Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Systemsperrung aufgrund Illegaler aktivitäten 100€ Zahlung

Systemsperrung aufgrund Illegaler aktivitäten 100€ Zahlung


Log-Analyse und Auswertung: Systemsperrung aufgrund Illegaler aktivitäten 100€ Zahlung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 23.07.2012, 10:05   #1
Labasu
 
Systemsperrung aufgrund Illegaler aktivitäten 100€ Zahlung - Standard

Systemsperrung aufgrund Illegaler aktivitäten 100€ Zahlung


Guten Tag!

Habe mir diesen heute schon öfters beschriebenen Trojaner eingefangen!

Beschreibung: Wenn ich eine Verbindung mit dem Internet aufbaue bekomme ich die Meldung: " Betriebssystem gesperrt wegen Krimineller Aktivität 100€ Zahlung zum wiederherstellen"
Ich kann bei dieser Meldung nichts mehr machen ausser Codes für PSC eingeben!

Bis jz habe ich da ich gesehen hab das es ein Fehler von ActiveX Windows Live war deren ganze Programme deinstalliert das half nichts!

Ich habe mir eure Regeln gut durchgelesen und hoffe ich mach das hier richtig Q_Q

OTL logfile created on: 23.07.2012 10:53:21 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Labasu\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

15,98 Gb Total Physical Memory | 13,75 Gb Available Physical Memory | 86,06% Memory free
31,95 Gb Paging File | 29,74 Gb Available in Paging File | 93,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1811,92 Gb Total Space | 1446,15 Gb Free Space | 79,81% Space Free | Partition Type: NTFS
Drive D: | 50,00 Gb Total Space | 31,08 Gb Free Space | 62,17% Space Free | Partition Type: NTFS
Drive F: | 1,88 Gb Total Space | 1,84 Gb Free Space | 97,98% Space Free | Partition Type: FAT

Computer Name: LABASU-PC | User Name: Labasu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.07.23 10:50:50 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Labasu\Desktop\OTL.exe
PRC - [2012.07.23 07:07:44 | 000,061,440 | ---- | M] () -- C:\Users\Labasu\AppData\Local\Temp\rgnygtgcuex.exe
PRC - [2012.07.09 19:29:34 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012.07.09 19:29:34 | 000,935,008 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
PRC - [2012.05.26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Labasu\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.05.08 16:40:54 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 16:40:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 16:40:54 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.04.03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.01.26 01:37:15 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.08.17 12:04:36 | 000,247,872 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.05.20 19:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.04.15 03:17:18 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011.03.11 14:08:32 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.03.11 14:08:31 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.02 23:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.11.12 16:11:46 | 000,145,224 | ---- | M] (H+H Software GmbH) -- C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
PRC - [2009.11.12 16:11:40 | 000,383,304 | ---- | M] (H+H Software GmbH) -- C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
PRC - [2009.09.18 18:02:30 | 001,708,032 | ---- | M] (D-Link Corp.) -- C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe
PRC - [2009.08.21 10:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\Windows\SysWOW64\ANIWConnService.exe


