Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Polizei Virus Österreich

Polizei Virus Österreich


Log-Analyse und Auswertung: Polizei Virus Österreich

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 01.09.2012, 20:36   #1
klantschnig
 
Polizei Virus Österreich - Standard

Polizei Virus Österreich


Hallo Experten vom Trojaner Board,

bitte um Eure Hilfe.
Ich habe mir gestern, wie so einige wie man sieht, diesen Polizei Virus/Trojaner eingefangen.
Nach dem Öffnern von IE9 ist plötzlich die Warnung gekommen, dass ich €100 zahlen muss oder es erfolgt eine Anzeige und es ging nichts mehr, auch kein abgesicherter Modus.
Dank Eurer Seite habe ich schon viele hilfreiche Infos bekommen und einige Programme zur Beseitigung gestartet:Malwarebaytes, OTL, Gmer, defogger und Avira Antivirus. Die bösartigen Dateien wurden anscheinend entfernt, ich möchte nur sicher gehen, dass alles entfernt wurde und clean ist, so wie ihr es empfohlen habt.

Danke für die Hilfe

lg

Hier die OTL.txt (Extras.txt wurde keine erstellt?):OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 01.09.2012 19:43:41 - Run 2
OTL by OldTimer - Version 3.2.59.1     Folder = C:\Users\andreas\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,49 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 57,51% Memory free
6,98 Gb Paging File | 5,21 Gb Available in Paging File | 74,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 75,04 Gb Total Space | 22,04 Gb Free Space | 29,38% Space Free | Partition Type: NTFS
Drive D: | 390,62 Gb Total Space | 126,66 Gb Free Space | 32,43% Space Free | Partition Type: NTFS
 
