Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
GVU Trojaner, Windows7

GVU Trojaner, Windows7


Plagegeister aller Art und deren Bekämpfung: GVU Trojaner, Windows7

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 29.05.2013, 14:46   #7
Hulkster
 
GVU Trojaner, Windows7 - Standard

GVU Trojaner, Windows7


Im Anhang befindet sich die Extras.txt Datei, die OTL.txt ist leider zu groß zum Anhängen (Die Datei, die Sie anhängen möchten, ist zu groß. Die maximale Dateigröße für diesen Dateityp beträgt 97,7 KB. Ihre Datei ist 117,9 KB groß. )

Ich füge den Inhalt mal hier im CODE ein, hoffe das ist i.O. so.

Code:
ATTFilter
OTL logfile created on: 5/29/2013 8:33:59 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = F: | %SystemRoot% = F:\Windows | %ProgramFiles% = F:\Program Files
Drive C: | 100.00 Mb Total Space | 75.40 Mb Free Space | 75.40% Space Free | Partition Type: NTFS
Drive D: | 987.72 Mb Total Space | 374.13 Mb Free Space | 37.88% Space Free | Partition Type: FAT
Drive F: | 565.07 Gb Total Space | 513.31 Gb Free Space | 90.84% Space Free | Partition Type: NTFS
Drive G: | 30.00 Gb Total Space | 9.23 Gb Free Space | 30.76% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2013/05/29 07:12:33 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- F:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/05 04:54:40 | 000,233,472 | ---- | M] (Teruten) [Auto] -- F:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto] -- F:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/29 04:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand] -- F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/12 07:24:03 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- F:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/12 07:24:03 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- F:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/11/03 10:24:56 | 000,018,432 | ---- | M] () [Auto] -- F:\Users\Medion\AppData\LocalLow\AdobeAir\IE\AdobeAirUpdater.exe -- (AdobeAirUpdater)
SRV - [2011/10/27 05:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand] -- F:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/08/17 06:04:36 | 000,247,872 | ---- | M] () [Auto] -- F:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2011/04/01 06:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand] -- F:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 06:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- F:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/07/27 02:05:14 | 001,620,584 | ---- | M] (NVIDIA Corporation) [Auto] -- F:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/05/10 15:28:50 | 002,320,920 | ---- | M] (Intel Corporation) [Auto] -- F:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/05/10 15:28:50 | 000,268,824 | ---- | M] (Intel Corporation) [Auto] -- F:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/03/03 23:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- F:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/11/07 06:46:52 | 000,020,480 | ---- | M] (X10) [Auto] -- F:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)
SRV - [2009/10/22 20:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand] -- F:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- F:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- F:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/24 06:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto] -- F:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2013/04/03 03:58:16 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- F:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2013/04/03 03:58:16 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- F:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2013/02/05 04:54:40 | 000,037,344 | ---- | M] () [Kernel | On_Demand] -- F:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2012/05/12 07:24:03 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- F:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/12 07:24:03 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- F:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/19 11:56:15 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- F:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/08/17 05:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand] -- F:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011/08/17 05:03:50 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand] -- F:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011/08/17 04:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- F:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/08/17 04:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- F:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/08/17 04:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand] -- F:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/08/17 04:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- F:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/07/26 10:27:00 | 010,325,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/07/26 10:27:00 | 000,019,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- F:\Windows\System32\drivers\nvpciflt.sys -- (nvpciflt)
DRV - [2010/06/21 03:14:36 | 000,246,272 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV - [2010/06/17 10:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- F:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/24 09:46:34 | 000,193,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- F:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/05/10 15:28:49 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- F:\Windows\system32\DRIVERS\HECI.sys -- (HECI) Intel(R)
DRV - [2010/04/27 03:28:46 | 000,146,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- F:\Windows\system32\DRIVERS\nusb3xhc.sys -- (nusb3xhc)
DRV - [2010/04/27 03:27:50 | 000,064,904 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- F:\Windows\system32\DRIVERS\nusb3hub.sys -- (nusb3hub)
DRV - [2010/04/01 05:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- F:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010/03/04 11:53:08 | 000,067,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- F:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/02/26 17:01:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- F:\Windows\system32\DRIVERS\Impcd.sys -- (Impcd)
DRV - [2009/11/19 09:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)
DRV - [2009/11/19 09:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)
DRV - [2009/11/19 09:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009/11/19 09:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)
DRV - [2009/11/19 09:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)
DRV - [2009/11/19 09:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009/11/19 09:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009/08/13 02:39:40 | 000,786,400 | ---- | M] (DiBcom SA) [Kernel | On_Demand] -- F:\Windows\System32\drivers\mod7700.sys -- (mod7700)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- F:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/05/13 15:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- F:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2009/05/13 15:26:26 | 000,013,720 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- F:\Windows\System32\Drivers\x10hid.sys -- (X10Hid)
DRV - [2008/08/26 05:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- F:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - F:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_F\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - F:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
IE - HKU\Medion_ON_F\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://medion.msn.com
IE - HKU\Medion_ON_F\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.aldi.com [binary data]
IE - HKU\Medion_ON_F\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Medion_ON_F\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\Medion_ON_F\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Medion_ON_F\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\Medion_ON_F\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Medion_ON_F\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - F:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\Medion_ON_F\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - F:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Medion_ON_F\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_F\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - F:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
 
