Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt."

GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt."


Log-Analyse und Auswertung: GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt."

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 30.08.2012, 20:10   #1
rapish
 
GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt." - Standard

GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt."


habe ebenfalls das problem .. :-/

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.08.2012 21:03:29 - Run 3
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Gast\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,58% Memory free
5,98 Gb Paging File | 4,77 Gb Available in Paging File | 79,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 900,41 Gb Total Space | 706,04 Gb Free Space | 78,41% Space Free | Partition Type: NTFS
Drive D: | 30,00 Gb Total Space | 22,02 Gb Free Space | 73,41% Space Free | Partition Type: NTFS
Drive E: | 6,33 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 232,88 Gb Total Space | 198,50 Gb Free Space | 85,23% Space Free | Partition Type: NTFS
 
Computer Name: SATURN-PC | User Name: saturn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\Gast\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\635b3aec298ad5e8c903b2323d79cc5a\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3748.36963__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3748.36959__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3748.36878__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3748.36942__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3748.36851__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3748.36900__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3748.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3748.36892__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3748.36850__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3748.36850__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Dashboard\2.0.3748.36965__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3748.36877__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3748.36892__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3748.36883__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3748.36941__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3748.36907__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3748.36836__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3748.36886__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3748.36931__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3748.36891__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3748.36875__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3748.36843__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3748.36883__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3748.36855__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Runtime\2.0.3748.36965__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3748.36963__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3748.36957__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3748.36871__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3748.36819__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3748.36816__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3748.36867__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3748.36907__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3748.36941__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3748.36891__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3748.36847__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3748.36929__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3748.36877__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3748.36936__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3748.36886__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3748.36884__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3748.36815__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3748.36923__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3748.36847__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3748.36818__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3748.36882__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3748.36818__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3748.36825__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3748.36817__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3748.36843__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3748.36836__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3748.36816__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3748.36929__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3748.36820__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3748.36817__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3748.36824__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3748.36822__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3748.36817__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3748.36825__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3748.36928__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3748.36822__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3748.36821__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3748.36819__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3748.36820__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3748.36936__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3748.36826__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3748.36821__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3748.36832__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3748.36917__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3748.36843__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3748.36923__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3748.36921__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3748.36824__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3748.36823__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3748.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3748.36821__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3748.36822__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3748.36820__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3748.36830__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3748.36818__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3748.36819__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3748.36923__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3748.36842__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3748.36831__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3748.36849__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Sony PC Companion) -- C:\Programme\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (cvhsvc) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
SRV - (sftvsa) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (cpuz132) -- C:\Users\saturn\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation)
DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation)
DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation)
DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation)
DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation)
DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation)
DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = StartPins
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b21b691e0000000000006c626d568a37&tlver=1.4.19.19&ss=1&affID=17395
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.medion.com [binary data]
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.medion.com [binary data]
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://vshare.toolbarhome.com/?hp=df
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.medion.com [binary data]
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.medion.com [binary data]
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Suche
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://startsear.ch/?hp=df"
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\saturn\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\saturn\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\saturn\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\saturn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\PROGRA~1\MOZILL~1\plugins\NpFv522.dll (1 mal 1 Software GmbH)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.13 17:24:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.07.11 17:51:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 00:41:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.14 21:35:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.13 17:24:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\saturn\AppData\Roaming\15001.001 [2012.08.30 17:31:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 00:41:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.14 21:35:19 | 000,000,000 | ---D | M]
 
