10 19:05:10 | 000,081,112 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.09.10 19:03:25 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.09.10 19:02:55 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.09.10 19:02:55 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.09.10 19:02:55 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.09.10 18:56:39 | 000,002,032 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013.09.09 22:53:17 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Garmin Express.lnk
[2013.09.09 22:27:12 | 000,001,190 | ---- | M] () -- C:\Users\Antje und Michel\Desktop\BaseCamp.lnk
[2013.08.26 15:31:30 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.08.25 17:30:46 | 000,001,389 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.08.23 16:31:13 | 000,000,174 | ---- | M] () -- C:\Users\Antje und Michel\Documents\cc_20130823_163058.reg
[2013.08.18 11:53:10 | 000,003,715 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2013.08.18 11:52:49 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
 
========== Files Created - No Company Name ==========
 
[2013.09.10 19:03:25 | 000,002,076 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.09.09 22:27:12 | 000,001,190 | ---- | C] () -- C:\Users\Antje und Michel\Desktop\BaseCamp.lnk
[2013.08.25 17:30:46 | 000,001,401 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.08.25 17:30:46 | 000,001,389 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.08.24 07:28:17 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.08.24 07:28:17 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.08.23 16:31:03 | 000,000,174 | ---- | C] () -- C:\Users\Antje und Michel\Documents\cc_20130823_163058.reg
[2013.08.18 13:01:42 | 000,002,032 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013.08.14 09:27:30 | 000,000,306 | RHS- | C] () -- C:\Users\Antje und Michel\ntuser.pol
[2013.05.21 17:22:19 | 000,003,715 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2011.07.13 12:57:25 | 000,008,192 | ---- | C] () -- C:\Users\Antje und Michel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.26 23:30:10 | 000,000,017 | ---- | C] () -- C:\Users\Antje und Michel\AppData\Local\resmon.resmoncfg
[2011.05.03 09:44:35 | 000,000,000 | ---- | C] () -- C:\Users\Antje und Michel\AppData\Local\prvlcl.dat
[2011.02.24 23:07:32 | 000,002,528 | ---- | C] () -- C:\Users\Antje und Michel\AppData\Roaming\$_hpcst$.hpc
[2010.12.30 23:49:07 | 011,595,264 | ---- | C] () -- C:\Users\Antje und Michel\epson324557eu.exe
[2010.12.05 20:48:37 | 000,000,387 | ---- | C] () -- C:\Users\Antje und Michel\AppData\Roaming\burnaware.ini
[2010.10.31 18:17:13 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.08.25 17:17:26 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\BabSolution
[2012.04.20 12:40:46 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\Babylon
[2010.11.06 15:31:57 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\Canneverbe Limited
[2010.11.02 10:11:15 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.02.05 22:44:13 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\DealPly
[2012.10.30 19:34:33 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\DefaultTab
[2013.08.25 17:17:35 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\Delta
[2010.10.31 18:06:54 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\DisplayTune
[2012.05.18 21:50:51 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\DVDVideoSoft
[2012.05.18 21:50:14 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.08 13:57:15 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\EPSON
[2013.03.24 17:27:33 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\Garmin
[2013.02.25 20:17:25 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\GlarySoft
[2011.08.26 17:35:58 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\Imaxel
[2010.10.31 14:56:38 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\MAGIX
[2013.08.25 11:39:20 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\MetaCrawler
[2011.04.25 22:53:23 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\ML
[2010.11.06 15:31:37 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\OpenCandy
[2011.02.24 23:07:31 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\Samsung
[2012.10.16 15:24:07 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\TuneUp Software
[2010.11.06 15:32:13 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\Uniblue
[2010.10.31 15:12:23 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\Win7codecs
[2012.06.01 09:19:07 | 000,000,000 | ---D | M] -- C:\Users\Antje und Michel\AppData\Roaming\XnView
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---



Ich bedanke mich schon mal im vorraus!