IE - HKU\UpdatusUser_ON_F\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - F:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: F:\Windows\System32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: F:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: F:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: F:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: F:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: F:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: F:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2011/12/03 14:18:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/20 05:36:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011/12/03 14:18:11 | 000,000,000 | ---D | M]
 
[2012/12/23 17:54:00 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions
[2012/12/23 17:54:00 | 000,000,000 | ---D | M] (Default) -- F:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/11/29 04:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- F:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/29 05:19:31 | 000,001,392 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/11/29 05:19:31 | 000,002,465 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/29 05:19:31 | 000,001,153 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/11/29 05:19:31 | 000,003,581 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\google.xml
[2012/11/29 05:19:32 | 000,006,805 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/11/29 05:19:31 | 000,001,178 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/11/29 05:19:31 | 000,001,105 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - F:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (QuickShare WidgetEngine) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - F:\Windows\System32\mscoree.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - F:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - F:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AdobeAir) - {DCA971EE-CB86-4592-AE52-A45B2E257A12} - F:\Users\Medion\AppData\LocalLow\AdobeAir\IE\AdobeAir.dll (Adobe Systems Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - F:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - F:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (QuickShare Widget) - {ae07101b-46d4-4a98-af68-0333ea26e113} - F:\Windows\System32\mscoree.dll (Microsoft Corporation)
O3 - HKU\Medion_ON_F\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] F:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] F:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] F:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HotkeyApp] F:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [HotKeysCmds] F:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] F:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] F:\Users\Medion\Desktop\*****\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LMgrOSD]  File not found
O4 - HKLM..\Run: [LMgrVolOSD] F:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [NUSB3MON] F:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Persistence] F:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVBg] F:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [RtHDVCpl] F:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] F:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] F:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [Wbutton] F:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKU\LocalService_ON_F..\Run: [Sidebar] F:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Medion_ON_F..\Run: [] F:\Users\Medion\Desktop\*****\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\Medion_ON_F..\Run: [KiesAirMessage] F:\Users\Medion\Desktop\*****\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\Medion_ON_F..\Run: [KiesPreload] F:\Users\Medion\Desktop\*****\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\Medion_ON_F..\Run: [Sidebar] F:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_F..\Run: [Sidebar] F:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_F..\Run: [Sidebar] F:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_F..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_F..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_F..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_F..\RunOnce: [Screensaver] F:\Windows\Web\Wallpaper\MEDION\start.vbs ()
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\Medion_ON_F\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Medion_ON_F\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\Medion_ON_F\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - F:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - F:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - F:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - F:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - F:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - F:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - F:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - F:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - F:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - F:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - F:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - F:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - F:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - F:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - F:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - F:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - F:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - F:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - F:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - F:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - F:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - F:\Program