Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
GVU-Meldung: Computer gesperrt

GVU-Meldung: Computer gesperrt


Plagegeister aller Art und deren Bekämpfung: GVU-Meldung: Computer gesperrt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 10.06.2013, 19:41   #1
farafella
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Guuten Abend allen fleißigen Helfern, ich hoffe mir kann geholfen werden

Wie ich bereits durch meine Internetrecherche herausgefunden habe, ist auch unser PC von dem GVU Trojaner befallen, der uns vorwirft "Urheberrechte und verwandte Schutzrechte" verletzt zu haben und zu einer Geldstrafe von 100€ (über PaySafeCard) auffordert. Da ich leider/oder auch glücklicherweise keinerlei Erfahrungen mit Trojanern/Viren habe fehlt mir jeegliches Wissen wie ich an die Sache rangehen soll.
Eine Anleitung, Schritt für Schritt, wäre deshalb echt suuper hilfreich! Habe nämlich große Angst etwas falsch zu machen, so dass später evtl. nicht alles vom Computer entfernt ist.

Schon mal liebsten Dank im voraus!

Alt 10.06.2013, 20:32   #2
schrauber
/// the machine
/// TB-Ausbilder
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Hi,

welches Bestriebssystem?
__________________

__________________
Alt 10.06.2013, 20:47   #3
farafella
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Windows Vista 32Bit Version
__________________
Geändert von farafella (10.06.2013 um 21:27 Uhr)

Alt 11.06.2013, 07:21   #4
schrauber
/// the machine
/// TB-Ausbilder
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


[indent]
Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Yes und klicke Scan
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.06.2013, 09:29   #5
farafella
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Tut mir leid, aber da tritt schon das erste Problem auf wenn ich in dieses Boot-Menü komme steht mir nämlich "Computer reparieren" nicht zu Verfügung. Ich kann lediglich im Abgesicherten Modus oder normal starten, wahrscheinlich weil ich den Pc wegen des Trojaners nicht herunterfahren konnte ..? Ist nämlich das Windows-Fehlerbehebungsmenü...
Die andere Variante mit der CD kann ich gerade leider auch nicht probieren, weil die leider schon seit einiger Zeit vreschollen ist. Hab sie das letzte mal vor 4 Jahren, beim Kauf des Pcs gebraucht Aber ich werde mich jetzt trotzdem mal auf die Suche machen

Geändert von farafella (11.06.2013 um 09:34 Uhr)

Alt 11.06.2013, 13:17   #6
schrauber
/// the machine
/// TB-Ausbilder
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Du kommst noch in den abgesicherten Modus? Wenn ja dann so:

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
__________________
--> GVU-Meldung: Computer gesperrt

Alt 11.06.2013, 16:15   #7
farafella
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Hm, also mir steht zwar zur Auswahl im abgesicherten Modus zu starten, aber wenn ich diesen starte fährt der pc von alleine wieder runter und startet normal und dann erscheint die GVU- Seite wieder

allerdings habe ich jetzt zwei cds gefunden, weiß aber nicht genau, welche ich jetzt verwenden soll. Die eine ist eine "Driver/Utility/Recovery DVD (Bootfähig)" und die andere eine "Product Recovery DVD-ROM 32-bit (Hyrican AG)" -> der Rechner ist von Hyrican

Alt 11.06.2013, 19:21   #8
schrauber
/// the machine
/// TB-Ausbilder
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Hast Du alle 3 Abgesicherten Modi versucht? Mit den Cd's weiß ich nicht, musste versuchen ob eine geht.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.06.2013, 19:33   #9
farafella
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Na ja beim abgesicherten Modus mit Eingabeaufforderung fährt er nicht direkt wieder runter, aber was soll man da denn eingeben? Und mit den CD's komme ich auch nicht zu den Reperatur-Optionen. Die eine will Windows neu installieren und die andere eine Systemwiederherstellung starten, bei der alle Daten weg wären.. Gibt es da keinen anderen Weg? Bin ja schon jetzt am verzweifeln

Alt 11.06.2013, 19:50   #10
schrauber
/// the machine
/// TB-Ausbilder
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


locker bleiben. Wuuussaaaaa

Starte in den abgesicherten Modus mit Eingabeaufforderung. Von nem anderen Rechner FRST laden und auf nen Stick packen.

