Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Bundespolizei: Muss bezahlen um Laptop wieder richtig benutzen zu dürfen

Bundespolizei: Muss bezahlen um Laptop wieder richtig benutzen zu dürfen


Log-Analyse und Auswertung: Bundespolizei: Muss bezahlen um Laptop wieder richtig benutzen zu dürfen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 15.03.2012, 12:49   #1
sob
 
Bundespolizei: Muss bezahlen um Laptop wieder richtig benutzen zu dürfen - Standard

Bundespolizei: Muss bezahlen um Laptop wieder richtig benutzen zu dürfen


Hallo,

ich habe ebenfalls das nun mittlerweile sehr beliebte Problem. Ich soll was bezahlen, weil ich mich auf pornografische Seiten rumgetrieben habe und angeblich noch Verbindungen zu terroristischen Aktivitäten aufweiße.

OTL Logfiles:
Code:
ATTFilter
OTL logfile created on: 15.03.2012 12:39:41 - Run 1
OTL by OldTimer - Version 3.2.37.0     Folder = C:\Users\Kaya\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 66,97% Memory free
3,74 Gb Paging File | 3,19 Gb Available in Paging File | 85,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,95 Gb Total Space | 35,71 Gb Free Space | 23,97% Space Free | Partition Type: NTFS
 