Computer Name: PCANDREAS | User Name: andreas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.01 12:05:05 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\andreas\Desktop\OTL.exe
PRC - [2012.08.31 18:42:28 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.08.15 09:39:12 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
PRC - [2012.08.03 16:06:06 | 001,086,376 | ---- | M] (Nokia) -- C:\Programme\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.08.01 16:07:16 | 000,724,888 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.08.01 16:07:06 | 000,174,488 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.08.01 16:06:58 | 000,148,888 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.07.30 17:39:19 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.06.22 00:09:52 | 000,483,024 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\st_rsser.exe
PRC - [2012.06.22 00:09:46 | 003,669,712 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2012.06.22 00:09:38 | 002,786,512 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe
PRC - [2012.05.14 16:23:53 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.14 16:23:52 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.14 16:23:52 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.05.14 16:23:52 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.14 16:23:52 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.02.15 05:13:20 | 000,405,504 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.02.15 05:12:48 | 000,163,328 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.12.02 14:59:16 | 001,360,304 | ---- | M] () -- C:\Programme\COMODO\COMODO BackUp\SynchronizationService.exe
PRC - [2010.12.02 14:59:16 | 000,580,528 | ---- | M] () -- C:\Programme\COMODO\COMODO BackUp\COSService.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.10.25 11:07:48 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\System32\dgdersvc.exe
PRC - [2010.10.25 11:03:52 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.07.14 01:15:34 | 002,243,472 | ---- | M] (Salfeld Computer) -- C:\Windows\System32\cchservice.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.08.31 18:42:28 | 002,242,528 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.08.15 09:39:12 | 009,465,032 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2012.08.03 16:07:06 | 000,276,392 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.08.03 16:06:50 | 002,652,584 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.08.03 16:06:50 | 000,363,944 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.08.03 16:06:48 | 011,166,120 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.08.03 16:06:46 | 000,205,736 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.08.03 16:06:44 | 001,346,472 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.08.03 16:06:44 | 000,720,296 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.08.03 16:06:42 | 008,506,792 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.08.03 16:06:42 | 001,013,672 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.08.03 16:06:42 | 000,520,104 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.08.03 16:06:40 | 002,480,552 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.08.03 16:06:40 | 002,353,576 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.08.03 16:06:36 | 000,445,864 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.08.03 16:06:32 | 000,206,760 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.08.03 16:06:32 | 000,035,240 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.08.03 16:06:30 | 000,032,680 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.08.03 16:06:02 | 000,437,672 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\NService.dll
MOD - [2012.08.03 16:05:24 | 000,604,072 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.07.02 11:29:08 | 000,391,600 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.07.02 11:29:08 | 000,059,280 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.07.02 11:28:20 | 000,110,080 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2011.11.29 09:24:42 | 000,355,328 | ---- | M] () -- C:\Windows\System32\wlsppc.dll
MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.08.31 18:42:28 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.24 09:54:11 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.24 09:50:06 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.08.01 16:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.06.22 00:09:52 | 000,483,024 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Programme\Spyware Terminator\st_rsser.exe -- (ST2012_Svc)
SRV - [2012.05.14 16:23:53 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.14 16:23:52 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.14 16:23:52 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.05.14 16:23:52 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.02.15 05:12:48 | 000,163,328 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.02.07 14:18:28 | 001,373,576 | ---- | M] (LogMeIn Inc.) [On_Demand | Stopped] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.12.02 14:59:16 | 001,360,304 | ---- | M] () [Auto | Running] -- C:\Programme\COMODO\COMODO BackUp\SynchronizationService.exe -- (SynchronizationService.exe)
SRV - [2010.12.02 14:59:16 | 000,580,528 | ---- | M] () [Auto | Running] -- C:\Programme\COMODO\COMODO BackUp\COSService.exe -- (COSService.exe)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.10.25 11:07:48 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\System32\dgdersvc.exe -- (dgdersvc)