[2011.10.21 20:13:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Extensions
[2012.08.21 23:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions
[2012.07.29 23:38:09 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.08.21 23:35:26 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.11.26 14:42:54 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.04.12 19:40:17 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\bbrs_002@blabbers.com
[2011.08.18 11:08:05 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\ffxtlbr@babylon.com
[2012.03.27 20:26:54 | 000,000,000 | ---D | M] (vShare) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\vshare@toolbar
[2012.03.28 17:36:16 | 000,002,404 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\askcom.xml
[2011.07.23 23:14:05 | 000,002,023 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\badoo.xml
[2010.11.29 23:06:08 | 000,001,832 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\bing.xml
[2010.11.26 21:34:12 | 000,000,873 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\conduit.xml
[2012.08.28 23:02:19 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-1.xml
[2011.09.06 20:19:34 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-10.xml
[2011.09.07 20:47:16 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-11.xml
[2011.09.27 21:47:46 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-12.xml
[2011.10.03 12:46:41 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-13.xml
[2011.11.08 18:55:12 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-14.xml
[2011.11.10 23:59:21 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-15.xml
[2011.11.30 22:10:47 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-16.xml
[2012.01.04 17:20:09 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-17.xml
[2012.01.04 21:52:23 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-18.xml
[2012.02.01 20:25:27 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-19.xml
[2011.03.24 17:00:29 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-2.xml
[2012.02.13 19:21:45 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-20.xml
[2012.02.19 16:23:43 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-21.xml
[2011.04.21 18:40:32 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-3.xml
[2011.05.14 09:17:55 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-4.xml
[2011.06.28 19:45:36 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-5.xml
[2011.07.03 14:31:14 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-6.xml
[2011.08.16 20:02:32 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-7.xml
[2011.08.17 13:05:22 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-8.xml
[2011.08.19 17:26:23 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-9.xml
[2011.03.05 18:47:43 | 000,001,056 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin.xml
[2011.10.21 20:11:20 | 000,002,516 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\SearchResults.xml
[2012.01.07 18:51:20 | 000,000,792 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\startsear.xml
[2010.11.13 20:18:18 | 000,003,915 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\sweetim.xml
[2012.03.27 20:27:00 | 000,001,565 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\web-search.xml
[2012.08.08 20:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.08.30 00:41:35 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.09.21 11:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFv522.dll
[2011.10.27 15:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.03 15:28:38 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.08.30 00:41:35 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.21 20:11:20 | 000,002,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b21b691e0000000000006c626d568a37&tlver=1.4.19.19&ss=1&affID=17395
CHR - default_search_provider: suggest_url = 
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: LiveVDO plug-in (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\chvsharetvplg.dll
CHR - plugin: LiveVDO plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\saturn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\saturn\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Media Go Detector (Enabled) = c:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Browser Companion Helper = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: General Crawler = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\
CHR - Extension: LiveVDO plugin = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Programme\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O2 - BHO: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\saturn\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-501\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-501\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe (Badoo)