Stick in den Rechner
notepad eingeben und Enter drücken
Datei > Speichern unter > Dann siehst Du den Stick > merk dir den Laufwerksbuchstaben
Notepad schliessen
E: eingeben (E durch den Buchstaben des Sticks ersetzen)
FRST eingeben und Enter drücken.
Scannen lassen
Log wird auf dem Stick gespeichert
Log hier posten

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.06.2013, 20:08   #11
farafella
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Jahaa, endlich hat mal was geklappt! Ich hoffe das stimmt jetzt so.


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-06-2013 02
Ran by Avelina (administrator) on 11-06-2013 21:01:44
Running from J:\
Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Safe Mode (minimal)

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [61440 2008-08-01] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: []  [x]
HKLM\...\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [225280 2007-03-12] (Sonic Solutions)
HKLM\...\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [1848648 2008-03-03] (CANON INC.)
HKLM\...\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [65256 2010-02-05] (Microsoft Corporation)
HKLM\...\Run: [SPC500NC_Monitor] C:\Windows\Philips\SPC500NC\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe [111928 2009-05-20] (SweetIM Technologies Ltd.)
HKLM\...\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Skytel] Skytel.exe [x]
HKLM\...\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" [x]
HKLM\...\Run: [PrintDisp] C:\Windows\system32\PrintDisp.exe [x]
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" [x]
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1259376 2011-07-29] ()
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-08-08] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKCU\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2008-08-22] (Hewlett-Packard Company)
HKCU\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [Google Update] "C:\Users\Avelina\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-10-13] (Google Inc.)
HKCU\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [18642024 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Users\Avelina\AppData\Roaming\skype.dat <==== ATTENTION 
Startup: C:\Users\Avelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com
URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
SearchScopes: HKCU - {590D71E2-C581-41F2-969C-EEE5F2EC38F2} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {5A0F516D-59CF-4F5A-86C7-840899F28D02} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -  No File
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Chocolatier/Images/stg_drm.ocx
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Chocolatier/Images/armhelper.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} hxxp://80.237.209.20/objects/NpFv501.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Avelina\AppData\Roaming\Mozilla\Firefox\Profiles\850jpg8x.default
FF SearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&p=
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: personas - C:\Users\Avelina\AppData\Roaming\Mozilla\Firefox\Profiles\850jpg8x.default\Extensions\personas@christopher.beard.xpi
FF Extension: No Name - C:\Users\Avelina\AppData\Roaming\Mozilla\Firefox\Profiles\850jpg8x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Avelina\AppData\Roaming\Mozilla\Firefox\Profiles\850jpg8x.default\Extensions\{E10A6337-382E-4FE6-96DE-936ADC34DD04}.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.startfenster.com
CHR RestoreOnStartup: "hxxp://www.startfenster.com"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Avelina\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Avelina\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Avelina\AppData\Local\Google\Chrome\Application\27.0.1453.94\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Skype Click to Call) - C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Flatcast Producer Plugin 5.0.356) - C:\Program Files\Mozilla Firefox\plugins\NpFp501.dll (1 mal 1 Software GmbH)
CHR Plugin: (Flatcast Viewer Plugin 5.0.356) - C:\Program Files\Mozilla Firefox\plugins\NpFv501.dll (1 mal 1 Software GmbH)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Turn Off the Lights) - C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2_0
CHR Extension: (Download FB album) - C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbmhonenddnnmbailokbccgmikhkpni\2.1.11_0
CHR Extension: (YouTube) - C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0
CHR Extension: (Google Search) - C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: () - C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn\3_0
CHR Extension: (PanicButton) - C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