SRV - [2010.10.25 11:03:52 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.08.25 09:56:38 | 000,765,592 | ---- | M] (Salfeld Computer) [Auto | Stopped] -- C:\Windows\System32\ksupmgr.exe -- (ksupmgr)
SRV - [2010.06.13 20:02:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Ultrastar\zlportio.sys -- (zlportio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\andreas\AppData\Local\Temp\pohci13F.sys -- (pohci13F)
DRV - [2012.09.01 19:03:27 | 000,097,440 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SMR310.SYS -- (SMR310)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.06.27 15:18:52 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.05.14 16:23:53 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.14 16:23:53 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.02.15 05:47:12 | 009,182,208 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.02.15 04:12:48 | 000,264,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.01.09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.09.16 17:26:20 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.06.21 11:24:06 | 000,032,768 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.12.02 14:59:50 | 000,073,360 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\bdisk.sys -- (bdisk)
DRV - [2010.12.02 14:59:42 | 000,123,824 | ---- | M] (COMODO Security Solutions Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\cbufs.sys -- (CBUfs)
DRV - [2010.12.02 14:59:36 | 000,428,728 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\CBVD.sys -- (cbvd)
DRV - [2010.12.02 14:59:30 | 000,569,296 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vdbus.sys -- (vdbus)
DRV - [2010.12.02 14:59:24 | 000,427,680 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\cbreparse.sys -- (reparse)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.10.25 11:07:48 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010.10.25 11:03:52 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.08.27 06:32:08 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010.08.27 06:32:08 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010.08.27 06:32:08 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010.06.17 15:30:17 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.12 18:19:17 | 000,101,472 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2010.06.12 18:19:17 | 000,065,856 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2010.06.12 18:19:17 | 000,026,816 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010.03.29 18:30:12 | 000,122,752 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tinspusb.sys -- (USBTINSP)
DRV - [2010.01.28 16:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.12.01 23:17:42 | 000,579,712 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2009.12.01 23:17:06 | 000,543,744 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2009.11.11 17:20:44 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.06.24 00:54:16 | 000,030,880 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iqvw32.sys -- (NAL)
DRV - [2009.06.22 13:04:24 | 000,202,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6232.sys -- (e1kexpress)
DRV - [2009.04.03 23:04:10 | 000,718,336 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009.03.25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009.03.25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009.03.25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009.03.25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009.03.25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009.03.25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009.03.25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.05.16 06:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 06:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 06:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV - [2008.05.16 06:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 06:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus)
DRV - [2008.01.18 10:16:28 | 000,100,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\a016obex.sys -- (a016obex)
DRV - [2008.01.18 10:16:26 | 000,110,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\a016mdm.sys -- (a016mdm)
DRV - [2008.01.18 10:16:26 | 000,104,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\a016mgmt.sys -- (a016mgmt)
DRV - [2008.01.18 10:16:24 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\a016mdfl.sys -- (a016mdfl)
DRV - [2008.01.18 10:16:22 | 000,083,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\a016bus.sys -- (a016bus)
DRV - [2008.01.09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dsl-start.computerbild.de/
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.ferienwohnung-klantschnig.at/ [binary data]
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ferienwohnung-klantschnig.at/
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\SearchScopes,DefaultScope = {29928BC3-EA26-4DC2-83E7-3A57B5EA1B8D}
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=100478&babsrc=SP_ss&mntrId=a2b77d2c00000000000000270e06ea36
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\SearchScopes\{21E91EBC-62B5-4C74-8E0F-0C3E9A3AB1EE}: "URL" = hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\SearchScopes\{29928BC3-EA26-4DC2-83E7-3A57B5EA1B8D}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=DVS