O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [Facebook Update] C:\Users\saturn\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [Userinit] C:\Users\saturn\AppData\Roaming\appConf32.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\saturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk = C:\Users\saturn\AppData\Roaming\BrowserCompanion\tcbhn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA324995-E6B1-43EE-83D6-9FB83E2B28FF}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2011.08.11 04:04:53 | 000,000,047 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{7dcb8fca-b755-11df-8a77-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7dcb8fca-b755-11df-8a77-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O33 - MountPoints2\{8764202b-f88c-11df-9981-6c626d568a37}\Shell - "" = AutoRun
O33 - MountPoints2\{8764202b-f88c-11df-9981-6c626d568a37}\Shell\AutoRun\command - "" = H:\Startme.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.30 17:31:02 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\15001.001
[2012.08.30 17:30:57 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{0E613BF5-99C9-4D6E-A5C7-3C8A8B726A3D}
[2012.08.30 01:00:16 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\UAs
[2012.08.29 23:48:31 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\14001.018
[2012.08.29 23:48:10 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\xmldm
[2012.08.29 23:48:10 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\kock
[2012.08.29 17:46:10 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{45BB5B7B-E517-4DE1-B97C-2113FF6565FD}
[2012.08.28 17:00:19 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{492AFC1D-F7EA-4C50-AD17-96FF644062A4}
[2012.08.27 18:36:05 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CA3BA918-9967-4BEB-AC71-4E551A916D6E}
[2012.08.26 13:14:17 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{595F87C4-CE04-495F-A742-933539E126DD}
[2012.08.25 12:54:04 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{10B71342-4939-43A0-B43A-A5DE9F83CB6A}
[2012.08.24 16:24:36 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CE456119-6ED6-40A8-B873-129C003FEC3D}
[2012.08.23 17:58:18 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{47A621AC-9D43-4815-B1EA-AA7EAAE4F1D4}
[2012.08.22 19:32:30 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{7B3EC23A-8DFC-4A4A-91E4-C50C08F4B53E}
[2012.08.21 19:29:58 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{A6A5751B-EDD0-4473-99CA-0BCA1E49CC6F}
[2012.08.20 19:12:22 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{FB55A9D2-4535-455C-8D6A-81BCE37E845A}
[2012.08.19 23:12:06 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{772247CC-347D-4A4B-8C3D-F2F57351FC10}
[2012.08.19 11:11:41 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{765B961C-8A74-46D1-AF32-49E2138CF330}
[2012.08.18 15:01:16 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{8EB45775-62D9-4E3D-8536-B530E9D271A3}
[2012.08.18 15:01:05 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{4E250644-FF84-4FC0-B140-6072D21D4EA8}
[2012.08.17 19:16:56 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{6B20B3AD-F018-4910-84CA-2CE8308FF140}
[2012.08.17 19:16:45 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{A50BC3C0-D090-4CA1-AE30-38897D6EB7D2}
[2012.08.16 21:07:38 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{29C8D437-6D6C-41DB-A834-039FDD854B24}
[2012.08.16 21:07:27 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{0EC0876F-DF9A-4FF0-951B-B9C18B42F89C}
[2012.08.16 00:58:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.08.16 00:58:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.08.16 00:58:16 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.08.16 00:58:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.08.16 00:58:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.08.16 00:58:15 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.08.16 00:58:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.08.15 19:35:13 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012.08.15 19:35:11 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.08.15 19:35:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012.08.15 19:31:03 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{038C2AF4-8050-4912-9929-C48518C61082}
[2012.08.15 19:30:52 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{27DDCD14-C4B8-4F94-B5EE-7F77778594C6}
[2012.08.14 21:33:45 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{16A5F277-9259-4574-A3BD-2A10BA621E82}
[2012.08.14 21:33:34 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{B142047A-458F-4F25-ADEA-0594D24DA7BC}
[2012.08.13 19:50:15 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{F7B3D38D-B975-4419-87EE-91E7C04E08A8}
[2012.08.13 19:50:04 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CCE40081-5E7B-4CA2-9E82-E6C2B9F313C5}
[2012.08.12 14:12:53 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{772246A7-022E-4A9F-9165-0AAE985FE8FF}