========== Modules (No Company Name) ==========

MOD - [2012.07.23 07:07:44 | 000,061,440 | ---- | M] () -- C:\Users\Labasu\AppData\Local\Temp\rgnygtgcuex.exe
MOD - [2012.07.09 19:29:35 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012.07.09 19:29:34 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012.06.15 04:55:14 | 000,434,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8a6ad5961be0d5083c33ed030fb088c7\IAStorUtil.ni.dll
MOD - [2012.06.15 04:46:59 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.15 04:46:53 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.05.11 04:39:02 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.11 04:28:20 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.11 03:48:00 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.11 03:47:46 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.11 03:47:43 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.01.26 01:37:15 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
MOD - [2011.05.16 16:03:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.07 19:50:04 | 000,258,048 | ---- | M] () -- C:\Windows\SysWOW64\wlanapp.dll
MOD - [2009.06.01 15:23:24 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\ANIOApi.dll
MOD - [2009.06.01 15:23:24 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\ANI\ANIWZCS2 Service\ANIOApi.dll
MOD - [2008.08.18 15:11:24 | 001,237,504 | ---- | M] () -- C:\Program Files (x86)\Virtual CD v10\System\vorbis.dll
MOD - [2008.08.18 15:08:10 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Virtual CD v10\System\ogg.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.11.23 15:17:26 | 000,094,992 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2011.11.21 16:10:10 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012.07.15 21:30:33 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) @C:\Program Files (x86)
SRV - [2012.07.12 14:22:24 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.10 19:48:07 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012.07.09 19:29:34 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012.06.16 17:28:37 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.08 16:40:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 16:40:54 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.04.03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.01.26 01:37:15 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2011.11.21 16:12:56 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.11.21 16:10:04 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.17 12:04:36 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.05.20 19:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011.03.11 14:08:32 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011.03.11 14:08:31 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.11.02 23:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.11.12 16:11:46 | 000,145,224 | ---- | M] (H+H Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe -- (VC10SecS)
SRV - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ANIWConnService.exe -- (ANIWConnService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.05.08 16:40:55 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 16:40:55 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.24 03:01:28 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012.03.24 03:01:27 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.01 17:20:45 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2011.11.23 15:17:24 | 000,158,336 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2011.11.10 18:32:02 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.16 17:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.07.28 18:20:08 | 000,209,408 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.07.28 18:20:06 | 000,092,672 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.07.08 01:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.06.10 14:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.20 18:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.11 14:08:31 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.25 15:59:00 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.09.23 22:03:06 | 000,129,008 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2010.08.19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.06.09 17:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2010.06.09 17:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010.04.22 19:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009.11.09 10:55:36 | 000,220,696 | ---- | M] (H+H Software GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vdrv1000.sys -- (vdrv1000)
DRV:64bit: - [2009.11.02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.08.05 22:59:48 | 000,987,648 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dnetr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 10:24:30 | 000,024,088 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HH10Help.sys -- (HH10Help.sys)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.06 19:10:10 | 000,015,872 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\anodlwfx.sys -- (anodlwf)
DRV:64bit: - [2008.06.17 08:22:24 | 000,040,464 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcd10bus.sys -- (vcd10bus)
DRV - [2012.07.12 15:33:54 | 000,018,048 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.10.14 07:24:44 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.funmoods.com/?f=1&a=nv1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{24C6541F-61B5-47A2-94F5-3177456FBB24}: "URL" = hxxp://start.funmoods.com/results.php?f=4&a=nv1&q={searchTerms}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{7D606411-4F39-4789-9A4C-BB011D91FDBF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_enDE393
IE - HKCU\..\SearchScopes\{85AF8E74-3A83-4C2C-963F-F3F5A584C5A8}: "URL" = hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={DF015412-EBBC-469C-891E-52AFE4F608A7}&mid=c13c1e90bd9a47d0bf7219d59acaf9dc-c2dd0ca674a236917ef541232f14441249212182&lang=en&ds=ft011&pr=sa&d=2012-04-21 09:57:25&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{D9E6169C-4E85-4E7F-8343-39A4C86F040A}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=YYYYYYYYAT&apn_uid=2F464C0F-B54D-4154-8487-750EAC33A190&apn_sauid=9823CB10-458E-420B-8187-A85AECF28AA6
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "https://www.google.at/"
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru [2011.12.01 18:14:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru [2011.12.01 18:14:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru [2011.12.01 18:14:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@installdaddy.com: C:\Program Files (x86)\fbphotozoom\fbphotozoom13.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012.07.09 19:29:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.16 17:28:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.16 17:28:37 | 000,000,000 | ---D | M]

