Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Adware: Win32/PriceGong

Adware: Win32/PriceGong


Plagegeister aller Art und deren Bekämpfung: Adware: Win32/PriceGong

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 04.05.2013, 17:38   #1
Curly1983
 
Adware: Win32/PriceGong - Standard

Adware: Win32/PriceGong


Hallo,

ich habe folgendes Problem: Mein Laptop läuft seit Tagen nicht mehr richtig und ich bekomme immer wieder vom windows Defender die Nachricht, dass ich eine schädliche Software auf dem Laptop habe: Price Gong.
Im Internet lass ich dann von OTL by Oldtimer, also habe ich es heruntergeladen und auf dem Desktop gespeichert und eingestellt und laufen gelassen.
Leider kann ich jetzt mit dem Ergebnis nichts anfangen.
Ich kenne mich ja etwas mit dem Computer aber das ist mir zu kompliziert.
Ich wäre super nett wenn mir jemand helfen könnte.
Hier das Ergebnis.

OTL txt:
Code:
ATTFilter
OTL logfile created on: 04.05.2013 15:59:21 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Gregor und Silke\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,68 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,41% Memory free
7,36 Gb Paging File | 4,95 Gb Available in Paging File | 67,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 375,63 Gb Free Space | 83,17% Space Free | Partition Type: NTFS
 
Computer Name: ***| User Name: ***| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe ()
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group)
PRC - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)
PRC - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8ee98383179eca974083a41a8ca0c213\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll ()
MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (vToolbarUpdater14.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe ()
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc) -- C:\Programme\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (WMZuneComm) -- C:\Programme\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Programme\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (ePowerSvc) -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (GREGService) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (AdobeActiveFileMonitor8.0) -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (bajiqwxx) -- C:\Windows\SysNative\drivers\bajiqwxx.sys (Microsoft Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-747483867-2591284121-1690063850-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-747483867-2591284121-1690063850-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-747483867-2591284121-1690063850-1002\..\SearchScopes,DefaultScope = {8EE77658-AA7F-4A76-BAD3-A8F61A745F84}
IE - HKU\S-1-5-21-747483867-2591284121-1690063850-1002\..\SearchScopes\{8EE77658-AA7F-4A76-BAD3-A8F61A745F84}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-747483867-2591284121-1690063850-1002\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={35A3ED60-6084-4A43-8C05-4B3C3ACFD385}&mid=6ba55846e8664985b3a08eeed8c9aace-cd6879a2d13c4de0203ae613c70426d1c1976678&lang=de&ds=hk011&pr=&d=2012-10-29 08:35:40&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-747483867-2591284121-1690063850-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.11.02 14:55:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.11.02 14:55:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.11.02 14:55:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.02.18 20:45:35 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-747483867-2591284121-1690063850-1002\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-747483867-2591284121-1690063850-1007..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-747483867-2591284121-1690063850-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-747483867-2591284121-1690063850-1007..\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14AF69AD-2747-4399-ABB4-D99DD63B2F96}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F81B0120-3EBE-4CAE-B25B-D7111FD5C451}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.04 15:58:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gregor und Silke\Desktop\OTL.exe
[2013.05.04 15:24:22 | 000,049,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bajiqwxx.sys
[2013.04.11 13:47:58 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.11 13:47:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.11 13:47:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.11 13:47:55 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.11 13:47:55 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.11 13:47:55 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.11 13:47:55 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.11 13:47:55 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.11 13:47:55 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.11 13:47:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.11 13:47:55 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.11 13:47:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.11 13:47:53 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.11 13:47:53 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.11 13:47:53 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.11 12:39:42 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.04.11 12:39:41 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.04.11 12:39:40 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.04.11 12:39:40 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.04.11 12:39:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.04.11 12:39:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.04.11 12:38:58 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.11 12:38:57 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.11 12:38:57 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.11 12:38:55 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.11 12:38:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.11 12:38:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2012.01.18 17:18:49 | 090,059,424 | ---- | C] (Landesfinanzdirektion Thüringen) -- C:\Program Files\ElsterFormular-13.0.0.8086k.exe
[2011.05.21 20:32:51 | 054,109,912 | ---- | C] (Landesfinanzdirektion Thüringen) -- C:\Program Files\ElsterFormular-12.2.0.6412p.exe
[26 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.04 15:58:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.05.04 15:26:15 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.04 15:26:15 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.04 15:24:24 | 000,049,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bajiqwxx.sys
[2013.05.04 15:21:07 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.04 15:17:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.04 15:17:03 | 2962,255,872 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.13 20:01:59 | 000,299,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.10 20:23:24 | 000,000,017 | ---- | M] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013.04.08 17:22:22 | 001,646,038 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.08 17:22:22 | 000,708,636 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.08 17:22:22 | 000,662,192 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.08 17:22:22 | 000,153,832 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.08 17:22:22 | 000,126,020 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[26 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.10 20:23:24 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012.05.03 13:48:03 | 000,017,408 | ---- | C] () -- C:\Users\Gregor und Silke\AppData\Local\WebpageIcons.db
[2012.01.10 22:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012.01.10 22:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012.01.10 22:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012.01.10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.12.03 19:52:14 | 000,000,130 | ---- | C] () -- C:\Windows\wininit.ini
[2011.09.03 14:36:09 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.09.03 14:36:09 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.05.21 20:59:46 | 001,867,776 | ---- | C] () -- C:\Program Files\iatSky_Installer.msi
[2011.05.21 20:44:46 | 117,349,376 | ---- | C] () -- C:\Program Files\kavkis.msi
[2011.05.21 20:24:19 | 001,623,932 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011.12.08 12:08:49 | 000,000,000 | ---D | M] -- C:\Users\***
\AppData\Roaming\DAEMON Tools Lite
[2011.12.15 09:03:31 | 000,000,000 | ---D | M] -- C:\Users\***
\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2012.01.18 17:14:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular
[2011.07.08 16:38:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FloodLightGames
[2011.07.07 15:21:30 | 000,000,000 | ---D | M] -- C:\Users\
\AppData\Roaming\PlayFirst
[2013.03.22 22:43:24 | 000,000,000 | ---D | M] -- C:\Users\***
\AppData\Roaming\SNS
[2013.04.28 11:56:45 | 000,000,000 | ---D | M] -- C:\Users\***
\AppData\Roaming\SoftGrid Client
[2011.07.10 21:36:25 | 000,000,000 | ---D | M] -- C:\Users\***
\AppData\Roaming\TOMI3
[2011.05.21 20:24:52 | 000,000,000 | ---D | M] -- C:\Users\***
\AppData\Roaming\TP
[2012.04.30 19:59:50 | 000,000,000 | ---D | M] -- C:\Users\***
\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE}
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 163 bytes -> C:\ProgramData\Temp:C798CE3C