[2012.08.12 14:12:42 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{9B454AB5-56E1-48C9-8949-197DA9A6B532}
[2012.08.12 01:44:22 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{42997C90-7669-4C55-B7C4-B3710B595E6E}
[2012.08.12 01:44:01 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CE4C7301-81FF-45BD-BE9D-8C5D0085B081}
[2012.08.11 13:43:44 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{0CEAC16A-9DA8-4AC6-8DE9-404C9DDEBED0}
[2012.08.11 13:43:33 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{1C5B8746-3B61-4407-9249-E17F3B07DC64}
[2012.08.10 18:50:36 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{5F40EABF-E76B-4C1A-8BF6-1CED8AA475C7}
[2012.08.10 18:50:25 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{BAD4AA54-CBFB-418C-8957-258233097489}
[2012.08.09 19:31:54 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{5B81B170-3930-4301-85F9-DE68E90CAAFD}
[2012.08.09 19:31:43 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{E86DF26B-BADC-4DA2-8F76-1CC244D7D34C}
[2012.08.08 18:15:54 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{2B7B849D-F92E-4ED8-B8B9-E5E56DCFEA4F}
[2012.08.08 18:15:41 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{B3BEC570-DC82-442C-B5E1-145C20447BFE}
[2012.08.07 21:04:33 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{79DC4DC9-E89C-4F3E-B583-ED99F440D1A7}
[2012.08.07 21:04:22 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{97CA0DE8-91E7-48A0-89D3-D16D5642760B}
[2012.08.06 12:48:31 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{A300A314-AD98-43CB-92AF-E1A4638D960A}
[2012.08.06 12:48:20 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{BC4460E8-010B-4B14-9A90-DBC782BF4D40}
[2012.08.06 12:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012.08.05 13:54:40 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{9B45BE82-0D7C-4F4C-9499-8436EDD29066}
[2012.08.05 13:54:29 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{B615AE2A-E68C-4624-9473-4F450A987889}
[2012.08.05 02:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012.08.05 02:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2012.08.04 22:44:24 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{2190359B-7AE7-4ABA-9201-0D55FEEEFAF7}
[2012.08.04 22:44:13 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{4985FE69-424C-4812-916F-991004FBB926}
[2012.08.03 12:09:23 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{EB127C51-FB0D-49B2-B712-F8A9615553B9}
[2012.08.03 12:09:12 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{46E7C127-ECF3-4776-9992-2B2031CA3C4D}
[2012.08.02 12:33:07 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{E6382E74-5F61-4DA7-A12C-8B74402B3755}
[2012.08.02 12:32:45 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{E8646B3D-125D-49B3-946E-BF82FE39E07D}
[2012.08.02 00:32:19 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{79FF3F25-F8F2-4439-BFF2-F92523D36FA6}
[2012.08.02 00:14:06 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\Flatcast
[2012.08.01 12:31:43 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{78312348-3EB3-4617-8988-0C3799B6F53C}
[2012.08.01 12:31:21 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{6CAFECB4-7237-495D-8FD7-95E01998995B}
[2012.08.01 00:30:56 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{28077E05-C484-47EE-902B-36FCE1222BD8}
[2 C:\Users\saturn\AppData\Roaming\*.tmp files -> C:\Users\saturn\AppData\Roaming\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.30 21:03:40 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000UA.job
[2012.08.30 20:57:47 | 004,503,728 | ---- | M] () -- C:\ProgramData\nud0repor.pad
[2012.08.30 20:57:42 | 000,000,016 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\blckdom.res
[2012.08.30 20:46:30 | 000,001,889 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.08.30 20:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.30 20:28:00 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000UA.job
[2012.08.30 18:42:20 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 18:42:20 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 17:31:12 | 000,198,288 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\AcroIEHelpe204.dll
[2012.08.30 17:31:12 | 000,007,424 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe204.dll
[2012.08.30 17:24:10 | 006,746,756 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.30 17:24:10 | 002,105,144 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.30 17:24:10 | 002,027,810 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.30 17:24:10 | 001,741,430 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.30 17:19:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.30 17:19:50 | 2408,927,232 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.29 23:48:42 | 000,006,400 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe.dll
[2012.08.29 23:28:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000Core.job