[2011.12.01 18:05:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Labasu\AppData\Roaming\mozilla\Extensions
[2012.07.13 00:22:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Labasu\AppData\Roaming\mozilla\Firefox\Profiles\hqt996ux.default\extensions
[2012.04.08 12:46:28 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Labasu\AppData\Roaming\mozilla\Firefox\Profiles\hqt996ux.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2012.07.03 07:17:50 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Labasu\AppData\Roaming\mozilla\Firefox\Profiles\hqt996ux.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.07.03 07:11:00 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- C:\Users\Labasu\AppData\Roaming\mozilla\Firefox\Profiles\hqt996ux.default\extensions\zigboom@ymail.com
[2012.04.20 23:42:36 | 000,002,408 | ---- | M] () -- C:\Users\Labasu\AppData\Roaming\Mozilla\Firefox\Profiles\hqt996ux.default\searchplugins\askcom.xml
[2012.03.12 20:44:30 | 000,001,797 | ---- | M] () -- C:\Users\Labasu\AppData\Roaming\Mozilla\Firefox\Profiles\hqt996ux.default\searchplugins\funmoods.xml
[2012.07.10 00:27:14 | 000,001,056 | ---- | M] () -- C:\Users\Labasu\AppData\Roaming\Mozilla\Firefox\Profiles\hqt996ux.default\searchplugins\icqplugin.xml
[2012.04.25 10:08:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.03.05 20:40:16 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.13 00:22:19 | 000,709,293 | ---- | M] () (No name found) -- C:\USERS\LABASU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HQT996UX.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2012.06.16 17:28:37 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.08 00:47:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.09 19:29:34 | 000,003,769 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.01.08 00:47:52 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.08 00:47:52 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.08 00:47:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.08 00:47:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.08 00:47:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://www.google.com
CHR - Extension: No name found = C:\Users\Labasu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe (D-Link Corp.)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [VC10Player] C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe (H+H Software GmbH)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [] C:\Users\Labasu\AppData\Local\Temp\rgnygtgcuex.exe ()
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Labasu\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9:64bit: - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
O9 - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{072655FE-E572-402F-B11F-470E7CEF20C9}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.07.23 10:52:53 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Labasu\Desktop\mbam-setup-1.62.0.1300.exe
[2012.07.23 10:52:53 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Labasu\Desktop\OTL.exe
[2012.07.23 09:26:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.07.17 12:16:14 | 000,000,000 | ---D | C] -- C:\Users\Labasu\Desktop\FairyTale
[2012.07.15 21:25:48 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.07.15 21:25:44 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012.07.15 21:25:44 | 000,030,016 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012.07.15 21:25:44 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.07.15 21:25:44 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.07.15 21:25:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities
[2012.07.15 21:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2010
[2012.07.15 21:25:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2012.07.14 20:56:32 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
[2012.07.14 02:52:02 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Local\Spotify
[2012.07.14 02:51:09 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Roaming\Spotify
[2012.07.13 20:53:37 | 000,000,000 | ---D | C] -- C:\Users\Labasu\Documents\gegl-0.0
[2012.07.13 02:23:38 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Roaming\pokerth
[2012.07.13 02:02:55 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Roaming\UAs
[2012.07.13 00:42:34 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Roaming\xmldm
[2012.07.13 00:42:33 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Roaming\kock