< End of report >

Extras:

Code:
ATTFilter
OTL Extras logfile created on: 04.05.2013 15:59:21 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,68 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,41% Memory free
7,36 Gb Paging File | 4,95 Gb Available in Paging File | 67,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 375,63 Gb Free Space | 83,17% Space Free | Partition Type: NTFS
 
Computer Name: ***| User Name: ***| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05EED5B3-E594-414B-B618-483EA55323A2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0681DC1E-F1BE-405C-9B44-8CA429E4C5C6}" = lport=137 | protocol=17 | dir=in | app=system | 
"{1E577221-9134-42E5-B51E-63CB998D8910}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{226DB2F8-EE71-49F9-9FC7-647AC64743BD}" = lport=138 | protocol=17 | dir=in | app=system | 
"{2DFFB78F-DD3F-4496-B944-A934F629CD2C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{343EF911-DF4D-4592-A6F4-71F8B17E53D3}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{43DDF133-E5EC-4A67-9B6A-86774581BB0F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{48B3F002-7619-479B-B9B6-F1229F93354A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{53ACECC9-6C8A-4986-9A53-D4BAA5EDDCDA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{5BCB17E7-321A-4DB0-8AFF-2D7861380070}" = rport=139 | protocol=6 | dir=out | app=system | 
"{62DEBD65-913D-40C0-8B08-50A181259A03}" = lport=445 | protocol=6 | dir=in | app=system | 
"{69C8A1F4-151F-41B6-ADBF-2C21C8ECA878}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{6BD87C97-1F6E-40B2-B526-02896E6D0D5A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{84812C03-2499-47B0-A3B8-5F28E4ED04B3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{89AAEFA7-8EA0-41E5-A0B6-37E634992D35}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{8B8AABA7-7CC2-4F94-AB6B-44B99915422A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8B8C43DE-A6EF-4E97-91D5-B8E39A94BA0F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{91CCE659-1F83-4F91-8309-E75FE2BEFF30}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{94D49C24-3FA0-472C-A67E-E2813A182636}" = lport=1900 | protocol=17 | dir=in | app=%programfiles%\zune\zune.exe | 
"{9C28452B-89F0-400B-8EB8-70A6B5080FE8}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{A8A05876-FC1E-4AFE-92DE-D056385BC9FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{ABA3374B-A2B6-45A2-A7B9-BA815A3C7AC9}" = rport=445 | protocol=6 | dir=out | app=system | 
"{AF0CFA2D-6C34-4D4F-9647-3CC4CE3C97EF}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B4F1662F-4804-42AD-82A1-BBE1653AC7D3}" = rport=137 | protocol=17 | dir=out | app=system | 
"{C95BA621-7944-46D6-96A0-17A17DC32BA6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D284ECF9-6A3B-459B-9353-E127AFA4D913}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D9F3A4C4-C68D-4754-908B-655A1F31C3D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F32C8E08-AFC2-4135-AB37-7FDA709B6359}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F88BFC07-DF52-4002-9DDD-D10085DA5C32}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F95D465F-4E5F-4657-842E-24A3BC3B78EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10AF8BBC-D4F5-4DD6-A907-150FE884E927}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{11888A8C-18E7-4B24-8A24-F31338752E09}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe | 
"{245C58C2-6A9C-4AA5-B4EB-333411D6058C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{28365563-60FB-4B72-A5FD-AC97C288415B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{315A9C90-BD67-4274-A41B-DE680AD3E3F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{66B914BA-574B-4AE4-9C65-B8FFEAEF72C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{6754B299-AC7C-4EF2-AAD9-B647C6F1BFF5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{73BDE9EB-A068-49F3-975D-5FB6C74AF0FF}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{7B30B450-EE68-4BE6-9C5C-82D016261034}" = protocol=6 | dir=out | app=system | 
"{7F8FAF63-FDAE-4C7E-8F60-ADABDCE40DB3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{8EE7A63C-DFCE-40FF-81E7-8B83BF1CBF6C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{90328F96-CDA8-4C12-82EB-759248F1EE5D}" = protocol=6 | dir=out | app=system | 