IE - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.ferienwohnung-klantschnig.at/"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.05.31 19:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.31 18:42:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.08.23 21:33:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andreas\AppData\Roaming\Mozilla\Extensions
[2010.08.30 13:38:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andreas\AppData\Roaming\Mozilla\Firefox\extensions
[2010.08.30 13:38:37 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\andreas\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2012.08.25 09:59:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andreas\AppData\Roaming\Mozilla\Firefox\Profiles\0z87kgek.default\extensions
[2012.08.23 21:33:21 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.08.31 18:42:28 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 18:42:28 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.07.10 12:38:52 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
O3 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ChicoSys] C:\Windows\System32\cc32\webtmr.exe (Salfeld Computer)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SpywareTerminatorShield] C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SpywareTerminatorUpdater] C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\.DEFAULT..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)
O4 - HKU\S-1-5-18..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)
O4 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000..\Run: []  File not found
O4 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\andreas\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\andreas\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Web-Suche - C:\Programme\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wlsppc.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wlsppc.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wlsppc.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wlsppc.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wlsppc.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wlsppc.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wlsppc.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wlsppc.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\wlsppc.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\wlsppc.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\wlsppc.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O12 - Plugin for: .spop - C:\Programme\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1746479030-2115949145-2984037393-1000\..Trusted Domains: maris.com ([www.redshift] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553541500} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{092A2323-85B5-483B-ABEF-540A23371619}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (wtmcore.exe) - C:\Windows\System32\wtmcore.exe (Tobias Süllhöfer Software)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a357178a-8180-11e1-938e-00270e06ea36}\Shell - "" = AutoRun
O33 - MountPoints2\{a357178a-8180-11e1-938e-00270e06ea36}\Shell\AutoRun\command - "" = K:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.01 19:03:27 | 000,097,440 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR310.SYS
[2012.09.01 19:03:21 | 000,000,000 | ---D | C] -- C:\Users\andreas\AppData\Local\NPE
[2012.09.01 18:53:37 | 000,000,000 | ---D | C] -- C:\Users\andreas\AppData\Roaming\Spyware Terminator
[2012.09.01 18:53:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2012.09.01 18:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2012.09.01 18:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2012.09.01 12:40:09 | 000,000,000 | ---D | C] -- C:\Users\andreas\AppData\Roaming\Malwarebytes
[2012.09.01 12:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.01 12:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.01 12:40:06 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.01 12:40:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.09.01 12:05:03 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\andreas\Desktop\OTL.exe
[2012.09.01 11:02:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.09.01 11:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.08.31 22:19:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012.08.24 09:59:23 | 000,000,000 | ---D | C] -- C:\Users\andreas\AppData\Local\Macromedia
[2012.08.24 09:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012.08.23 21:33:27 | 000,000,000 | ---D | C] -- C:\Users\andreas\AppData\Local\Mozilla
[2012.08.23 21:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.08.23 21:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.08.08 21:31:40 | 000,000,000 | ---D | C] -- C:\Program Files\Feedback Tool
[2012.08.08 07:25:48 | 000,000,000 | ---D | C] -- C:\Users\andreas\Documents\Aspyr
[2012.08.08 07:24:36 | 000,000,000 | ---D | C] -- C:\Users\andreas\AppData\Local\Aspyr
[2012.08.03 20:54:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.08.03 20:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2011.11.04 12:46:30 | 000,733,184 | ---- | C] (www.rene-zeidler.de) -- C:\Program Files\Snipping Tool Plus.exe
[2010.06.12 18:28:30 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpeF3D0.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.01 19:39:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.01 19:12:27 | 000,015,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.01 19:12:27 | 000,015,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.01 19:10:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.01 19:05:25 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.01 19:05:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.01 19:05:02 | 2810,990,592 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.01 19:03:27 | 000,097,440 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR310.SYS