[2012.07.11 20:26:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.07.06 21:31:11 | 000,000,000 | ---D | C] -- C:\ProgramData\dvdfab
[2012.07.06 21:27:21 | 000,000,000 | ---D | C] -- C:\Users\Labasu\Documents\DVDFab
[2012.07.06 21:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt
[2012.07.06 21:27:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab 8 Qt
[2012.07.06 21:24:07 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.07.06 21:24:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2012.07.06 16:18:36 | 000,220,696 | ---- | C] (H+H Software GmbH) -- C:\Windows\SysNative\drivers\vdrv1000.sys
[2012.07.06 16:18:36 | 000,024,088 | ---- | C] (H+H Software GmbH) -- C:\Windows\SysNative\drivers\HH10Help.sys
[2012.07.06 16:18:34 | 000,000,000 | --SD | C] -- C:\Users\Labasu\AppData\Roaming\Virtual CD v10
[2012.07.06 16:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual CD v10
[2012.07.06 16:18:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Virtual CD v10
[2012.07.06 16:17:55 | 000,040,464 | ---- | C] (H+H Software GmbH) -- C:\Windows\SysNative\drivers\vcd10bus.sys
[2012.07.06 15:59:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.07.06 15:53:53 | 000,000,000 | -H-D | C] -- C:\Users\Labasu\Documents\Freemake_do_not_remove_this_folder
[2012.07.06 15:43:57 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Roaming\TuneUp Software
[2012.07.06 15:43:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.07.06 15:43:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.07.06 15:42:08 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Roaming\OpenCandy
[2012.07.06 15:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2012.07.06 15:25:28 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Roaming\AVS4YOU
[2012.07.06 15:24:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2012.07.06 15:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2012.07.03 23:50:22 | 000,000,000 | ---D | C] -- C:\Users\Labasu\dwhelper
[2012.07.02 18:28:38 | 000,000,000 | ---D | C] -- C:\Users\Labasu\AppData\Local\Macromedia
[7 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.07.23 10:52:00 | 000,000,000 | ---- | M] () -- C:\Users\Labasu\defogger_reenable
[2012.07.23 10:50:50 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Labasu\Desktop\OTL.exe
[2012.07.23 10:50:03 | 001,318,344 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.23 10:50:03 | 000,581,614 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.23 10:50:03 | 000,551,096 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.23 10:50:03 | 000,108,788 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.23 10:50:03 | 000,088,722 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.23 10:46:54 | 000,050,477 | ---- | M] () -- C:\Users\Labasu\Desktop\Defogger.exe
[2012.07.23 10:38:36 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Labasu\Desktop\mbam-setup-1.62.0.1300.exe
[2012.07.23 10:26:22 | 000,000,454 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Labasu.job
[2012.07.23 10:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.23 10:15:31 | 000,017,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.23 10:15:31 | 000,017,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.23 10:08:09 | 000,001,151 | ---- | M] () -- C:\Users\Labasu\Desktop\Wechseldatenträger (F) 1,83 GB.lnk
[2012.07.23 10:07:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.23 10:07:28 | 4276,228,094 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.23 09:57:27 | 000,003,284 | ---- | M] () -- C:\Windows\SysWow64\ANIWZCS{072655FE-E572-402F-B11F-470E7CEF20C9}
[2012.07.23 09:57:27 | 000,003,284 | ---- | M] () -- C:\Users\Labasu\AppData\Roaming\ANIWZCS{072655FE-E572-402F-B11F-470E7CEF20C9}
[2012.07.23 09:45:56 | 000,000,646 | ---- | M] () -- C:\Users\Labasu\Labasu - Verknüpfung.lnk
[2012.07.23 09:20:49 | 000,002,416 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012.07.22 16:58:57 | 000,102,593 | ---- | M] () -- C:\Users\Labasu\Desktop\FxCam_1342794874513.jpg
[2012.07.22 16:57:31 | 002,886,076 | ---- | M] () -- C:\Users\Labasu\Desktop\20120722_035102.jpg
[2012.07.22 05:08:17 | 000,833,331 | ---- | M] () -- C:\Users\Labasu\Desktop\Unbenannt.jpg
[2012.07.22 05:08:17 | 000,045,037 | ---- | M] () -- C:\Users\Labasu\.recently-used.xbel
[2012.07.19 16:33:22 | 000,021,172 | -HS- | M] () -- C:\Users\Labasu\Desktop\Folder.jpg
[2012.07.19 16:33:22 | 000,005,916 | -HS- | M] () -- C:\Users\Labasu\Desktop\AlbumArtSmall.jpg
[2012.07.15 21:30:32 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.07.15 21:30:32 | 000,002,169 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2012.07.14 02:52:02 | 000,001,776 | ---- | M] () -- C:\Users\Labasu\Desktop\Spotify.lnk