"{9B5E2C2B-6DDA-47B5-9FB1-95E2279E9A65}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{A0E634F8-4473-49B3-9F0C-0F4617343D95}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{A9E68CA3-AE45-471D-89B5-B0CCBC9502F3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{BBB61847-639C-4798-A50F-7BE75DE5ADB9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BE6FF84E-3C26-4CCC-BF59-3CB12E05F03A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C0876DCA-2E39-478D-901E-D4CBCA1ABF36}" = protocol=6 | dir=out | app=system | 
"{CBFAB833-CE29-4BF1-A514-41368167A967}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{D2635890-F411-4E16-85AA-EABEB6B7D737}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D84DAE47-8A0B-4B5A-993B-3963B985D26C}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{DA22B915-0D59-4A51-B73D-546820CC6282}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E2532166-BC84-4C3F-AB6C-E347B21BE158}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E90CF593-C6C6-4FE7-8030-74406D4569AB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F13E4266-3EAD-4DE1-80E6-56023B65ED71}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe | 
"{FB255EB6-1AE9-4FCB-AB7A-55A711E760C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FDAD55D6-D80B-48F7-8A49-CAA9DA9CE4BD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"TCP Query User{4CEF7988-405D-4756-8E91-4F40DC2A8A3A}C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe" = protocol=6 | dir=in | app=c:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe | 
"UDP Query User{0B4B3A67-BA13-4899-89EB-C80AFA5AA183}C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe" = protocol=17 | dir=in | app=c:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}" = WinZip 16.5
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Zune" = Zune
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69D2A189-A45B-45E8-801F-6D7858EA1933}" = Brickshooter
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell" = WildTangent Games App (Packard Bell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7be494e3-e911-4bce-9323-a37bacf445a6}" = Nero 9 Essentials
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{83299633-1261-47A3-84F3-6F02B4B8CDB1}" = Video Web Camera
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.4 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Art of Murder 2/DE-German_is1" = Die Kunst des Mordens: Der Marionettenspieler
"AVG Secure Search" = AVG Security Toolbar
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"DungeonSiege 1.0" = Dungeon Siege
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ElsterFormular 13.0.0.8086k" = ElsterFormular
"ElsterFormular für Privatanwender 12.2.0.6412p" = ElsterFormular-Upgrade
"EPSON Scanner" = EPSON Scan
"Filzip 3.0.6.93_is1" = Filzip 3.06
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.12.908
"Identity Card" = Identity Card
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"LManager" = Launch Manager
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Welcome Center" = Welcome Center
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT088216" = Agatha Christie - Death on the Nile
"WT088226" = Bejeweled 2 Deluxe
"WT088228" = Build-a-lot 2
"WT088235" = Chuzzle Deluxe
"WT088238" = Diner Dash 2 Restaurant Rescue
"WT088260" = Farm Frenzy
"WT088268" = Insaniquarium Deluxe
"WT088269" = Jewel Quest Solitaire 2
"WT088283" = Plants vs. Zombies
"WT088292" = Zuma Deluxe
"WT088416" = FATE
"WT088420" = Final Drive Nitro
"WT088448" = John Deere Drive Green
"WT088452" = Penguins!
"WT088456" = Polar Bowler
"WT088460" = Polar Golfer
"WT088508" = Virtual Villagers 4 - The Tree of Life
"WT088531" = Zuma's Revenge
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 03.12.2012 14:32:02 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16455,
 Zeitstempel: 0x507284ba  Name des fehlerhaften Moduls: nvumdshim.dll, Version: 8.17.12.8026,
 Zeitstempel: 0x4e390a54  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000034fd  ID des fehlerhaften
 Prozesses: 0x1510  Startzeit der fehlerhaften Anwendung: 0x01cdd17d3d3147fd  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\nvumdshim.dll  Berichtskennung: badac750-3d77-11e2-9485-1c7508a90faf
 
