Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Trojaner - Sicherheitscenter oder Treiber wird deaktiviert

Trojaner - Sicherheitscenter oder Treiber wird deaktiviert


Plagegeister aller Art und deren Bekämpfung: Trojaner - Sicherheitscenter oder Treiber wird deaktiviert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 22.01.2013, 16:23   #11
Hannem
 
Trojaner - Sicherheitscenter oder Treiber wird deaktiviert - Standard

Trojaner - Sicherheitscenter oder Treiber wird deaktiviert


hi,

Falls du Namen oder dergleichen findest bitte löschen.

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 1/22/2013 4:10:27 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Eigene Dateien
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: XXXXX | Language: DEA | Date Format: dd.MM.yyyy
 
3.86 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 62.46% Memory free
7.73 Gb Paging File | 5.61 Gb Available in Paging File | 72.57% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 179.00 Gb Total Space | 65.58 Gb Free Space | 36.64% Space Free | Partition Type: NTFS
Drive D: | 266.66 Gb Total Space | 58.10 Gb Free Space | 21.79% Space Free | Partition Type: NTFS
Drive F: | 25.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: SATURN-PC | User Name: saturn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - D:\Eigene Dateien\OTL (2).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\PROGRA~2\AD-AWA~1\AdAware.exe (Lavasoft Limited)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
PRC - C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe (Samsung Electronics)
PRC - C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files (x86)\A1 Dashboard\Dashboard.exe (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
PRC - C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Windows\SysWOW64\Rezip.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
MOD - C:\Program Files (x86)\A1 Dashboard\Skins\A1\A1Skin.dbskin ()
MOD - C:\Program Files (x86)\A1 Dashboard\resetregistry.dll ()
MOD - C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Ad-Aware Service) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SBAMSvc) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Rezip) -- C:\Windows\SysWOW64\Rezip.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\drivers\gfibto.sys (GFI Software)
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\drivers\gfiark.sys (GFI Software)
DRV:64bit: - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (sbapifs) -- C:\Windows\SysNative\drivers\sbapifs.sys (GFI Software)
DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (athrusb) -- C:\Windows\SysNative\drivers\athrxusb.sys (Atheros Communications, Inc.)
DRV - (rtport) -- C:\Windows\SysWOW64\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKLM\..\SearchScopes\Yandex: "URL" = hxxp://yandex.ru/yandsearch?clid=39942&text={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://us.yahoo.com?fr=fp-comodo
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{1C1C23FD-730C-4DDB-B8A8-06536CE0F91F}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_US&apn_ptnrs=U3&apn_dtid=YYYYYYYYAT&apn_uid=3E29FE37-322E-4685-81C4-B8C4C5C158B9&apn_sauid=6CFA1673-53E5-4F3A-A155-DBFD36316D45
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=F2E5642EFB1712700EF90850EDEAAEE2&q={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deAT451
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\Moikrug: "URL" = hxxp://moikrug.ru/persons/?clid=39942&charset=utf-8&keywords={searchTerms}&submitted=1
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\SearchScopes\Yandex: "URL" = hxxp://yandex.ru/yandsearch?clid=39942&text={searchTerms}
IE - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.1.9
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:6.0.1289
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://us.yahoo.com?fr=fp-comodo"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..keyword.URL: "hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/09/20 01:52:16 | 000,000,000 | ---D | M]
 
[2011/08/11 01:47:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Extensions
[2012/05/14 16:24:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\1un5q3vp.default\extensions
[2012/05/14 16:24:01 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\1un5q3vp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013/01/10 00:46:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\1un5q3vp.default\extensions\ffxtlbr@babylon.com
[2011/12/31 06:03:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011/11/24 23:16:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
 