[2012.07.13 02:03:04 | 000,000,083 | ---- | M] () -- C:\Users\Labasu\AppData\Roaming\urhtps.dat
[2012.07.13 02:01:24 | 000,000,057 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2012.07.13 02:00:14 | 000,284,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.12 15:33:54 | 000,018,048 | ---- | M] () -- C:\Windows\SysWow64\drivers\lirsgt.sys
[2012.07.06 21:27:41 | 000,000,017 | ---- | M] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012.07.06 21:27:19 | 000,001,020 | ---- | M] () -- C:\Users\Labasu\Desktop\DVDFab 8 Qt.lnk
[2012.07.06 21:24:07 | 000,001,889 | ---- | M] () -- C:\Users\Labasu\Desktop\CCleaner.lnk
[2012.07.06 16:18:34 | 000,002,081 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CD v10.lnk
[2012.07.06 15:59:43 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.07.06 13:42:54 | 000,000,540 | ---- | M] () -- C:\Users\Labasu\AppData\Roaming\AutoGK.ini
[7 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.07.23 10:52:53 | 000,050,477 | ---- | C] () -- C:\Users\Labasu\Desktop\Defogger.exe
[2012.07.23 10:52:00 | 000,000,000 | ---- | C] () -- C:\Users\Labasu\defogger_reenable
[2012.07.23 10:08:09 | 000,001,151 | ---- | C] () -- C:\Users\Labasu\Desktop\Wechseldatenträger (F) 1,83 GB.lnk
[2012.07.23 09:45:56 | 000,000,646 | ---- | C] () -- C:\Users\Labasu\Labasu - Verknüpfung.lnk
[2012.07.22 16:58:41 | 000,102,593 | ---- | C] () -- C:\Users\Labasu\Desktop\FxCam_1342794874513.jpg
[2012.07.22 16:56:43 | 002,886,076 | ---- | C] () -- C:\Users\Labasu\Desktop\20120722_035102.jpg
[2012.07.22 05:08:17 | 000,833,331 | ---- | C] () -- C:\Users\Labasu\Desktop\Unbenannt.jpg
[2012.07.22 05:08:17 | 000,045,037 | ---- | C] () -- C:\Users\Labasu\.recently-used.xbel
[2012.07.19 16:14:54 | 000,021,172 | -HS- | C] () -- C:\Users\Labasu\Desktop\Folder.jpg
[2012.07.19 16:14:54 | 000,005,916 | -HS- | C] () -- C:\Users\Labasu\Desktop\AlbumArtSmall.jpg
[2012.07.15 21:25:38 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.07.15 21:25:38 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2012.07.15 21:25:36 | 000,002,181 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities.lnk
[2012.07.14 02:52:02 | 000,001,776 | ---- | C] () -- C:\Users\Labasu\Desktop\Spotify.lnk
[2012.07.14 02:52:02 | 000,001,762 | ---- | C] () -- C:\Users\Labasu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012.07.13 01:55:36 | 000,000,083 | ---- | C] () -- C:\Users\Labasu\AppData\Roaming\urhtps.dat
[2012.07.13 01:00:38 | 000,438,272 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2012.07.12 15:30:33 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\lirsgt.sys
[2012.07.06 21:27:41 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012.07.06 21:27:19 | 000,001,020 | ---- | C] () -- C:\Users\Labasu\Desktop\DVDFab 8 Qt.lnk
[2012.07.06 21:24:07 | 000,001,889 | ---- | C] () -- C:\Users\Labasu\Desktop\CCleaner.lnk
[2012.07.06 16:18:34 | 000,002,081 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CD v10.lnk
[2012.07.06 15:59:43 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.07.06 13:42:54 | 000,000,540 | ---- | C] () -- C:\Users\Labasu\AppData\Roaming\AutoGK.ini
[2012.06.06 00:14:07 | 000,001,595 | ---- | C] () -- C:\Users\Labasu\.ucon64rc
[2012.02.19 13:52:07 | 000,000,060 | ---- | C] () -- C:\Windows\popcinfo.dat
[2012.02.17 07:05:25 | 001,435,292 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.25 03:17:01 | 000,002,416 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011.12.01 19:27:23 | 000,003,284 | ---- | C] () -- C:\Users\Labasu\AppData\Roaming\ANIWZCS{072655FE-E572-402F-B11F-470E7CEF20C9}
[2011.12.01 17:56:45 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\ANIWConnService.exe
[2011.12.01 17:55:32 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\wlanapp.dll
[2011.12.01 17:55:32 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\aIPH.dll
[2011.12.01 17:55:32 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AQCKGen.dll
[2011.12.01 17:55:32 | 000,045,115 | ---- | C] () -- C:\Windows\SysWow64\ANICtl.dll
[2011.12.01 17:55:09 | 000,315,392 | ---- | C] () -- C:\Windows\SysWow64\ANIOApi.dll
[2011.12.01 17:53:26 | 000,733,184 | ---- | C] () -- C:\Windows\SysWow64\ANIOWPS.dll
[2011.12.01 17:53:26 | 000,302,080 | ---- | C] () -- C:\Windows\lwd.exe
[2011.12.01 17:53:26 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\ANIWPS.exe
[2011.12.01 17:52:35 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\rt73.bin