Error - 03.12.2012 14:32:19 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16455,
 Zeitstempel: 0x507284ba  Name des fehlerhaften Moduls: nvumdshim.dll, Version: 8.17.12.8026,
 Zeitstempel: 0x4e390a54  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000034fd  ID des fehlerhaften
 Prozesses: 0xc04  Startzeit der fehlerhaften Anwendung: 0x01cdd1847f651217  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\nvumdshim.dll  Berichtskennung: c4738233-3d77-11e2-9485-1c7508a90faf
 
Error - 10.12.2012 14:30:59 | Computer Name = ***| Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 11.12.2012 08:22:03 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16455,
 Zeitstempel: 0x507284ba  Name des fehlerhaften Moduls: nvumdshim.dll, Version: 8.17.12.8026,
 Zeitstempel: 0x4e390a54  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000350a  ID des fehlerhaften
 Prozesses: 0x1304  Startzeit der fehlerhaften Anwendung: 0x01cdd797f1b9cf4c  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\nvumdshim.dll  Berichtskennung: 5e4dffca-438d-11e2-8a0f-1c7508a90faf
 
Error - 11.12.2012 10:06:00 | Computer Name = *** | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 12.12.2012 10:31:02 | Computer Name = *** | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 13.12.2012 09:09:04 | Computer Name = *** | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 14.12.2012 02:20:02 | Computer Name = ***| Source = CVHSVC | ID = 100
Description = Nur zur Information.  Failed to Start the CVH service 1063
 
Error - 17.12.2012 07:58:24 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16457,
 Zeitstempel: 0x50a2f9e3  Name des fehlerhaften Moduls: AcroPDF.dll, Version: 9.5.2.295,
 Zeitstempel: 0x50170017  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000188b9  ID des fehlerhaften
 Prozesses: 0x1068  Startzeit der fehlerhaften Anwendung: 0x01cddc4a3f3800d9  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll
Berichtskennung:
 0f36c538-4841-11e2-9074-1c7508a90faf
 
Error - 17.12.2012 07:58:28 | Computer Name = ***| Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16457,
 Zeitstempel: 0x50a2f9e3  Name des fehlerhaften Moduls: AcroPDF.dll, Version: 9.5.2.295,
 Zeitstempel: 0x50170017  Ausnahmecode: 0xc000041d  Fehleroffset: 0x000188b9  ID des fehlerhaften
 Prozesses: 0x1068  Startzeit der fehlerhaften Anwendung: 0x01cddc4a3f3800d9  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll
Berichtskennung:
 114bf975-4841-11e2-9074-1c7508a90faf
 
[ System Events ]
Error - 01.05.2013 12:17:46 | Computer Name = *** | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde nicht
 richtig gestartet.
 
Error - 01.05.2013 12:29:53 | Computer Name = *** | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?01.?05.?2013 um 18:28:12 unerwartet heruntergefahren.
 
Error - 01.05.2013 12:36:32 | Computer Name =***| Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
 
Error - 02.05.2013 03:18:22 | Computer Name = *** | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst WPDBusEnum erreicht.
 
Error - 02.05.2013 03:18:52 | Computer Name = *** | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SysMain erreicht.
 