========== Chrome  ==========
 
CHR - homepage: hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=hp&babsrc=lnkry
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AT&userid=19d02a35-f5b8-423b-8334-9a43331abd6c&affid=111583&searchtype=hp&babsrc=lnkry
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U10 (Disabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Disabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Session Manager = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: YouTube = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Tabs Outliner = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\eggkanocgddhmamlbiijnphhppkpkmkl\0.4.39_0\
CHR - Extension: Safe Search = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik\1.0.0.0_0\
CHR - Extension: Session Manager = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc\3.4.3_0\
CHR - Extension: Fast save = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\obolonaohefbbbbmhehcenamjebhjecd\1.1_0\
CHR - Extension: Google Reader = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0\
CHR - Extension: Google Mail = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: RSS Feed Reader = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp\4.1.5_0\
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O3 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-871626820-2410801721-1010220994-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 10.10.2)
O16 - DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 1.7.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 1.7.0_10)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E9177F0-BA1E-45D3-BEDC-CEB7D5FE6A0A}: NameServer = 194.48.139.254 194.48.124.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1034E13-F72B-4B75-9B44-6284186A43C0}: DhcpNameServer = 127.0.0.1 192.168.0.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/07/20 17:28:08 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{9517c0c6-abfb-11e1-ac47-001e101f50a4}\Shell - "" = AutoRun
O33 - MountPoints2\{9517c0c6-abfb-11e1-ac47-001e101f50a4}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{a5d8d4b2-abe8-11e0-8095-e811328461e3}\Shell - "" = AutoRun
O33 - MountPoints2\{a5d8d4b2-abe8-11e0-8095-e811328461e3}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{b6a165b9-570c-11e1-b951-e811328461e3}\Shell - "" = AutoRun
O33 - MountPoints2\{b6a165b9-570c-11e1-b951-e811328461e3}\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\{bbc0e2e4-aba6-11e0-bbd1-e811328461e3}\Shell - "" = AutoRun
O33 - MountPoints2\{bbc0e2e4-aba6-11e0-bbd1-e811328461e3}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{bbc0e2f4-aba6-11e0-bbd1-e811328461e3}\Shell - "" = AutoRun
O33 - MountPoints2\{bbc0e2f4-aba6-11e0-bbd1-e811328461e3}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009/08/22 19:42:32 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/18 13:41:58 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\Microgaming
[2013/01/18 13:38:18 | 000,000,000 | ---D | C] -- C:\Microgaming
[2013/01/18 13:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\MGS
[2013/01/18 13:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betsson Poker by Microgaming
[2013/01/16 02:40:05 | 000,000,000 | ---D | C] -- C:\Users\saturn\Documents\ProcAlyzer Dumps
[2013/01/14 03:05:01 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2013/01/10 15:00:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/01/10 03:16:06 | 000,000,000 | ---D | C] -- C:\0c620edd659dde624356bf416f
[2013/01/10 02:45:12 | 000,038,096 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\gfiark.sys
[2013/01/09 23:32:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013/01/09 23:30:15 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\LavasoftStatistics
[2013/01/09 23:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/01/09 23:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2013/01/09 23:16:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013/01/09 23:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/01/09 23:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2013/01/09 23:16:22 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\windows\SysNative\sdnclean64.exe
[2013/01/09 23:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/01/09 23:14:22 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\Downloaded Installations
[2013/01/09 23:14:09 | 000,014,456 | ---- | C] (GFI Software) -- C:\windows\SysNative\drivers\gfibto.sys
[2013/01/09 23:14:08 | 000,047,496 | ---- | C] (GFI Software) -- C:\windows\SysNative\sbbd.exe