========== LOP Check ==========

[2011.12.01 19:01:26 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\Acreon
[2012.07.22 05:08:17 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\gtk-2.0
[2012.07.13 02:03:01 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\ICQ
[2012.07.13 00:42:33 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\kock
[2012.05.09 10:41:40 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\MotioninJoy
[2012.07.06 15:42:08 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\OpenCandy
[2012.07.13 02:23:38 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\pokerth
[2012.07.23 08:32:14 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\SoftGrid Client
[2012.07.23 09:57:05 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\Spotify
[2012.02.17 07:06:26 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\TP
[2012.01.15 01:52:29 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\TS3Client
[2011.12.01 21:04:25 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\ts3overlay
[2012.07.15 21:25:30 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\TuneUp Software
[2012.07.13 02:02:59 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\UAs
[2012.07.23 09:36:08 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\uTorrent
[2012.07.06 16:19:40 | 000,000,000 | --SD | M] -- C:\Users\Labasu\AppData\Roaming\Virtual CD v10
[2012.02.08 18:54:24 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\VoipBuster
[2012.07.13 02:02:59 | 000,000,000 | ---D | M] -- C:\Users\Labasu\AppData\Roaming\xmldm
[2012.05.29 14:05:45 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >




OTL Extras logfile created on: 23.07.2012 10:53:21 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Labasu\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

15,98 Gb Total Physical Memory | 13,75 Gb Available Physical Memory | 86,06% Memory free
31,95 Gb Paging File | 29,74 Gb Available in Paging File | 93,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1811,92 Gb Total Space | 1446,15 Gb Free Space | 79,81% Space Free | Partition Type: NTFS
Drive D: | 50,00 Gb Total Space | 31,08 Gb Free Space | 62,17% Space Free | Partition Type: NTFS
Drive F: | 1,88 Gb Total Space | 1,84 Gb Free Space | 97,98% Space Free | Partition Type: FAT