Files\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - F:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - F:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - F:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - F:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - F:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - F:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - F:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - F:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - F:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - F:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - F:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - F:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\nvinit.dll) - F:\Windows\System32\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - F:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - F:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - F:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Medion_ON_F Winlogon: Shell - (explorer.exe) - F:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Medion_ON_F Winlogon: Shell - (C:\Users\Medion\AppData\Roaming\skype.dat) - F:\Users\Medion\AppData\Roaming\skype.dat ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - F:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29 - HKLM SecurityProviders - (credssp.dll) - F:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - F:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - F:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - F:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - F:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - F:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - F:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - F:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - F:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/05/26 16:17:27 | 002,877,440 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\jscript9.dll
[2013/05/26 16:17:27 | 002,706,432 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\mshtml.tlb
[2013/05/26 16:17:27 | 000,745,472 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\MsSpellCheckingFacility.exe
[2013/05/26 16:17:27 | 000,690,688 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\jscript.dll
[2013/05/26 16:17:27 | 000,523,264 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\vbscript.dll
[2013/05/26 16:17:27 | 000,493,056 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\msfeeds.dll
[2013/05/26 16:17:27 | 000,391,168 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ieui.dll
[2013/05/26 16:17:27 | 000,185,344 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\elshyph.dll
[2013/05/26 16:17:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\msrating.dll
[2013/05/26 16:17:27 | 000,158,720 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\msls31.dll
[2013/05/26 16:17:27 | 000,150,528 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\iexpress.exe
[2013/05/26 16:17:27 | 000,138,752 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\wextract.exe
[2013/05/26 16:17:27 | 000,137,216 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ieUnatt.exe
[2013/05/26 16:17:27 | 000,117,248 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\iepeers.dll
[2013/05/26 16:17:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\IEAdvpack.dll
[2013/05/26 16:17:27 | 000,109,056 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\iesysprep.dll
[2013/05/26 16:17:27 | 000,082,432 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\inseng.dll
[2013/05/26 16:17:27 | 000,073,728 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\SetIEInstalledDate.exe
[2013/05/26 16:17:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\RegisterIEPKEYs.exe
[2013/05/26 16:17:27 | 000,057,344 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\pngfilt.dll
[2013/05/26 16:17:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\mshtmler.dll
[2013/05/26 16:17:27 | 000,041,984 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\msfeedsbs.dll
[2013/05/26 16:17:27 | 000,039,424 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\jsproxy.dll
[2013/05/26 16:17:27 | 000,038,400 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\imgutil.dll
[2013/05/26 16:17:27 | 000,011,776 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\msfeedssync.exe
[2013/05/26 16:17:26 | 001,441,280 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\inetcpl.cpl
[2013/05/26 16:17:26 | 001,400,416 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ieapfltr.dat
[2013/05/26 16:17:26 | 000,719,360 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\mshtmlmedia.dll
[2013/05/26 16:17:26 | 000,629,248 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ieapfltr.dll
[2013/05/26 16:17:26 | 000,361,984 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\html.iec