[2012.09.01 18:53:36 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2012.09.01 14:18:51 | 004,503,728 | ---- | M] () -- C:\ProgramData\nud0repor.pad
[2012.09.01 12:40:07 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.01 12:05:05 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\andreas\Desktop\OTL.exe
[2012.09.01 11:02:07 | 000,001,006 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.01 09:30:58 | 000,003,904 | ---- | M] () -- C:\Windows\System32\ccsync.err
[2012.08.31 21:23:56 | 006,734,474 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.31 21:23:56 | 001,994,430 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.31 21:23:56 | 000,295,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.31 21:23:56 | 000,035,440 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.31 17:14:30 | 000,001,200 | ---- | M] () -- C:\Windows\System32\excltmp~.dat
[2012.08.31 14:55:37 | 000,005,537 | ---- | M] () -- C:\Windows\System32\cchservice.err
[2012.08.27 17:53:35 | 000,019,968 | ---- | M] () -- C:\Users\andreas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.25 09:40:35 | 000,000,066 | ---- | M] () -- C:\Windows\BBW_INFO.INI
[2012.08.24 11:06:50 | 001,247,453 | ---- | M] () -- C:\Users\andreas\Desktop\Phase 10.pdf
[2012.08.15 15:36:13 | 000,406,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.12 21:35:36 | 000,000,382 | ---- | M] () -- C:\NET.INI
[2012.08.08 21:32:06 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.08.08 07:36:59 | 000,391,306 | ---- | M] () -- C:\AnalysisLog.sr0
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.01 18:53:38 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2012.09.01 18:53:36 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2012.09.01 12:40:07 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.01 11:02:07 | 000,001,006 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.31 22:56:23 | 004,503,728 | ---- | C] () -- C:\ProgramData\nud0repor.pad
[2012.08.30 08:27:43 | 000,003,904 | ---- | C] () -- C:\Windows\System32\ccsync.err
[2012.08.24 11:06:49 | 001,247,453 | ---- | C] () -- C:\Users\andreas\Desktop\Phase 10.pdf
[2012.08.23 21:33:24 | 000,001,141 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.08.10 10:12:40 | 000,005,537 | ---- | C] () -- C:\Windows\System32\cchservice.err
[2012.08.08 21:32:06 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.08.08 07:35:18 | 000,391,306 | ---- | C] () -- C:\AnalysisLog.sr0
[2012.05.15 19:30:22 | 000,000,066 | ---- | C] () -- C:\Windows\BBW_INFO.INI
[2012.02.24 22:57:29 | 000,001,200 | ---- | C] () -- C:\Windows\System32\excltmp~.dat
[2012.02.24 22:56:21 | 000,000,141 | -H-- | C] () -- C:\Windows\System32\ctlsw.ini
[2012.02.24 22:56:21 | 000,000,102 | ---- | C] () -- C:\Windows\System32\SWCTL.DLL
[2012.02.24 22:56:18 | 000,155,536 | ---- | C] () -- C:\Windows\System32\dllcinx.exe
[2012.02.24 22:56:18 | 000,009,368 | ---- | C] () -- C:\Windows\System32\drivers\mchccinj.sys
[2012.02.24 22:56:16 | 000,000,600 | ---- | C] () -- C:\Windows\System32\nochook.ini
[2012.02.15 04:28:34 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.02.15 04:28:32 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.02.14 23:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.01.10 23:10:08 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.12.31 14:30:16 | 000,355,328 | ---- | C] () -- C:\Windows\System32\wlsppc.dll
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OVDecoder.dll
[2011.10.10 19:59:22 | 000,081,920 | ---- | C] () -- C:\Windows\System32\GkSui20.EXE
[2011.10.10 19:59:21 | 000,233,542 | ---- | C] () -- C:\Windows\System32\vcdll.dll
[2011.10.10 19:58:58 | 000,028,672 | ---- | C] () -- C:\Windows\System32\astro32.dll
[2011.09.17 22:07:27 | 000,000,000 | ---- | C] () -- C:\Users\andreas\AppData\Local\{EB6B0AFE-5BA5-4934-8A3B-75850E3CA3D1}
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.07.27 21:41:45 | 000,000,000 | ---- | C] () -- C:\Users\andreas\AppData\Local\{19A821D8-46F2-4C23-92A3-B1BCC7439A04}
[2011.01.23 17:26:41 | 000,544,256 | ---- | C] () -- C:\Windows\System32\janGraphics.dll
[2011.01.23 17:26:41 | 000,124,416 | ---- | C] () -- C:\Windows\System32\dXCtrls.dll
[2010.12.27 20:18:49 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.12.27 20:18:49 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.12.02 14:59:50 | 000,073,360 | ---- | C] () -- C:\Windows\System32\drivers\bdisk.sys
[2010.12.02 14:59:36 | 000,428,728 | ---- | C] () -- C:\Windows\System32\drivers\CBVD.sys
[2010.12.02 14:59:30 | 000,569,296 | ---- | C] () -- C:\Windows\System32\drivers\vdbus.sys
[2010.10.25 11:09:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2010.10.25 11:09:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2010.10.25 11:09:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2010.10.25 11:09:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.10.04 19:17:16 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010.06.20 14:40:32 | 000,019,968 | ---- | C] () -- C:\Users\andreas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.10 18:07:10 | 000,000,680 | RHS- | C] () -- C:\Users\andreas\ntuser.pol
[2002.07.17 20:27:58 | 000,034,181 | ---- | C] () -- C:\Program Files\Readme.html
 