[2013/01/09 23:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Search Protection
[2013/01/09 23:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2013/01/09 23:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\adawaretb
[2013/01/09 23:11:11 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\adawarebp
[2013/01/09 23:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013/01/09 23:10:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013/01/09 23:09:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb
[2013/01/09 23:07:09 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\Ad-Aware Antivirus
[2013/01/08 21:11:08 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\Programs
[2013/01/01 22:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker
[2012/12/30 02:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
[6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\Users\saturn\Documents\*.tmp files -> C:\Users\saturn\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/01/22 16:03:47 | 001,474,832 | ---- | M] () -- C:\windows\SysNative\drivers\sfi.dat
[2013/01/22 15:52:10 | 000,051,089 | ---- | M] () -- C:\Users\saturn\Desktop\85104-otl-otlogfile-by-oldtimer.htm
[2013/01/22 15:45:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/01/22 15:28:01 | 000,001,110 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/22 14:53:55 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/01/22 12:49:51 | 000,079,996 | ---- | M] () -- C:\Users\saturn\Documents\Unbenanntaaabb.PNG
[2013/01/22 10:41:25 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/22 10:41:25 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/22 10:35:24 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/01/22 10:33:59 | 000,001,106 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/22 10:33:43 | 4148,744,192 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/20 02:13:09 | 041,500,672 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\7SRData.sdf
[2013/01/20 01:21:46 | 054,558,720 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\UberReaderData.sdf
[2013/01/18 13:41:47 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\Betsson Poker by Microgaming.lnk
[2013/01/16 00:57:32 | 000,101,182 | ---- | M] () -- C:\Users\saturn\Documents\Statistik_Theorie%20(2).odt_0.odt
[2013/01/16 00:57:22 | 000,132,092 | ---- | M] () -- C:\Users\saturn\Documents\Normalv.odt_0.odt
[2013/01/16 00:57:21 | 000,085,767 | ---- | M] () -- C:\Users\saturn\Documents\Binomial_1%20(2).odt_0.odt
[2013/01/16 00:57:21 | 000,056,299 | ---- | M] () -- C:\Users\saturn\Documents\Binomial_2%20(2).odt_0.odt
[2013/01/15 10:35:52 | 000,062,835 | ---- | M] () -- C:\Users\saturn\Documents\Unbenannt-docu.PNG
[2013/01/14 21:59:47 | 000,053,697 | ---- | M] () -- C:\Users\saturn\Documents\Unbenannt-neu2.PNG
[2013/01/14 05:41:56 | 000,072,455 | ---- | M] () -- C:\Users\saturn\Documents\neu-eleven.PNG
[2013/01/10 03:22:06 | 000,462,632 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/01/10 01:00:20 | 000,011,432 | ---- | M] () -- C:\windows\wininit.ini
[2013/01/09 23:16:45 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/01/09 23:14:08 | 000,014,456 | ---- | M] (GFI Software) -- C:\windows\SysNative\drivers\gfibto.sys
[2013/01/07 13:56:47 | 000,062,394 | ---- | M] () -- C:\Users\saturn\Documents\Neu.PNG
[2013/01/07 13:42:41 | 000,066,269 | ---- | M] () -- C:\Users\saturn\Documents\Unbenannt-neu.PNG
[2013/01/07 01:20:54 | 000,065,155 | ---- | M] () -- C:\Users\saturn\Documents\Graph-neu.PNG
[2013/01/06 23:30:04 | 000,053,197 | ---- | M] () -- C:\Users\saturn\Documents\Parabel-Gerade.PNG
[2013/01/06 02:40:51 | 000,016,262 | ---- | M] () -- C:\Users\saturn\Documents\Unbenannt.PNG
[2013/01/06 02:30:07 | 000,005,154 | ---- | M] () -- C:\Users\saturn\Documents\Trapez.ggb
[2013/01/06 01:17:53 | 000,061,214 | ---- | M] () -- C:\Users\saturn\Documents\Fläche-1.PNG
[2013/01/01 22:54:17 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2012/12/30 16:29:20 | 000,049,967 | ---- | M] () -- C:\Users\saturn\Documents\Graph.PNG
[2012/12/30 16:24:25 | 000,051,755 | ---- | M] () -- C:\Users\saturn\Documents\Graphic.PNG
[2012/12/30 02:03:13 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.lnk
[2012/12/29 00:59:14 | 000,040,002 | ---- | M] () -- C:\Users\saturn\Documents\Fläche+4.PNG
[2012/12/28 22:34:11 | 000,023,578 | ---- | M] () -- C:\Users\saturn\Documents\Fläche.PNG
[2012/12/28 22:33:46 | 000,025,667 | ---- | M] () -- C:\Users\saturn\Documents\Fläche2.PNG
[2012/12/28 22:32:49 | 000,043,132 | ---- | M] () -- C:\Users\saturn\Documents\Fläche1.PNG