Computer Name: KAYA-PC | User Name: Kaya | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Kaya\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Kaya\AppData\Roaming\Mozilla\Firefox\Profiles\2po980xu.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\components\RadioWMPCoreGecko5.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia)
DRV:64bit: - (nmwcdnsucx64) -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys (Nokia)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics, Inc.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=14672
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 80 71 01 BC 73 CC 01  [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{485070BE-39EE-40BF-B6BC-16011495F578}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ATU&o=14670&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=T8&apn_dtid=YYYYYYYYDE&apn_uid=be6ea7e3-7c68-40a3-834b-53b0e76c9622&apn_sauid=B3D2B1F8-928E-4E7F-A07A-4485B64D8011
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.ask.com/?l=dis&o=14672"
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU&o=14670&locale=de_DE&apn_uid=be6ea7e3-7c68-40a3-834b-53b0e76c9622&apn_ptnrs=T8&apn_sauid=B3D2B1F8-928E-4E7F-A07A-4485B64D8011&apn_dtid=YYYYYYYYDE&q="
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kaya\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.08.13 03:22:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.08.11 10:56:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kaya\AppData\Roaming\mozilla\Extensions
[2012.03.10 21:28:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kaya\AppData\Roaming\mozilla\Firefox\Profiles\2po980xu.default\extensions
[2012.03.10 02:18:34 | 000,000,000 | ---D | M] (BittorrentBar_DE Community Toolbar) -- C:\Users\Kaya\AppData\Roaming\mozilla\Firefox\Profiles\2po980xu.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}
[2011.08.12 21:53:56 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Kaya\AppData\Roaming\mozilla\Firefox\Profiles\2po980xu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.10 21:01:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Kaya\AppData\Roaming\mozilla\Firefox\Profiles\2po980xu.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.01.17 20:52:48 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Kaya\AppData\Roaming\mozilla\Firefox\Profiles\2po980xu.default\extensions\ffxtlbr@Facemoods.com
[2012.03.12 06:23:30 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Kaya\AppData\Roaming\mozilla\Firefox\Profiles\2po980xu.default\extensions\toolbar@ask.com
[2012.03.15 12:09:50 | 000,002,395 | ---- | M] () -- C:\Users\Kaya\AppData\Roaming\Mozilla\Firefox\Profiles\2po980xu.default\searchplugins\askcom.xml
[2011.11.24 23:03:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.11.24 23:03:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.10.31 21:21:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.07.08 08:31:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.17 20:52:49 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2011.08.10 10:59:13 | 000,000,864 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (facemoods.com)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Kaya\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [SkypeM] C:\Users\Kaya\AppData\Local\Skype\Skype.exe (Twain Working Group)
O4 - HKCU..\Run: [Smart Projects] C:\Users\Kaya\AppData\Roaming\7C3E55.exe ()
O4 - Startup: C:\Users\Kaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
F3:64bit: - HKCU WinNT: Load - (C:\Users\Kaya\LOCALS~1\Temp\mslxajnu.scr) - C:\Users\Kaya\LOCALS~1\Temp\mslxajnu.scr ()
F3 - HKCU WinNT: Load - (C:\Users\Kaya\LOCALS~1\Temp\mslxajnu.scr) - C:\Users\Kaya\LOCALS~1\Temp\mslxajnu.scr ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kaya\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kaya\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab (SysInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2871B548-A531-4B4E-8ABC-009942909604}: DhcpNameServer = 192.168.0.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F70422D6-8B7F-43B1-92C9-AE3324CA9B9D}: DhcpNameServer = 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.15 12:13:38 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\Kaya\Desktop\OTL.exe
[2012.03.13 20:31:03 | 000,000,000 | ---D | C] -- C:\Users\Kaya\Local Settings
[2012.03.10 21:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Companion
[2012.03.10 21:31:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUpMedia
[2012.03.10 21:31:30 | 000,000,000 | ---D | C] -- C:\Users\Kaya\AppData\Roaming\TuneUpMedia
[2012.03.10 21:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUpMedia
[2012.03.10 21:28:55 | 000,000,000 | ---D | C] -- C:\Users\Kaya\AppData\Roaming\OpenCandy
[2012.03.10 21:28:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
[2012.03.10 21:28:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.03.10 21:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DsNET Corp
[2012.03.10 21:25:48 | 013,844,192 | ---- | C] (DsNET Corp) -- C:\Users\Kaya\Desktop\aTube_Catcher_Setup-2.6.778.exe
[2012.03.10 21:16:32 | 000,000,000 | ---D | C] -- C:\Users\Kaya\AppData\Roaming\Jens Lorek
[2012.03.10 21:16:17 | 000,000,000 | ---D | C] -- C:\Users\Kaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TubeBox!
[2012.03.09 08:06:17 | 000,000,000 | ---D | C] -- C:\Users\Kaya\AppData\Roaming\PeaZip
[2012.03.08 22:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip
[2012.03.08 22:29:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PeaZip
[2012.03.08 22:07:05 | 004,932,057 | ---- | C] (Giorgio Tani                                                ) -- C:\Users\Kaya\Desktop\peazip-4.4.WINDOWS.exe
[2012.02.22 16:11:23 | 000,000,000 | ---D | C] -- C:\Users\Kaya\Desktop\Camera
[2012.02.16 15:31:42 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.16 15:31:42 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.16 15:31:40 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.02.16 15:31:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.16 15:31:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.16 15:31:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.16 15:31:38 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.02.16 15:31:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.02.16 15:31:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.16 15:31:37 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.02.16 15:31:36 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.02.15 13:47:15 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.02.15 13:47:10 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.02.15 13:47:10 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.02.15 13:47:04 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.15 12:13:41 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Kaya\Desktop\OTL.exe
[2012.03.15 12:08:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.15 12:08:22 | 1506,799,616 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.14 21:05:04 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3352874499-1472398077-3811153383-1000UA.job
[2012.03.14 18:17:27 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3352874499-1472398077-3811153383-1000Core.job
[2012.03.13 20:31:00 | 000,001,055 | ---- | M] () -- C:\Users\Kaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.9133048837833327.exe.lnk
[2012.03.13 20:31:00 | 000,001,049 | ---- | M] () -- C:\Users\Kaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.8380237811902.exe.lnk
[2012.03.10 21:31:56 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Companion.lnk
[2012.03.10 21:28:54 | 000,002,118 | ---- | M] () -- C:\Users\Public\Desktop\MP3 Downloader.lnk
[2012.03.10 21:28:52 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
[2012.03.10 21:26:54 | 013,844,192 | ---- | M] (DsNET Corp) -- C:\Users\Kaya\Desktop\aTube_Catcher_Setup-2.6.778.exe
[2012.03.10 13:43:20 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.10 13:43:20 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.08 22:29:57 | 000,000,983 | ---- | M] () -- C:\Users\Kaya\Desktop\PeaZip.lnk
[2012.03.08 22:09:48 | 004,932,057 | ---- | M] (Giorgio Tani                                                ) -- C:\Users\Kaya\Desktop\peazip-4.4.WINDOWS.exe
[2012.03.06 21:37:39 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.06 21:37:39 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.06 21:37:39 | 000,388,518 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2012.03.06 21:37:39 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.06 21:37:39 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2012.03.06 21:37:39 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.06 21:37:38 | 001,992,226 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.01 15:58:08 | 015,724,895 | ---- | M] () -- C:\Users\Kaya\Desktop\EMA_SHINKAN_FJ12.pdf
[2012.02.16 16:10:24 | 000,001,154 | ---- | M] () -- C:\Users\Kaya\Desktop\Mozilla Firefox.lnk
[2012.02.16 16:00:51 | 000,292,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.13 20:31:00 | 000,001,055 | ---- | C] () -- C:\Users\Kaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.9133048837833327.exe.lnk
[2012.03.13 20:31:00 | 000,001,049 | ---- | C] () -- C:\Users\Kaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.8380237811902.exe.lnk
[2012.03.10 21:31:56 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Companion.lnk
[2012.03.10 21:28:54 | 000,002,118 | ---- | C] () -- C:\Users\Public\Desktop\MP3 Downloader.lnk
[2012.03.10 21:28:52 | 000,001,190 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
[2012.03.08 22:29:57 | 000,000,983 | ---- | C] () -- C:\Users\Kaya\Desktop\PeaZip.lnk
[2012.03.01 15:58:07 | 015,724,895 | ---- | C] () -- C:\Users\Kaya\Desktop\EMA_SHINKAN_FJ12.pdf
[2012.02.16 16:10:24 | 000,001,154 | ---- | C] () -- C:\Users\Kaya\Desktop\Mozilla Firefox.lnk
[2011.10.06 15:40:54 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.06.03 12:32:42 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2011.06.03 12:32:42 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2011.06.03 12:32:42 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010.11.21 04:24:28 | 000,040,487 | -HS- | C] () -- C:\Users\Kaya\AppData\Roaming\7C3E55.exe
 