[2012.08.28 17:00:56 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.28 17:00:56 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.08.26 18:19:42 | 000,001,070 | ---- | M] () -- C:\Users\saturn\Desktop\Proje Öneri.rtf
[2012.08.26 15:03:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000Core.job
[2012.08.24 19:57:15 | 000,051,500 | ---- | M] () -- C:\Users\saturn\Desktop\402917_356228744458343_1596952542_n.jpg
[2012.08.22 19:33:22 | 000,002,420 | ---- | M] () -- C:\Users\saturn\Desktop\Google Chrome.lnk
[2012.08.16 21:06:24 | 000,294,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.10 23:49:09 | 000,031,530 | ---- | M] () -- C:\Users\saturn\Desktop\427221_430599956982139_1143617147_n.jpg
[2012.08.10 19:18:16 | 000,000,199 | ---- | M] () -- C:\Users\saturn\Desktop\guteschheeinneee.rtf
[2012.08.08 21:08:50 | 000,039,179 | ---- | M] () -- C:\Users\saturn\Desktop\376234_414643878585881_1521063534_n.jpg
[2012.08.08 20:58:54 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.08.06 12:05:50 | 000,002,044 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.08.06 12:05:50 | 000,002,044 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.08.03 14:49:21 | 000,028,740 | ---- | M] () -- C:\Users\saturn\Desktop\418572_305202276243594_321663588_n.jpg
[2012.08.02 16:43:36 | 000,036,432 | ---- | M] () -- C:\Users\saturn\Desktop\403851_10150981963967509_502008573_n.jpg
[2012.08.02 02:18:47 | 000,033,961 | ---- | M] () -- C:\Users\saturn\Desktop\391238_10152027841325190_1023298352_n.jpg
[2012.08.02 00:14:07 | 000,000,857 | ---- | M] () -- C:\Windows\unins000.dat
[2012.08.02 00:14:04 | 000,695,578 | ---- | M] () -- C:\Windows\unins000.exe
[2012.08.01 20:46:51 | 000,000,202 | ---- | M] () -- C:\Users\saturn\Desktop\roland...rtf
[2012.08.01 11:44:38 | 000,023,709 | ---- | M] () -- C:\Users\saturn\Desktop\539014_333697686712084_271076204_n.jpg
[2012.08.01 11:18:19 | 000,053,201 | ---- | M] () -- C:\Users\saturn\Desktop\483330_10151055869764870_854887321_n.jpg
[2012.08.01 01:01:58 | 000,087,761 | ---- | M] () -- C:\Users\saturn\Desktop\480380_472900902721283_1402432126_n.jpg
[2 C:\Users\saturn\AppData\Roaming\*.tmp files -> C:\Users\saturn\AppData\Roaming\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.30 20:46:30 | 004,503,728 | ---- | C] () -- C:\ProgramData\nud0repor.pad
[2012.08.30 20:46:30 | 000,001,889 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.08.30 17:31:12 | 000,198,288 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\AcroIEHelpe204.dll
[2012.08.30 17:31:12 | 000,007,424 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe204.dll
[2012.08.29 23:48:42 | 000,006,400 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe.dll
[2012.08.29 23:48:22 | 000,000,016 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\blckdom.res
[2012.08.26 17:47:10 | 000,001,070 | ---- | C] () -- C:\Users\saturn\Desktop\Proje Öneri.rtf
[2012.08.24 19:57:14 | 000,051,500 | ---- | C] () -- C:\Users\saturn\Desktop\402917_356228744458343_1596952542_n.jpg
[2012.08.10 23:49:08 | 000,031,530 | ---- | C] () -- C:\Users\saturn\Desktop\427221_430599956982139_1143617147_n.jpg
[2012.08.10 19:18:16 | 000,000,199 | ---- | C] () -- C:\Users\saturn\Desktop\guteschheeinneee.rtf
[2012.08.08 21:08:47 | 000,039,179 | ---- | C] () -- C:\Users\saturn\Desktop\376234_414643878585881_1521063534_n.jpg
[2012.08.05 02:25:51 | 000,002,044 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.08.05 02:25:51 | 000,002,044 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.08.03 14:49:20 | 000,028,740 | ---- | C] () -- C:\Users\saturn\Desktop\418572_305202276243594_321663588_n.jpg
[2012.08.02 16:43:35 | 000,036,432 | ---- | C] () -- C:\Users\saturn\Desktop\403851_10150981963967509_502008573_n.jpg
[2012.08.02 02:18:47 | 000,033,961 | ---- | C] () -- C:\Users\saturn\Desktop\391238_10152027841325190_1023298352_n.jpg
[2012.08.02 00:14:06 | 000,695,578 | ---- | C] () -- C:\Windows\unins000.exe
[2012.08.02 00:14:06 | 000,000,857 | ---- | C] () -- C:\Windows\unins000.dat
[2012.08.01 20:46:50 | 000,000,202 | ---- | C] () -- C:\Users\saturn\Desktop\roland...rtf
[2012.08.01 11:44:37 | 000,023,709 | ---- | C] () -- C:\Users\saturn\Desktop\539014_333697686712084_271076204_n.jpg
[2012.08.01 11:18:14 | 000,053,201 | ---- | C] () -- C:\Users\saturn\Desktop\483330_10151055869764870_854887321_n.jpg
[2012.08.01 01:01:56 | 000,087,761 | ---- | C] () -- C:\Users\saturn\Desktop\480380_472900902721283_1402432126_n.jpg
[2011.10.13 17:18:45 | 000,197,043 | ---- | C] () -- C:\Windows\hpwins27.dat
[2011.10.13 16:55:29 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat.temp
[2011.06.02 21:53:21 | 000,000,068 | ---- | C] () -- C:\Windows\System32\enbseries.ini
[2011.02.19 21:29:11 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2011.01.07 22:02:33 | 000,000,482 | ---- | C] () -- C:\Windows\eReg.dat
[2010.12.23 22:06:10 | 000,002,856 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.12.09 17:23:13 | 000,050,640 | RHS- | C] () -- C:\Users\saturn\AppData\Roaming\appConf32.exe
 