[2012/12/28 21:38:42 | 000,048,684 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-253d.PNG
[2012/12/28 19:43:13 | 000,054,089 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-235b.PNG
[2012/12/28 19:40:36 | 000,032,742 | ---- | M] () -- C:\Users\saturn\Documents\AUfgabe-236a.PNG
[2012/12/28 18:39:26 | 000,031,857 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-229a.PNG
[2012/12/27 19:12:44 | 000,028,542 | ---- | M] () -- C:\Users\saturn\Documents\project.PNG
[2012/12/27 19:11:27 | 000,005,572 | ---- | M] () -- C:\Users\saturn\Documents\Project.b.ggb
[2012/12/27 19:10:57 | 000,037,320 | ---- | M] () -- C:\Users\saturn\Documents\Project.b.PNG
[2012/12/27 19:03:37 | 000,005,884 | ---- | M] () -- C:\Users\saturn\Documents\Project.rar
[2012/12/27 18:04:28 | 000,005,958 | ---- | M] () -- C:\Users\saturn\Documents\Project.ggb
[2012/12/24 21:54:25 | 000,028,699 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-3.PNG
[2012/12/24 21:28:47 | 000,022,719 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-2.PNG
[2012/12/24 19:21:24 | 000,005,228 | ---- | M] () -- C:\Users\saturn\Documents\GEo- Plan.ggb
[2012/12/24 01:57:55 | 000,045,971 | ---- | M] () -- C:\Users\saturn\Documents\Aufgabe-1.PNG
[2012/12/24 01:38:42 | 000,046,265 | ---- | M] () -- C:\Users\saturn\Documents\Kurvendiskussionen.PNG
[2012/12/23 16:32:26 | 000,031,047 | ---- | M] () -- C:\Users\saturn\Documents\Integral-Flächen-berechnen.2.PNG
[6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\Users\saturn\Documents\*.tmp files -> C:\Users\saturn\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/01/22 15:51:31 | 000,051,089 | ---- | C] () -- C:\Users\saturn\Desktop\85104-otl-otlogfile-by-oldtimer.htm
[2013/01/22 12:49:51 | 000,079,996 | ---- | C] () -- C:\Users\saturn\Documents\Unbenanntaaabb.PNG
[2013/01/18 13:38:18 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\Betsson Poker by Microgaming.lnk
[2013/01/16 01:34:24 | 000,132,092 | ---- | C] () -- C:\Users\saturn\Documents\Normalv.odt_0.odt
[2013/01/16 01:34:24 | 000,101,182 | ---- | C] () -- C:\Users\saturn\Documents\Statistik_Theorie%20(2).odt_0.odt
[2013/01/16 01:34:24 | 000,085,767 | ---- | C] () -- C:\Users\saturn\Documents\Binomial_1%20(2).odt_0.odt
[2013/01/16 01:34:24 | 000,056,299 | ---- | C] () -- C:\Users\saturn\Documents\Binomial_2%20(2).odt_0.odt
[2013/01/15 10:35:52 | 000,062,835 | ---- | C] () -- C:\Users\saturn\Documents\Unbenannt-docu.PNG
[2013/01/14 21:59:47 | 000,053,697 | ---- | C] () -- C:\Users\saturn\Documents\Unbenannt-neu2.PNG
[2013/01/14 05:41:56 | 000,072,455 | ---- | C] () -- C:\Users\saturn\Documents\neu-eleven.PNG
[2013/01/10 01:00:12 | 000,011,432 | ---- | C] () -- C:\windows\wininit.ini
[2013/01/09 23:17:47 | 000,001,868 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/01/09 23:16:48 | 000,002,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/01/09 23:16:45 | 000,002,173 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/01/07 13:56:47 | 000,062,394 | ---- | C] () -- C:\Users\saturn\Documents\Neu.PNG
[2013/01/07 13:42:40 | 000,066,269 | ---- | C] () -- C:\Users\saturn\Documents\Unbenannt-neu.PNG
[2013/01/07 01:20:54 | 000,065,155 | ---- | C] () -- C:\Users\saturn\Documents\Graph-neu.PNG
[2013/01/06 23:30:03 | 000,053,197 | ---- | C] () -- C:\Users\saturn\Documents\Parabel-Gerade.PNG
[2013/01/06 02:40:51 | 000,016,262 | ---- | C] () -- C:\Users\saturn\Documents\Unbenannt.PNG
[2013/01/06 02:30:06 | 000,005,154 | ---- | C] () -- C:\Users\saturn\Documents\Trapez.ggb
[2013/01/06 01:17:52 | 000,061,214 | ---- | C] () -- C:\Users\saturn\Documents\Fläche-1.PNG
[2013/01/01 22:54:16 | 000,001,051 | ---- | C] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2012/12/30 16:29:20 | 000,049,967 | ---- | C] () -- C:\Users\saturn\Documents\Graph.PNG
[2012/12/30 16:24:24 | 000,051,755 | ---- | C] () -- C:\Users\saturn\Documents\Graphic.PNG
[2012/12/30 02:03:13 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.lnk
[2012/12/29 00:59:13 | 000,040,002 | ---- | C] () -- C:\Users\saturn\Documents\Fläche+4.PNG
[2012/12/28 22:34:11 | 000,023,578 | ---- | C] () -- C:\Users\saturn\Documents\Fläche.PNG
[2012/12/28 22:33:46 | 000,025,667 | ---- | C] () -- C:\Users\saturn\Documents\Fläche2.PNG
[2012/12/28 22:32:48 | 000,043,132 | ---- | C] () -- C:\Users\saturn\Documents\Fläche1.PNG
[2012/12/28 21:38:42 | 000,048,684 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-253d.PNG
[2012/12/28 19:43:13 | 000,054,089 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-235b.PNG
[2012/12/28 19:40:36 | 000,032,742 | ---- | C] () -- C:\Users\saturn\Documents\AUfgabe-236a.PNG