 

Themen zu ADWARE/InstallCore.Gen' + Adware/Vittalia.AB + TR/Agent.887358 Infektion !
adobe, adware/vittalia.ab, avira searchfree toolbar, browser, desktop, explorer, flash player, iminent toolbar, lyrixeeker, malware, plug-in, programm, pup.optional.dealply.a, pup.optional.defaulttab, pup.optional.defaulttab.a, pup.optional.regcleanerpro, registry, safer networking, secure search, software, temp, vtoolbarupdater, werbung, windows, xperia


« google links führen auf falsche Seiten und downloads sind nicht möglich. | Laptop öffnet sofort den Windows Start Manager und friert dann ein »


Ähnliche Themen: ADWARE/InstallCore.Gen' + Adware/Vittalia.AB + TR/Agent.887358 Infektion !


  1. Viren (APPL/RedCap (Cloud), SPR/Agent.dkb, TR/Drop.Rotbrow.K.1, ADWARE/InstallCore.Gen7 und zweimal ADWARE/BHO.Bprotector.1.4).
    Plagegeister aller Art und deren Bekämpfung - 10.05.2015 (7)
  2. Adware.Gen7 - Adware/Cherished.oia - Adware/InstallCore.Gen9 - TR/Trash.Gen bei Antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.12.2014 (13)
  3. eBay-Fake eMail mit ZIP Anhang gespeichert, Windows 7- Avira: Enthält Erkennungsmuster der Adware ADWARE/Adware.Gen
    Log-Analyse und Auswertung - 29.08.2014 (17)
  4. ADWARE/InstallCore.gen und ADWARE/InstallCore.E von Avira gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.07.2014 (7)
  5. ADWARE/InstallCore.A.536
    Plagegeister aller Art und deren Bekämpfung - 03.07.2014 (33)
  6. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  7. Adware not-a-virus:AdWare.Win32.Agent.ahbx
    Plagegeister aller Art und deren Bekämpfung - 11.12.2013 (1)
  8. Vollständiges Löschen von Maleware: ADWARE/iBryte.U und ADWARE/InstallCore.Gen
    Plagegeister aller Art und deren Bekämpfung - 03.12.2013 (11)
  9. APPL/Downloader.Gen6 [program] & ADWARE/InstallCore.DA.19 [adware] Infektion
    Plagegeister aller Art und deren Bekämpfung - 15.07.2013 (7)
  10. APPL/Downloader.Gen und ADWARE/InstallCore.E Infektion
    Log-Analyse und Auswertung - 02.07.2013 (13)
  11. Infektion durch Adware/InstallCore.E? Schlimm?
    Plagegeister aller Art und deren Bekämpfung - 11.06.2013 (9)
  12. ADWARE/InstallCore.Gen, ADWARE/Yontoo.Gen und ADWARE/InstallCore.E von AVIRA gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.04.2013 (10)
  13. adware/installcore.gen
    Plagegeister aller Art und deren Bekämpfung - 19.01.2013 (11)
  14. Adware Agent in C:\Users\xxxxx\AppData\Local\Temp\814044.Uninstall\Uninstall.exe ;Adware.Agent in C:\Users\xxxxxx\Downloads\FLV
    Log-Analyse und Auswertung - 30.12.2012 (32)
  15. ADWARE/InstallCore.Gen
    Log-Analyse und Auswertung - 19.10.2012 (39)
  16. PC von Adware.Agent.ZGen, Adware.ClickPotato, Adware.ShopperReports, Adware.Hotbar, Adwa angegriffen
    Mülltonne - 30.06.2011 (0)
  17. 5 mal Malware - u.a. : ADWARE/Adware.Gen, ADSPY/FTat.A.2, TR/Agent.95104, ...
    Log-Analyse und Auswertung - 15.01.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema ADWARE/InstallCore.Gen' + Adware/Vittalia.AB + TR/Agent.887358 Infektion ! - Hallo, Habe nach einem Antivir-Scan die oben bereits genannten Funde gemeldet bekommen. Es öffnen sich ständig Pop Up´s und auf jeder Seite werde ich mit Werbung überhäuft. Ich hoffe es - ADWARE/InstallCore.Gen' + Adware/Vittalia.AB + TR/Agent.887358 Infektion !...
Archiv
Du betrachtest: ADWARE/InstallCore.Gen' + Adware/Vittalia.AB + TR/Agent.887358 Infektion ! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131