[2013/05/26 16:17:26 | 000,357,888 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\dxtmsft.dll
[2013/05/26 16:17:26 | 000,242,200 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\iedkcs32.dll
[2013/05/26 16:17:26 | 000,232,960 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\url.dll
[2013/05/26 16:17:26 | 000,226,816 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\dxtrans.dll
[2013/05/26 16:17:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\iesetup.dll
[2013/05/26 16:17:26 | 000,042,496 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ie4uinit.exe
[2013/05/26 16:17:26 | 000,033,280 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\iernonce.dll
[2013/05/26 16:17:26 | 000,023,040 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\licmgr10.dll
[2013/05/26 16:16:43 | 003,419,136 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\d2d1.dll
[2013/05/26 16:16:43 | 002,284,544 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\msmpeg2vdec.dll
[2013/05/26 16:16:43 | 001,988,096 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\d3d10warp.dll
[2013/05/26 16:16:43 | 001,504,768 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\d3d11.dll
[2013/05/26 16:16:43 | 001,247,744 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\DWrite.dll
[2013/05/26 16:16:43 | 001,158,144 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\XpsPrint.dll
[2013/05/26 16:16:43 | 001,080,832 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\d3d10.dll
[2013/05/26 16:16:43 | 000,604,160 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\d3d10level9.dll
[2013/05/26 16:16:43 | 000,417,792 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\WMPhoto.dll
[2013/05/26 16:16:43 | 000,364,544 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\XpsGdiConverter.dll
[2013/05/26 16:16:43 | 000,249,856 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\d3d10_1core.dll
[2013/05/26 16:16:43 | 000,220,160 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\d3d10core.dll
[2013/05/26 16:16:43 | 000,207,872 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\WindowsCodecsExt.dll
[2013/05/26 16:16:43 | 000,161,792 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\d3d10_1.dll
[2013/05/26 16:16:43 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/26 16:16:43 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/26 16:16:43 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/26 16:16:43 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/26 16:16:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/26 16:16:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/26 16:16:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/26 16:16:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/26 16:16:43 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/26 16:16:42 | 000,293,376 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\dxgi.dll
[2013/05/26 16:16:42 | 000,187,392 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\UIAnimation.dll
[2013/05/14 14:49:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\wwanprotdim.dll
[2013/05/14 14:49:32 | 002,347,520 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\win32k.sys
[2013/05/14 14:49:24 | 000,218,984 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\drivers\dxgmms1.sys
[2013/05/14 14:49:21 | 001,796,096 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\authui.dll
[2013/05/14 14:49:21 | 000,101,720 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\consent.exe
[2013/04/30 15:58:21 | 000,000,000 | ---D | C] -- F:\Users\Public\Documents\CrashDump
[2012/01/10 15:14:34 | 000,004,096 | ---- | C] ( ) -- F:\Windows\System32\IGFXDEVLib.dll
[1 F:\Windows\*.tmp files -> F:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/05/29 10:35:24 | 000,067,584 | --S- | M] () -- F:\Windows\bootstat.dat
[2013/05/29 10:35:13 | 000,000,004 | ---- | M] () -- F:\Users\Medion\AppData\Roaming\skype.ini
[2013/05/29 10:34:57 | 000,009,888 | -H-- | M] () -- F:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/29 10:34:57 | 000,009,888 | -H-- | M] () -- F:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/29 10:31:47 | 000,654,400 | ---- | M] () -- F:\Windows\System32\perfh007.dat
[2013/05/29 10:31:47 | 000,616,242 | ---- | M] () -- F:\Windows\System32\perfh009.dat
[2013/05/29 10:31:47 | 000,130,240 | ---- | M] () -- F:\Windows\System32\perfc007.dat
[2013/05/29 10:31:47 | 000,106,622 | ---- | M] () -- F:\Windows\System32\perfc009.dat
[2013/05/29 10:27:24 | 2558,595,072 | -HS- | M] () -- F:\hiberfil.sys
[2013/05/29 09:13:33 | 000,000,884 | ---- | M] () -- F:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/29 07:12:25 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- F:\Windows\System32\FlashPlayerApp.exe
[2013/05/29 07:12:25 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- F:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/05/26 16:17:27 | 002,877,440 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\jscript9.dll
[2013/05/26 16:17:27 | 002,706,432 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\mshtml.tlb
[2013/05/26 16:17:27 | 000,745,472 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\MsSpellCheckingFacility.exe
[2013/05/26 16:17:27 | 000,690,688 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\jscript.dll
[2013/05/26 16:17:27 | 000,523,264 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\vbscript.dll