Computer Name: LABASU-PC | User Name: Labasu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D71038-71F2-4530-9310-8D65CC6EAB4E}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{07418B52-F82B-4048-8FC6-8A58D344A2A6}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{1E7B18A8-441D-4640-80FA-F2F9E57B10B7}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{31D1E8B2-9A02-4FB1-9288-81F694F737CA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3B514802-D02D-4375-9D0A-7312139FC3DA}" = protocol=17 | dir=in | app=c:\users\labasu\appdata\local\akamai\netsession_win.exe |
"{5858B59B-2D5C-4A81-8481-A25F7B2AC140}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{5D3B5FFC-9239-4C82-B068-501272A3724E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{8A73CD91-AFF6-474C-8E86-CDA23179F579}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{AB1A5ED4-87C3-4BCB-82F2-4C285B936E6E}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{BC3B71B4-A783-4BBD-B9E1-B08615E7F4D3}" = protocol=6 | dir=in | app=c:\users\labasu\appdata\local\akamai\netsession_win.exe |
"{D9DDC0B3-021E-4553-ABF4-B168AE2D7BF8}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"TCP Query User{463F16C7-02E4-4884-A119-25DE487623C1}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{A453B499-2B46-4E7B-8D38-2313069768A6}C:\users\labasu\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\labasu\appdata\roaming\spotify\spotify.exe |
"TCP Query User{B5DC89D9-8D8A-4722-8C33-3F0835BC603B}C:\users\labasu\appdata\local\radiosure\radiosure.exe" = protocol=6 | dir=in | app=c:\users\labasu\appdata\local\radiosure\radiosure.exe |
"UDP Query User{11E4F484-BA8D-45A8-ACD5-722A755F9B43}C:\users\labasu\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\labasu\appdata\roaming\spotify\spotify.exe |
"UDP Query User{7B12C2CE-3FCE-4ECA-AE48-08F3EB073148}C:\users\labasu\appdata\local\radiosure\radiosure.exe" = protocol=17 | dir=in | app=c:\users\labasu\appdata\local\radiosure\radiosure.exe |
"UDP Query User{93A86D3A-F8F5-4963-8803-4CC0D4E6CE8A}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy DS3 driver version 0.6.0005
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"Sandboxie" = Sandboxie 3.62 (64-bit)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1" = SWF Opener
"{10C51313-A308-4B40-90E3-B368D5882660}" = Virtual CD v10
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5F753314-628E-4C13-B8AE-BFA7FD514CBE}" = D-Link Wireless G DWL-G122_DWA-110
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DB52C99-EC51-4173-93C5-298769170CB0}" = Audition
"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface
"AVG Secure Search" = AVG Security Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner (remove only)
"DVDFab 8 Qt_is1" = DVDFab 8.1.9.0 (06/07/2012) Qt
"Fraps" = Fraps (remove only)
"Guard.Mail.ru" = Guard.ICQ
"ICQToolbar" = ICQ Toolbar
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NSS" = Norton Security Scan
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"TuneUp Utilities" = TuneUp Utilities
"VLC media player" = VLC media player 2.0.2
"WinGimp-2.0_is1" = GIMP 2.6.7

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"RadioSure" = RadioSure
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 23.07.2012 03:25:37 | Computer Name = Labasu-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Windows Search" konnte nicht heruntergefahren
werden.

Error - 23.07.2012 03:25:48 | Computer Name = Labasu-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 750 Startzeit: 01cd68a3d965a851 Endzeit: 6 Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID:
9a8fe5ce-d497-11e1-abf5-c89cdc2e102f

Error - 23.07.2012 03:33:05 | Computer Name = Labasu-PC | Source = Windows Search Service | ID = 1019
Description =

Error - 23.07.2012 03:33:14 | Computer Name = Labasu-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 23.07.2012 03:33:18 | Computer Name = Labasu-PC | Source = Windows Search Service | ID = 1019
Description =

Error - 23.07.2012 03:34:26 | Computer Name = Labasu-PC | Source = Windows Search Service | ID = 1019
Description =

Error - 23.07.2012 03:47:18 | Computer Name = Labasu-PC | Source = Windows Search Service | ID = 1019
Description =

Error - 23.07.2012 03:49:24 | Computer Name = Labasu-PC | Source = Windows Search Service | ID = 1019
Description =

Error - 23.07.2012 04:05:11 | Computer Name = Labasu-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 23.07.2012 04:18:18 | Computer Name = Labasu-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:

[ System Events ]
Error - 23.07.2012 03:22:26 | Computer Name = Labasu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error - 23.07.2012 03:25:15 | Computer Name = Labasu-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.