========== LOP Check ==========
 
[2012.03.14 22:32:53 | 000,000,000 | ---D | M] -- C:\Users\Kaya\AppData\Roaming\BitTorrent
[2012.01.31 15:47:36 | 000,000,000 | ---D | M] -- C:\Users\Kaya\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.08.12 21:54:51 | 000,000,000 | ---D | M] -- C:\Users\Kaya\AppData\Roaming\DVDVideoSoft
[2011.08.12 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\Kaya\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.10 21:16:32 | 000,000,000 | ---D | M] -- C:\Users\Kaya\AppData\Roaming\Jens Lorek
[2012.03.10 21:28:58 | 000,000,000 | ---D | M] -- C:\Users\Kaya\AppData\Roaming\OpenCandy
[2011.11.24 23:37:06 | 000,000,000 | ---D | M] -- C:\Users\Kaya\AppData\Roaming\OpenOffice.org
[2012.03.09 08:06:20 | 000,000,000 | ---D | M] -- C:\Users\Kaya\AppData\Roaming\PeaZip
[2012.03.12 07:57:34 | 000,000,000 | ---D | M] -- C:\Users\Kaya\AppData\Roaming\TuneUpMedia
[2012.03.14 18:17:27 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3352874499-1472398077-3811153383-1000Core.job
[2012.03.14 21:05:04 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3352874499-1472398077-3811153383-1000UA.job
[2011.12.27 13:29:10 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Extras:
Code:
ATTFilter
OTL Extras logfile created on: 15.03.2012 12:39:41 - Run 1
OTL by OldTimer - Version 3.2.37.0     Folder = C:\Users\Kaya\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 66,97% Memory free
3,74 Gb Paging File | 3,19 Gb Available in Paging File | 85,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,95 Gb Total Space | 35,71 Gb Free Space | 23,97% Space Free | Partition Type: NTFS
 
Computer Name: KAYA-PC | User Name: Kaya | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{B613A9BB-2B34-4824-A4BE-2427653D59D6}" = iTunes
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 4.4
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 4.65
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"BitTorrent" = BitTorrent
"BittorrentBar_DE Toolbar" = BittorrentBar_DE Toolbar
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"conduitEngine" = Conduit Engine 
"DCoder Image Source" = DCoder Image Source (remove only)
"DirectVobSub" = DirectVobSub (remove only)
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"facemoods" = Facemoods Toolbar
"ffdshow_is1" = ffdshow [rev 3124] [2009-11-03]
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.7.804
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"HaaliMkx" = Haali Media Splitter
"IsoBuster_is1" = IsoBuster 2.8.5
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox 5.0.1 (x86 de)" = Mozilla Firefox 5.0.1 (x86 de)
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"RealMedia" = RealMedia (remove only)
"Revo Uninstaller" = Revo Uninstaller 1.93
"SHOUTcast Source" = SHOUTcast Source (remove only)
"TuneUpMedia" = TuneUp Companion 2.4.2
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"ZoomPlayer" = Zoom Player (remove only)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 14.10.2011 17:26:33 | Computer Name = Kaya-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3391992
 
Error - 14.10.2011 17:26:33 | Computer Name = Kaya-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3391992
 
Error - 14.10.2011 17:26:34 | Computer Name = Kaya-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 14.10.2011 17:26:34 | Computer Name = Kaya-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3393006
 
Error - 14.10.2011 17:26:34 | Computer Name = Kaya-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3393006
 
Error - 14.10.2011 17:26:35 | Computer Name = Kaya-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 14.10.2011 17:26:35 | Computer Name = Kaya-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3394020
 
Error - 14.10.2011 17:26:35 | Computer Name = Kaya-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3394020
 
Error - 14.10.2011 17:26:36 | Computer Name = Kaya-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 14.10.2011 17:26:36 | Computer Name = Kaya-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3395018
 
[ System Events ]
Error - 15.03.2012 07:30:16 | Computer Name = Kaya-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 15.03.2012 07:30:16 | Computer Name = Kaya-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 15.03.2012 07:32:22 | Computer Name = Kaya-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 15.03.2012 07:32:22 | Computer Name = Kaya-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 15.03.2012 07:32:22 | Computer Name = Kaya-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 15.03.2012 07:37:22 | Computer Name = Kaya-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 15.03.2012 07:37:22 | Computer Name = Kaya-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 15.03.2012 07:37:22 | Computer Name = Kaya-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 15.03.2012 07:39:30 | Computer Name = Kaya-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 15.03.2012 07:39:30 | Computer Name = Kaya-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
 
< End of report >
Ich hoffe, dass sie mir helfen können. Kenne mich nämlich nicht so gut mit PCs aus.