[2013/05/26 16:17:27 | 000,493,056 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\msfeeds.dll
[2013/05/26 16:17:27 | 000,391,168 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\ieui.dll
[2013/05/26 16:17:27 | 000,185,344 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\elshyph.dll
[2013/05/26 16:17:27 | 000,163,840 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\msrating.dll
[2013/05/26 16:17:27 | 000,158,720 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\msls31.dll
[2013/05/26 16:17:27 | 000,150,528 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\iexpress.exe
[2013/05/26 16:17:27 | 000,138,752 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\wextract.exe
[2013/05/26 16:17:27 | 000,137,216 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\ieUnatt.exe
[2013/05/26 16:17:27 | 000,117,248 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\iepeers.dll
[2013/05/26 16:17:27 | 000,110,592 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\IEAdvpack.dll
[2013/05/26 16:17:27 | 000,109,056 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\iesysprep.dll
[2013/05/26 16:17:27 | 000,082,432 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\inseng.dll
[2013/05/26 16:17:27 | 000,073,728 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\SetIEInstalledDate.exe
[2013/05/26 16:17:27 | 000,071,680 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\RegisterIEPKEYs.exe
[2013/05/26 16:17:27 | 000,057,344 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\pngfilt.dll
[2013/05/26 16:17:27 | 000,048,640 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\mshtmler.dll
[2013/05/26 16:17:27 | 000,041,984 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\msfeedsbs.dll
[2013/05/26 16:17:27 | 000,039,424 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\jsproxy.dll
[2013/05/26 16:17:27 | 000,038,400 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\imgutil.dll
[2013/05/26 16:17:27 | 000,011,776 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\msfeedssync.exe
[2013/05/26 16:17:26 | 001,441,280 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\inetcpl.cpl
[2013/05/26 16:17:26 | 001,400,416 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\ieapfltr.dat
[2013/05/26 16:17:26 | 000,719,360 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\mshtmlmedia.dll
[2013/05/26 16:17:26 | 000,629,248 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\ieapfltr.dll
[2013/05/26 16:17:26 | 000,361,984 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\html.iec
[2013/05/26 16:17:26 | 000,357,888 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\dxtmsft.dll
[2013/05/26 16:17:26 | 000,242,200 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\iedkcs32.dll
[2013/05/26 16:17:26 | 000,232,960 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\url.dll
[2013/05/26 16:17:26 | 000,226,816 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\dxtrans.dll
[2013/05/26 16:17:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\iesetup.dll
[2013/05/26 16:17:26 | 000,042,496 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\ie4uinit.exe
[2013/05/26 16:17:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\iernonce.dll
[2013/05/26 16:17:26 | 000,025,185 | ---- | M] () -- F:\Windows\System32\ieuinit.inf
[2013/05/26 16:17:26 | 000,023,040 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\licmgr10.dll
[2013/05/26 16:16:43 | 003,419,136 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\d2d1.dll
[2013/05/26 16:16:43 | 002,284,544 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\msmpeg2vdec.dll
[2013/05/26 16:16:43 | 001,988,096 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\d3d10warp.dll
[2013/05/26 16:16:43 | 001,504,768 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\d3d11.dll
[2013/05/26 16:16:43 | 001,247,744 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\DWrite.dll
[2013/05/26 16:16:43 | 001,158,144 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\XpsPrint.dll
[2013/05/26 16:16:43 | 001,080,832 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\d3d10.dll
[2013/05/26 16:16:43 | 000,604,160 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\d3d10level9.dll
[2013/05/26 16:16:43 | 000,417,792 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\WMPhoto.dll
[2013/05/26 16:16:43 | 000,364,544 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\XpsGdiConverter.dll
[2013/05/26 16:16:43 | 000,293,376 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\dxgi.dll
[2013/05/26 16:16:43 | 000,249,856 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\d3d10_1core.dll
[2013/05/26 16:16:43 | 000,220,160 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\d3d10core.dll
[2013/05/26 16:16:43 | 000,207,872 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\WindowsCodecsExt.dll
[2013/05/26 16:16:43 | 000,161,792 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\d3d10_1.dll
[2013/05/26 16:16:43 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/26 16:16:43 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/26 16:16:43 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/26 16:16:43 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/26 16:16:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/26 16:16:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/26 16:16:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/26 16:16:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/26 16:16:43 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/26 16:16:42 | 000,187,392 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\UIAnimation.dll