[2012/12/28 18:39:24 | 000,031,857 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-229a.PNG
[2012/12/27 19:12:44 | 000,028,542 | ---- | C] () -- C:\Users\saturn\Documents\project.PNG
[2012/12/27 19:10:57 | 000,037,320 | ---- | C] () -- C:\Users\saturn\Documents\Project.b.PNG
[2012/12/27 19:09:29 | 000,005,572 | ---- | C] () -- C:\Users\saturn\Documents\Project.b.ggb
[2012/12/27 19:02:00 | 000,005,884 | ---- | C] () -- C:\Users\saturn\Documents\Project.rar
[2012/12/27 18:04:28 | 000,005,958 | ---- | C] () -- C:\Users\saturn\Documents\Project.ggb
[2012/12/24 21:54:25 | 000,028,699 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-3.PNG
[2012/12/24 21:28:46 | 000,022,719 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-2.PNG
[2012/12/24 19:21:23 | 000,005,228 | ---- | C] () -- C:\Users\saturn\Documents\GEo- Plan.ggb
[2012/12/24 01:57:55 | 000,045,971 | ---- | C] () -- C:\Users\saturn\Documents\Aufgabe-1.PNG
[2012/12/24 01:38:41 | 000,046,265 | ---- | C] () -- C:\Users\saturn\Documents\Kurvendiskussionen.PNG
[2012/12/23 16:32:26 | 000,031,047 | ---- | C] () -- C:\Users\saturn\Documents\Integral-Flächen-berechnen.2.PNG
[2012/10/29 17:15:42 | 000,000,218 | ---- | C] () -- C:\Users\saturn\.recently-used.xbel
[2012/09/26 18:49:06 | 000,007,605 | ---- | C] () -- C:\Users\saturn\AppData\Local\Resmon.ResmonCfg
[2012/07/22 11:09:38 | 000,009,911 | ---- | C] () -- C:\windows\SysWow64\SpoonUninstall-MMaster.dat
[2012/07/21 15:24:09 | 000,004,621 | ---- | C] () -- C:\Users\saturn\AppData\Local\recently-used.xbel
[2012/06/11 20:46:47 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI
[2012/02/14 20:44:13 | 000,015,872 | ---- | C] () -- C:\windows\SysWow64\InsDrvZD64.DLL
[2011/10/25 16:53:34 | 000,000,235 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/10/24 19:08:30 | 000,131,584 | ---- | C] () -- C:\windows\SysWow64\SpoonUninstall.exe
[2011/08/10 22:12:24 | 000,006,656 | ---- | C] () -- C:\windows\SysWow64\lpcio.dll
[2011/07/18 11:25:11 | 001,592,858 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/06/30 08:53:34 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011/04/20 03:37:24 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll
[2011/04/19 13:27:14 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2011/04/19 12:51:02 | 000,000,378 | ---- | C] () -- C:\windows\HotFixList.ini
[2011/04/19 12:21:46 | 000,311,296 | ---- | C] () -- C:\windows\SysWow64\Rezip.exe
[2010/12/23 14:39:34 | 041,500,672 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\7SRData.sdf
[2010/08/14 14:34:12 | 054,558,720 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\UberReaderData.sdf
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012/10/29 16:07:52 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\.BitTornado
[2013/01/16 02:44:34 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Ad-Aware Antivirus
[2012/11/27 04:04:23 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Azureus
[2012/11/24 20:45:30 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\calibre
[2012/10/29 17:03:20 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\deluge
[2012/05/14 20:47:23 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\DVDVideoSoft
[2012/10/29 17:01:01 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\gtk-2.0
[2012/05/05 00:41:28 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\hdbADS
[2012/05/05 01:05:29 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\IrfanView
[2012/09/24 20:21:57 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\JAM Software
[2012/06/01 22:52:09 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\LibreOffice
[2012/02/29 02:32:38 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Lingo4u
[2013/01/20 01:17:21 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Microgaming
[2012/05/14 16:27:18 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\OpenCandy
[2011/11/25 15:23:35 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\OpenOffice.org
[2011/07/25 18:58:31 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Opera
[2012/06/01 13:41:17 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\SoftGrid Client
[2012/02/25 15:28:52 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\TP
[2012/05/14 16:29:26 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\TuneUp Software
[2012/10/29 17:29:32 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\uTorren
[2013/01/22 16:15:43 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\uTorrent
[2011/10/26 21:34:47 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Yandex
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---