 

Themen zu Bundespolizei: Muss bezahlen um Laptop wieder richtig benutzen zu dürfen
.dll, 64-bit, 7-zip, adobe flash player, autorun, avira, bho, bonjour, conduit, converter, explorer, firefox, flash player, format, google, install.exe, jdownloader, langs, limited.com/facebook, microsoft office word, mozilla, mp3, object, plug-in, programme, realtek, registry, revo uninstaller, rundll, scan, searchscopes, security, seiten, software, temp, tubebox, version=1.0, windows


« Windows ist gesperrt aus "Sicherheitsgründen" | TSTheme.exe Fehlermeldung und Kaspersky startet nicht mehr »


Ähnliche Themen: Bundespolizei: Muss bezahlen um Laptop wieder richtig benutzen zu dürfen


  1. Win8.1, 64bit ...BKA(GVU,...)-Trojaner...kann Laptop ganz normal benutzen.
    Log-Analyse und Auswertung - 25.07.2015 (13)
  2. Trojaner Bundespolizei, wie muss ich vorgehen?
    Plagegeister aller Art und deren Bekämpfung - 23.06.2013 (19)
  3. Bundespolizei 100€ per paysafecard bezahlen
    Log-Analyse und Auswertung - 11.05.2013 (16)
  4. Ich habe den Bundestrojaner und nach der Systemwiederherstellung kann ich den Laptop wieder benutzen, aber ist der Trojaner jetzt noch da?
    Log-Analyse und Auswertung - 30.08.2012 (12)
  5. Bundespolizei Virus entfernen, was muss ich tun. Vielen Dank!
    Plagegeister aller Art und deren Bekämpfung - 15.07.2012 (7)
  6. Bundespolizei-Trojaner Ukash richtig entfernt?
    Log-Analyse und Auswertung - 25.04.2012 (2)
  7. Windows muss aus Sicherheitsgründen blockiert werden - bezahlen&freischalten
    Plagegeister aller Art und deren Bekämpfung - 08.03.2012 (43)
  8. 50 Euro bezahlen, dass Windows wieder geht.
    Log-Analyse und Auswertung - 22.02.2012 (11)
  9. Trojaner, Windows 7 gesperrt, muss laut Bundeskriminalamt Geld bezahlen
    Log-Analyse und Auswertung - 19.02.2012 (21)
  10. Windows 7 gesperrt muss 100€ bezahlen
    Plagegeister aller Art und deren Bekämpfung - 06.02.2012 (3)
  11. Virus/Trojaner Ich muss 50€ bezahlen
    Log-Analyse und Auswertung - 22.01.2012 (22)
  12. Auf Bildschirm steht Bundespolizei... ich solle 100 euro bezahlen um Pc wieder zu nutzen
    Log-Analyse und Auswertung - 20.12.2011 (1)
  13. schon wieder UkashTrojaner Bundespolizei Laptop XP
    Plagegeister aller Art und deren Bekämpfung - 09.08.2011 (1)
  14. Bundespolizei Virus und keine Ahnung wie ich jetzt vorgehen muss
    Plagegeister aller Art und deren Bekämpfung - 29.07.2011 (70)
  15. Laptop zuklappen + externen Bildschirm benutzen
    Netzwerk und Hardware - 07.05.2011 (6)
  16. !!! Ein neues Laptop muss her !!!
    Netzwerk und Hardware - 12.02.2009 (1)
  17. Beim Start erschein msdp_ex läuft nicht richtig und muss geschlossen werden
    Mülltonne - 26.10.2008 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bundespolizei: Muss bezahlen um Laptop wieder richtig benutzen zu dürfen - Hallo, ich habe ebenfalls das nun mittlerweile sehr beliebte Problem. Ich soll was bezahlen, weil ich mich auf pornografische Seiten rumgetrieben habe und angeblich noch Verbindungen zu terroristischen Aktivitäten aufweiße. - Bundespolizei: Muss bezahlen um Laptop wieder richtig benutzen zu dürfen...
Archiv
Du betrachtest: Bundespolizei: Muss bezahlen um Laptop wieder richtig benutzen zu dürfen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131