========== LOP Check ==========
 
[2012.07.04 15:37:04 | 000,000,000 | ---D | M] -- C:\Users\ersatz\AppData\Roaming\SoftGrid Client
[2011.05.17 10:52:32 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Babylon
[2012.07.28 15:26:37 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\MAGIX
[2011.10.23 19:07:39 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\SoftGrid Client
[2012.08.29 23:48:31 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\14001.018
[2012.08.30 17:31:02 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\15001.001
[2012.01.06 15:05:47 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\2K Sports
[2012.03.03 15:28:37 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Babylon
[2011.04.24 00:12:27 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Blender Foundation
[2012.08.30 20:56:40 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\BrowserCompanion
[2011.07.28 19:09:44 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\DVDVideoSoft
[2011.07.28 19:05:00 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.08.02 00:14:06 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Flatcast
[2011.01.03 01:02:30 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\ICQ
[2010.11.13 20:20:29 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\IrfanView
[2012.08.29 23:48:10 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\kock
[2011.01.28 18:59:58 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Leadertech
[2011.02.19 21:45:00 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\MAGIX
[2012.03.03 15:30:59 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Media Finder
[2011.10.21 20:11:18 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\MusicNet
[2012.08.19 02:45:26 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\SoftGrid Client
[2011.03.20 15:08:29 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Sony
[2011.03.20 15:03:05 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Sony Setup
[2010.11.12 19:25:23 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\TP
[2012.08.30 01:00:16 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\UAs
[2010.11.03 22:16:45 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Uniblue
[2011.03.11 00:59:31 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Windows Live Writer
[2012.08.30 01:01:08 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\xmldm
[2012.08.29 23:28:00 | 000,001,120 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000Core.job
[2012.08.30 20:28:00 | 000,001,142 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000UA.job
[2012.07.11 17:42:32 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

 

Themen zu GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt."
compu, computer, ebenfalls, gründe, gvu trojaner, limited.com/facebook, mehreren, msn deutschland, plug-in, problem, search the web, startsearch, taskhost.exe, tcbhn.exe, troja, trojaner, zahlungsaufforderung


« GVU Trojaner | Ukash Bundespolizei »


Ähnliche Themen: GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt."


  1. Trojaner - Achtung! Ihr Computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt.
    Log-Analyse und Auswertung - 07.12.2013 (13)
  2. Windows-XP Sperrbildschirm: Achtung! Ihr Computer ist aus einem oder mehreren der unten ausgeführten Gründen gesperrt.
    Log-Analyse und Auswertung - 06.09.2013 (22)
  3. GVU Trojaner: Achtung! Ihr Computer ist aus einem oder mehreren der unten ausgeführten Gründen gesperrt.
    Log-Analyse und Auswertung - 17.08.2013 (7)
  4. XP: Ihr Computer ist aus einem oder mehreren Gründen gesperrt
    Log-Analyse und Auswertung - 12.08.2013 (31)
  5. Achtung! lhr Computer ist aus einem oder mehreren der unten ausgeführten Gründen gesperrt.
    Log-Analyse und Auswertung - 08.08.2013 (19)
  6. Achtung! Ihr Computer ist aus einem oder mehreren der unten ausgeführten Gründen gespert.
    Mülltonne - 29.07.2013 (3)
  7. Achtung! Ihr Computer ist aus einem oder mehreren der unten ausgeführten Gründen gesperrt.
    Log-Analyse und Auswertung - 26.06.2013 (33)
  8. PC aus einem oder mehreren der unten aufgeführten Gründe gesperrt - Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.11.2012 (8)
  9. Ihr Computer ist aus einem oder mehreren unten aufgeführten Gründe gesperrt.
    Plagegeister aller Art und deren Bekämpfung - 09.09.2012 (2)
  10. GVU Trojaner "Ihr Compuer wurde aus einem oder mehreren der unten aufgeführtenGründe gesperrt" 100€ Zahlungsaufforderung
    Log-Analyse und Auswertung - 07.09.2012 (8)
  11. (2x) GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt."
    Mülltonne - 01.09.2012 (1)
  12. "Ihr Computer ist aus einem oder mehreren der hier aufgeführten Gründe gesperrt"
    Plagegeister aller Art und deren Bekämpfung - 29.08.2012 (23)
  13. Trojahner: Ihr Computer ist aus einem oder mehreren der untan aufgeführten Gründe gesperrt
    Plagegeister aller Art und deren Bekämpfung - 28.08.2012 (16)
  14. BKA Trojaner: "ihr computer ist aus mehreren der unten aufgeführten gründe gesperrt"
    Log-Analyse und Auswertung - 22.08.2012 (6)
  15. GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt."
    Log-Analyse und Auswertung - 20.08.2012 (13)
  16. Ihr Computer ist aus einem oder mehreren unten aufgeführten Gründe gesperrt
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (15)
  17. Trojaner "Ihr Computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt worden"
    Log-Analyse und Auswertung - 04.08.2012 (11)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt." - habe ebenfalls das problem .. :-/ OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 30.08.2012 21:03:29 - Run 3 OTL by OldTimer - Version 3.2.53.1 Folder = - GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt."...
Archiv
Du betrachtest: GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt." auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19