Error - 23.07.2012 03:42:02 | Computer Name = Labasu-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 23.07.2012 03:42:02 | Computer Name = Labasu-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 23.07.2012 03:54:58 | Computer Name = Labasu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error - 23.07.2012 03:54:59 | Computer Name = Labasu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error - 23.07.2012 03:57:19 | Computer Name = Labasu-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.

Error - 23.07.2012 04:08:07 | Computer Name = Labasu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error - 23.07.2012 04:08:07 | Computer Name = Labasu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error - 23.07.2012 04:10:27 | Computer Name = Labasu-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.


< End of report >

 

Themen zu Systemsperrung aufgrund Illegaler aktivitäten 100€ Zahlung
akamai, antivir, avg secure search, avg security toolbar, avira, bho, cid, error, failed, fehler, firefox, flash player, home, iexplore.exe, install.exe, kaspersky, logfile, microsoft office starter 2010, mozilla, nvidia update, plug-in, realtek, registry, scan, searchscopes, secure search, security, software, tastatur, teamspeak, trojaner, usb, usb 3.0, vtoolbarupdater, windows, zahlung


« GVU-Trojaner - Ordner gesperrt | GVU-Trojaner 2.07 »


Ähnliche Themen: Systemsperrung aufgrund Illegaler aktivitäten 100€ Zahlung


  1. iOS: Vorwurf Nutzung illegaler Seiten mit PaySafeCard bezahlen
    Smartphone, Tablet & Handy Security - 30.06.2015 (2)
  2. Frage zu illegaler Software
    Alles rund um Windows - 11.10.2014 (30)
  3. Neuinstallation (illegaler) WinVistaHome Version mit orginal Key
    Alles rund um Windows - 04.04.2013 (13)
  4. 100 Euro wegen angeblicher illegaler Sachen bezahlen
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (14)
  5. Bezahlen bei UCash wegen illegaler Dateien!
    Plagegeister aller Art und deren Bekämpfung - 01.08.2012 (3)
  6. Aufforderung einer Zahlung von 50euro aufgrund des Polizeivirus(Trojaner)
    Log-Analyse und Auswertung - 16.04.2012 (2)
  7. 50€ Trojaner Systemsperrung
    Log-Analyse und Auswertung - 19.03.2012 (3)
  8. Bericht: Illegaler Handel mit Rezeptdaten
    Nachrichten - 13.02.2012 (0)
  9. 100-Euro-wegen-illegaler-Windows-Version
    Plagegeister aller Art und deren Bekämpfung - 11.02.2012 (8)
  10. Windows XP Systemsperrung mit Zahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 22.12.2011 (18)
  11. Windows XP Systemsperrung mit ZahlungsaufforderungIch
    Log-Analyse und Auswertung - 21.12.2011 (3)
  12. Initiative gegen Online-Vertrieb illegaler Medikamente
    Nachrichten - 18.12.2010 (0)
  13. Seltsame Aktivitäten
    Log-Analyse und Auswertung - 24.03.2009 (1)
  14. aktivitäten bei abwesenheit
    Überwachung, Datenschutz und Spam - 02.10.2008 (1)
  15. Verdächtige PC-Aktivitäten??
    Log-Analyse und Auswertung - 10.10.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Systemsperrung aufgrund Illegaler aktivitäten 100€ Zahlung - Guten Tag! Habe mir diesen heute schon öfters beschriebenen Trojaner eingefangen! Beschreibung: Wenn ich eine Verbindung mit dem Internet aufbaue bekomme ich die Meldung: " Betriebssystem gesperrt wegen Krimineller Aktivität - Systemsperrung aufgrund Illegaler aktivitäten 100€ Zahlung...
Archiv
Du betrachtest: Systemsperrung aufgrund Illegaler aktivitäten 100€ Zahlung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19