Error - 02.05.2013 13:43:25 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
 
Error - 02.05.2013 13:44:04 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.
 
Error - 02.05.2013 13:45:30 | Computer Name = *** | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?02.?05.?2013 um 19:44:18 unerwartet heruntergefahren.
 
Error - 04.05.2013 09:20:33 | Computer Name = *** | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SysMain erreicht.
 
Error - 04.05.2013 09:21:06 | Computer Name = Gernoth | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X64" wurde unerwartet
 beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden
 in 120000 Millisekunden durchgeführt: Neustart des Diensts.
 
 
< End of report >

Vielleicht kann mir jemand helfen. Wäre sehr sehr nett

 

Themen zu Adware: Win32/PriceGong
avg secure search, avg security toolbar, bho, cid, computer, converter, desktop, diner dash, ebay, error, failed, firefox, flash player, home, iexplore.exe, install.exe, internet, kaspersky, launch, logfile, microsoft office starter 2010, mp3, nvpciflt.sys, packard bell, problem, realtek, registry, richtlinie, scan, secure search, security, software, super, svchost.exe, tastatur, vtoolbarupdater, wildtangent games, windows


« Virenbefall - Bildschirm blockiert | Malware: Fake-Urheberrechts Sperre »


Ähnliche Themen: Adware: Win32/PriceGong


  1. Win32:Malware-gen, Win32:Adware-gen, Win32:rookit-gen können nicht gelöscht werden
    Log-Analyse und Auswertung - 17.11.2015 (16)
  2. Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J
    Plagegeister aller Art und deren Bekämpfung - 13.09.2015 (12)
  3. Mehrere Viren gefuden: Win32.Adware.OfferMosquito.A und Win32.Trojan.Agent.KQF
    Log-Analyse und Auswertung - 19.09.2014 (23)
  4. Rechner nach Fund von win32: rootkit-gen [Rtk] & win32 Adware-gen [Adw] wirklich sauber?
    Log-Analyse und Auswertung - 30.08.2014 (17)
  5. Hab mir Adware Bettersurf Win32 eingefangen, eine Adware die unerwünschte Werbungen im Browser aufzeigt, siehe Beschreibung
    Log-Analyse und Auswertung - 10.03.2014 (1)
  6. Adware not-a-virus:AdWare.Win32.Agent.ahbx
    Plagegeister aller Art und deren Bekämpfung - 11.12.2013 (1)
  7. ESET Funde: Win32/Adware.Lollipop.D , Win32/Bundled.Toolbar.Ask.D
    Plagegeister aller Art und deren Bekämpfung - 05.10.2013 (23)
  8. Adware Win32 Pricegong
    Plagegeister aller Art und deren Bekämpfung - 28.03.2013 (17)
  9. windows defender-warnung Adware: win32/PriceGong
    Plagegeister aller Art und deren Bekämpfung - 20.02.2013 (40)
  10. Adware Win32 Pricegong
    Plagegeister aller Art und deren Bekämpfung - 04.02.2013 (27)
  11. Win32/PriceGong DefenderWarnung
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (1)
  12. 70 ausgehende Verbindungen lt. Comodo o. Aktivität, div.Funde:Win32/Adware.ADON, Adware.F1 Organizer
    Plagegeister aller Art und deren Bekämpfung - 31.08.2010 (5)
  13. Windows Warning: Win32/Adware.Virtumonde & Win32/PrivacyRemover.M64 detected
    Log-Analyse und Auswertung - 05.10.2008 (13)
  14. Hilfe, mein Computer zeigtan: WIN32/Adware.Virtumonde&Win32/PrivacyRemover.M64
    Log-Analyse und Auswertung - 25.08.2008 (2)
  15. Win32:Trojan-gen, Win32:Rootkit-gen, Win32:Adware-gen gefunden!
    Log-Analyse und Auswertung - 14.07.2008 (1)
  16. Adware not-a-virus:AdWare.Win32.Vapsup.ho
    Log-Analyse und Auswertung - 25.10.2007 (8)
  17. Infiziert: Adware not-a-virus:AdWare.Win32.180Solutions.bj
    Log-Analyse und Auswertung - 07.10.2007 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Adware: Win32/PriceGong - Hallo, ich habe folgendes Problem: Mein Laptop läuft seit Tagen nicht mehr richtig und ich bekomme immer wieder vom windows Defender die Nachricht, dass ich eine schädliche Software auf dem - Adware: Win32/PriceGong...
Archiv
Du betrachtest: Adware: Win32/PriceGong auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131