[2013/05/26 16:04:05 | 000,430,872 | ---- | M] () -- F:\Windows\System32\FNTCACHE.DAT
[2013/05/01 20:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\MpSigStub.exe
[2013/04/30 15:20:27 | 000,001,111 | ---- | M] () -- F:\Users\Medion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk
[1 F:\Windows\*.tmp files -> F:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/05/26 16:17:26 | 000,025,185 | ---- | C] () -- F:\Windows\System32\ieuinit.inf
[2013/05/26 15:51:27 | 000,000,004 | ---- | C] () -- F:\Users\Medion\AppData\Roaming\skype.ini
[2013/02/16 17:19:48 | 000,110,592 | ---- | C] () -- F:\Windows\System32\FsUsbExDevice.Dll
[2013/02/16 17:19:48 | 000,037,344 | ---- | C] () -- F:\Windows\System32\FsUsbExDisk.Sys
[2012/12/18 05:06:10 | 000,030,568 | ---- | C] () -- F:\Windows\MusiccityDownload.exe
[2012/12/18 05:06:06 | 000,974,848 | ---- | C] () -- F:\Windows\System32\cis-2.4.dll
[2012/12/18 05:06:06 | 000,081,920 | ---- | C] () -- F:\Windows\System32\issacapi_bs-2.3.dll
[2012/12/18 05:06:06 | 000,065,536 | ---- | C] () -- F:\Windows\System32\issacapi_pe-2.3.dll
[2012/12/18 05:06:06 | 000,057,344 | ---- | C] () -- F:\Windows\System32\issacapi_se-2.3.dll
[2012/09/06 15:34:35 | 000,000,400 | ---- | C] () -- F:\Windows\ODBC.INI
[2012/08/05 13:36:38 | 000,000,530 | ---- | C] () -- F:\Windows\eReg.dat
[2012/01/12 13:52:10 | 000,058,880 | ---- | C] () -- F:\Users\Medion\AppData\Roaming\skype.dat
[2012/01/10 15:29:54 | 013,904,384 | ---- | C] () -- F:\Windows\System32\ig4icd32.dll
[2011/11/12 15:57:25 | 000,252,928 | ---- | C] () -- F:\Windows\System32\DShowRdpFilter.dll
[2011/08/31 14:46:18 | 000,128,204 | ---- | C] () -- F:\Windows\System32\igcompkrng575.bin
[2011/08/31 14:46:12 | 000,105,608 | ---- | C] () -- F:\Windows\System32\igfcg575m.bin
[2011/08/31 14:46:10 | 000,867,020 | ---- | C] () -- F:\Windows\System32\igkrng575.bin
[2011/08/31 14:13:52 | 000,094,208 | ---- | C] () -- F:\Windows\System32\IccLibDll.dll
[2010/08/13 18:50:46 | 000,127,184 | ---- | C] () -- F:\Windows\Unwise.exe
[2010/08/13 18:50:45 | 000,149,504 | ---- | C] () -- F:\Windows\unwise32_setup.exe
[2010/08/09 09:26:45 | 000,451,072 | ---- | C] () -- F:\Windows\System32\ISSRemoveSP.exe
[2010/08/09 08:23:48 | 000,072,017 | ---- | C] () -- F:\Windows\System32\Uninstall ALDI SÜD Mah Jong.exe
[2010/08/09 00:37:38 | 000,000,151 | ---- | C] () -- F:\Windows\System32\GfxUI.exe.config
[2010/07/27 02:56:50 | 000,408,168 | ---- | C] () -- F:\Windows\System32\easyUpdatusAPIU.dll
[2010/07/27 02:56:50 | 000,352,325 | ---- | C] () -- F:\Windows\System32\nvcoproc.bin
[2010/05/12 09:13:56 | 000,654,400 | ---- | C] () -- F:\Windows\System32\perfh007.dat
[2010/05/12 09:13:56 | 000,295,922 | ---- | C] () -- F:\Windows\System32\perfi007.dat
[2010/05/12 09:13:56 | 000,130,240 | ---- | C] () -- F:\Windows\System32\perfc007.dat
[2010/05/12 09:13:56 | 000,038,104 | ---- | C] () -- F:\Windows\System32\perfd007.dat
[2009/10/06 03:16:02 | 000,819,200 | ---- | C] () -- F:\Windows\System32\xvidcore.dll
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- F:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,430,872 | ---- | C] () -- F:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,616,242 | ---- | C] () -- F:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- F:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,106,622 | ---- | C] () -- F:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- F:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- F:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- F:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- F:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- F:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- F:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- F:\Windows\System32\mlang.dat
[2003/02/20 11:53:42 | 000,005,702 | ---- | C] () -- F:\Windows\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Application Data
[2012/01/10 06:31:35 | 000,000,000 | -H-D | M] -- F:\ProgramData\CanonBJ
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Documents
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Favorites
[2013/04/15 17:11:25 | 000,000,000 | ---D | M] -- F:\ProgramData\IBUpdaterService
[2011/11/09 13:20:21 | 000,000,000 | ---D | M] -- F:\ProgramData\ICQ
[2011/12/03 14:18:07 | 000,000,000 | ---D | M] -- F:\ProgramData\Nokia
[2011/12/03 14:16:45 | 000,000,000 | ---D | M] -- F:\ProgramData\NokiaInstallerCache
[2011/12/03 14:18:54 | 000,000,000 | ---D | M] -- F:\ProgramData\PC Suite
[2012/04/01 16:17:55 | 000,000,000 | ---D | M] -- F:\ProgramData\PopCap Games
[2012/04/01 16:10:06 | 000,000,000 | ---D | M] -- F:\ProgramData\PopCapY
[2013/04/21 15:42:08 | 000,000,000 | ---D | M] -- F:\ProgramData\Samsung
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Start Menu
[2010/08/14 14:03:19 | 000,000,000 | ---D | M] -- F:\ProgramData\Temp
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- F:\ProgramData\Templates
[2010/08/13 18:51:56 | 000,000,000 | ---D | M] -- F:\ProgramData\X10 Settings
[2013/03/31 12:54:04 | 000,032,640 | ---- | M] () -- F:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >

 

Themen zu GVU Trojaner, Windows7
0x0000007b, 0xc0000034, abgesicherten, automatisch, beseitigen, beseitigung, betriebssystem, bildschirm, bluescreen, booten, bruder, direkt, forum, hallo zusammen, information, laptop, modus, neu, startbildschirm, starten, startet, stop: 0x0000007b (0xf78da528, trojaner, weiße, windows, windows 7, windows xp


« Problem mit dem PC Start und SoftwareUpdater.ui.exe | Backdoor.Generic12.CDKZ nach Einschalten einer PPPoE Pass Through-Verbindung im öffentlichen Benutzer-Ordner (Win7/64bit) entdeckt »


Ähnliche Themen: GVU Trojaner, Windows7


  1. Windows7 - Trojaner(?) blockiert Virenscanner etc
    Log-Analyse und Auswertung - 13.06.2014 (13)
  2. Interpol-BKA Trojaner / Windows7 Ultimate
    Plagegeister aller Art und deren Bekämpfung - 14.03.2014 (12)
  3. GVU Trojaner Windows7
    Log-Analyse und Auswertung - 12.02.2014 (17)
  4. GVU Trojaner - Windows7
    Log-Analyse und Auswertung - 21.01.2014 (9)
  5. Windows7: Vermutung auf Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.12.2013 (9)
  6. Windows7, Trojaner
    Log-Analyse und Auswertung - 14.12.2013 (9)
  7. Windows7, Interpol Trojaner
    Plagegeister aller Art und deren Bekämpfung - 22.10.2013 (30)
  8. ihavenet trojaner WINDOWS7
    Log-Analyse und Auswertung - 29.08.2013 (9)
  9. GVU Trojaner Windows7
    Log-Analyse und Auswertung - 06.08.2013 (4)
  10. GVU-Trojaner Windows7
    Plagegeister aller Art und deren Bekämpfung - 25.07.2013 (25)
  11. GVU Trojaner auf Windows7 64bit
    Log-Analyse und Auswertung - 17.06.2013 (48)
  12. Gvu Trojaner windows7
    Plagegeister aller Art und deren Bekämpfung - 19.05.2013 (2)
  13. BKA-Trojaner auf Windows7 Starter
    Plagegeister aller Art und deren Bekämpfung - 16.04.2013 (4)
  14. GVU Trojaner Windows7 32bit
    Log-Analyse und Auswertung - 14.08.2012 (11)
  15. Windows7 Verschlüsselungs Trojaner
    Plagegeister aller Art und deren Bekämpfung - 13.07.2012 (1)
  16. Probleme mit Internetverbindung - Windows7, Trojaner o.ä.?
    Log-Analyse und Auswertung - 15.01.2010 (5)
  17. Windows7 Virus/Trojaner? Freeze?
    Alles rund um Windows - 17.12.2009 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema GVU Trojaner, Windows7 - Im Anhang befindet sich die Extras.txt Datei, die OTL.txt ist leider zu groß zum Anhängen (Die Datei, die Sie anhängen möchten, ist zu groß. Die maximale Dateigröße für diesen Dateityp - GVU Trojaner, Windows7...
Archiv
Du betrachtest: GVU Trojaner, Windows7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131