lg

 

Themen zu Trojaner - Sicherheitscenter oder Treiber wird deaktiviert
account, adaware, aufsetzen, brauche, browser, computer, dateien, daten, deaktiviert, eingefangen, email, erhalte, fehlermeldung, gen, link, linux, neu aufsetzen, neue, probleme, programme, rojaner gefunden, sicherheitscenter, software, treiber, trojaner, viren, wichtig


« Weißer Bildschirm nur mit Mauscursor nach Windowsanmeldung (Laptop, Windows XP) | Sponsorship »


Ähnliche Themen: Trojaner - Sicherheitscenter oder Treiber wird deaktiviert


  1. Trojaner/Malware verdacht: WIN Sicherheitscenter immer deaktiviert
    Log-Analyse und Auswertung - 07.12.2013 (11)
  2. Sophos On-Access-Scan wird deaktiviert; Win7 Sicherheitscenter wird deaktiviert; PC startet neu
    Log-Analyse und Auswertung - 07.08.2013 (25)
  3. Sicherheitscenter wird immer wieder deaktiviert, chrome meldet Profil Fehler
    Log-Analyse und Auswertung - 10.06.2013 (3)
  4. Stimmen im Hintergrund und Sicherheitscenter deaktiviert ...
    Log-Analyse und Auswertung - 28.03.2012 (1)
  5. ProRat virus/Sicherheitscenter deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 28.10.2011 (1)
  6. Sicherheitscenter wird automatisch deaktiviert und Google leitet weiter...
    Plagegeister aller Art und deren Bekämpfung - 04.08.2011 (19)
  7. Werbevirus und Windows 7 Sicherheitscenter deaktiviert!
    Plagegeister aller Art und deren Bekämpfung - 28.07.2011 (19)
  8. Goingonearth und Sicherheitscenter deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 09.07.2011 (8)
  9. Mehrere Trojaner - Automatische WIN XP Updates deaktiviert - Sicherheitscenter-Warnung
    Log-Analyse und Auswertung - 14.06.2011 (1)
  10. Goingonearth Befall & Windows Sicherheitscenter deaktiviert
    Mülltonne - 20.04.2011 (1)
  11. Sicherheitscenter und Virenschutz deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 10.04.2011 (19)
  12. Sicherheitscenter deaktiviert sich ständig
    Plagegeister aller Art und deren Bekämpfung - 01.03.2011 (9)
  13. Sicherheitscenter deaktiviert sich ständig
    Plagegeister aller Art und deren Bekämpfung - 20.02.2011 (18)
  14. Sicherheitscenter deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 12.02.2011 (35)
  15. Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 08.02.2011 (23)
  16. Sicherheitscenter deaktiviert sich ständig
    Plagegeister aller Art und deren Bekämpfung - 02.02.2011 (1)
  17. T-DSL Treiber wird immer "Deaktiviert"
    Log-Analyse und Auswertung - 31.10.2007 (13)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojaner - Sicherheitscenter oder Treiber wird deaktiviert - hi, Falls du Namen oder dergleichen findest bitte löschen. OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 1/22/2013 4:10:27 PM - Run 2 OTL by OldTimer - - Trojaner - Sicherheitscenter oder Treiber wird deaktiviert...
Archiv
Du betrachtest: Trojaner - Sicherheitscenter oder Treiber wird deaktiviert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131