========== LOP Check ==========
 
[2012.04.21 14:45:25 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\.minecraft
[2012.01.28 11:29:41 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Amazon
[2012.08.05 11:18:41 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Audacity
[2012.04.24 20:37:54 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Babylon
[2012.08.24 11:05:36 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Canon
[2012.03.28 22:18:13 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\ChemTable Software
[2011.07.10 16:37:51 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\DriverCure
[2010.08.30 18:44:19 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.12.24 09:58:22 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\GetRightToGo
[2010.06.10 16:12:15 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\InterTrust
[2010.06.10 17:06:49 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\mquadr.at
[2010.12.19 16:58:45 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\MyBible
[2012.02.07 18:33:20 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Need for Speed World
[2012.03.05 21:41:08 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Nokia
[2011.06.25 21:18:17 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Nokia Ovi Suite
[2011.12.18 20:29:00 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Nokia Suite
[2012.03.18 20:43:16 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\OpenCandy
[2011.07.10 16:37:51 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\ParetoLogic
[2011.06.25 21:11:28 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\PC Suite
[2012.03.28 22:15:14 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\pdfforge
[2010.12.27 20:17:50 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Samsung
[2010.06.12 18:32:37 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Sony
[2012.09.01 18:53:37 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Spyware Terminator
[2012.01.14 10:10:18 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\Stellarium
[2012.04.03 12:50:00 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\TeamViewer
[2012.02.09 20:56:52 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\The Creative Assembly
[2012.06.03 14:56:10 | 000,000,000 | ---D | M] -- C:\Users\andreas\AppData\Roaming\www.rene-zeidler.de
[2012.04.21 12:57:16 | 000,000,000 | ---D | M] -- C:\Users\Lukas & Tobias\AppData\Roaming\.minecraft
[2011.09.15 16:23:18 | 000,000,000 | ---D | M] -- C:\Users\Lukas & Tobias\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.06.19 14:56:25 | 000,000,000 | ---D | M] -- C:\Users\Lukas & Tobias\AppData\Roaming\PC Suite
[2010.08.05 20:32:04 | 000,000,000 | ---D | M] -- C:\Users\Lukas & Tobias\AppData\Roaming\Sierra
[2010.08.05 20:34:37 | 000,000,000 | ---D | M] -- C:\Users\Lukas & Tobias\AppData\Roaming\Sierra Entertainment
[2012.02.04 15:00:11 | 000,000,000 | ---D | M] -- C:\Users\Lukas & Tobias\AppData\Roaming\The Creative Assembly
[2012.04.27 14:01:35 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\.minecraft
[2011.09.19 15:12:11 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2012.02.07 18:50:34 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Need for Speed World
[2011.06.20 17:53:27 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\PC Suite
[2012.01.28 12:06:44 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\The Creative Assembly
[2011.09.24 14:59:53 | 000,000,000 | ---D | M] -- C:\Users\Waltraud\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2012.03.05 21:40:28 | 000,000,000 | ---D | M] -- C:\Users\Waltraud\AppData\Roaming\Nokia
[2012.09.01 09:56:32 | 000,000,000 | ---D | M] -- C:\Users\Waltraud\AppData\Roaming\PC Suite
[2012.03.19 19:18:19 | 000,000,000 | ---D | M] -- C:\Users\Waltraud\AppData\Roaming\pdfforge
[2012.07.25 07:29:53 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

 

Themen zu Polizei Virus Österreich
askbar, avg, beseitigung, converter, defender, error, feedback, firefox, flash player, format, google earth, mozilla, mp3, nodrives, pdfforge toolbar, plug-in, registry, scan, security, software, spyware, sweetim, sweetpacks, symantec, trojaner, trojaner board, virus, warnung, windows, windows.tool.disabled


« GVU Trojaner erhalten | Mit Bundestrojaner infiziert "ism_0_llatsni.pad " »


Ähnliche Themen: Polizei Virus Österreich


  1. Polizei Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 09.09.2013 (2)
  2. Polizei Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 24.04.2013 (24)
  3. Polizei Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 26.10.2012 (4)
  4. Polizei Virus Österreich vom 23.10.12
    Log-Analyse und Auswertung - 25.10.2012 (1)
  5. Polizei Virus Österreich
    Log-Analyse und Auswertung - 13.10.2012 (2)
  6. Österreich Polizei Virus
    Log-Analyse und Auswertung - 05.10.2012 (4)
  7. polizei virus österreich
    Log-Analyse und Auswertung - 22.09.2012 (1)
  8. Polizei Virus Österreich
    Log-Analyse und Auswertung - 16.09.2012 (32)
  9. Polizei Virus Österreich
    Log-Analyse und Auswertung - 07.09.2012 (22)
  10. Polizei Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 03.09.2012 (3)
  11. Polizei Virus - 100 EUR Österreich
    Log-Analyse und Auswertung - 25.08.2012 (5)
  12. Polizei Virus Österreich
    Log-Analyse und Auswertung - 19.08.2012 (4)
  13. Polizei Virus Österreich
    Log-Analyse und Auswertung - 14.08.2012 (13)
  14. Polizei-Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (26)
  15. Polizei 5.2 Virus Österreich
    Log-Analyse und Auswertung - 26.07.2012 (2)
  16. Polizei Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (3)
  17. Polizei Österreich Virus
    Log-Analyse und Auswertung - 04.07.2012 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Polizei Virus Österreich - Hallo Experten vom Trojaner Board, bitte um Eure Hilfe. Ich habe mir gestern, wie so einige wie man sieht, diesen Polizei Virus/Trojaner eingefangen. Nach dem Öffnern von IE9 ist plötzlich - Polizei Virus Österreich...
Archiv
Du betrachtest: Polizei Virus Österreich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131