========================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-05-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-02] (Avira Operations GmbH & Co. KG)
S2 gupdate1c99aaa2982b66c; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-03-01] (Google Inc.)
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [101552 2013-03-04] (McAfee, Inc.)
S2 msfwsvc; C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe [869952 2007-11-27] (Microsoft Corporation)
S2 OcHealthMon; C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe [26120 2010-02-05] (Microsoft Corporation)
R2 OneCareMP; C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe [18704 2008-07-09] (Microsoft Corporation)
S2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3048136 2012-05-30] (Skype Technologies S.A.)
S2 SplashtopRemoteService; C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe [1771336 2011-05-11] (Splashtop Inc.)
S2 SSUService; C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe [341832 2011-03-08] (Splashtop Inc.)
S2 winss; C:\Program Files\Microsoft Windows OneCare Live\winss.exe [1141112 2010-02-05] (Microsoft Corporation)
S3 msiserver; %systemroot%\system32\msiexec /V [x]

==================== Drivers (Whitelisted) ====================

R0 ahcix86s; C:\Windows\System32\DRIVERS\ahcix86s.sys [175632 2008-04-18] (AMD Technologies Inc.)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [10632 2007-10-12] (Advanced Micro Devices)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-04-25] (Avira GmbH)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-04-27] (Avira GmbH)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2012-04-16] (Avira GmbH)
S3 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [53168 2008-05-15] (Microsoft Corporation)
S2 MSFWDrv; C:\Windows\System32\DRIVERS\msfwdrv.sys [91200 2007-11-27] (Microsoft Corporation)
S1 MSFWHLPR; C:\Windows\System32\DRIVERS\msfwhlpr.sys [37440 2007-11-27] (Microsoft Corporation)
S4 RxFilter; C:\Windows\System32\DRIVERS\RxFilter.sys [50688 2006-12-02] (Sonic Solutions)
S3 SPC500NC; C:\Windows\System32\DRIVERS\SPC500NC.SYS [409600 2007-06-21] (PixArt Imaging Inc.)
S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-11 21:01 - 2013-06-11 21:01 - 00000000 ____D C:\FRST
2013-06-10 19:44 - 2013-06-11 19:51 - 00000004 ____A C:\Users\Avelina\AppData\Roaming\skype.ini
2013-06-09 12:45 - 2013-06-09 12:45 - 00001669 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-09 12:43 - 2013-06-09 12:45 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-09 12:43 - 2013-06-09 12:43 - 00000000 ____D C:\Program Files\iPod
2013-05-26 19:19 - 2013-05-26 19:20 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-25 14:48 - 2013-05-27 11:16 - 00000000 ____D C:\Users\Avelina\Desktop\HfG Karlsruhe
2013-05-24 18:33 - 2013-05-24 18:33 - 00001731 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-05-24 18:33 - 2013-05-24 18:33 - 00000000 ____D C:\Program Files\QuickTime
2013-05-15 20:35 - 2013-05-05 21:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-15 20:35 - 2013-05-05 21:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-15 20:23 - 2013-04-05 00:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-15 20:23 - 2013-04-05 00:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-15 20:23 - 2013-04-05 00:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-15 20:23 - 2013-04-05 00:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-15 20:23 - 2013-04-05 00:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-15 20:23 - 2013-04-05 00:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-15 20:23 - 2013-04-04 23:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-15 20:23 - 2013-04-04 23:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-15 20:23 - 2013-04-04 23:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-15 20:23 - 2013-04-04 23:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-15 20:23 - 2013-04-04 23:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-15 20:23 - 2013-04-04 23:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-15 20:23 - 2013-04-04 23:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-15 20:23 - 2013-04-04 23:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-15 18:14 - 2013-04-15 16:20 - 00638328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 18:14 - 2013-04-13 12:56 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-15 18:14 - 2013-04-09 03:36 - 02049024 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-14 17:33 - 2013-05-14 17:33 - 02138776 ____A (Solid State Networks) C:\Users\Avelina\Desktop\install_flashplayer11x32au_mssd_aih.exe

==================== One Month Modified Files and Folders ========

2013-06-11 21:01 - 2013-06-11 21:01 - 00000000 ____D C:\FRST
2013-06-11 20:45 - 2008-11-25 00:50 - 01151443 ____A C:\Windows\WindowsUpdate.log
2013-06-11 20:33 - 2008-01-21 09:16 - 01445546 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-11 19:52 - 2006-11-02 14:47 - 00055296 ____A C:\Windows\System32\umstartup.etl
2013-06-11 19:51 - 2013-06-10 19:44 - 00000004 ____A C:\Users\Avelina\AppData\Roaming\skype.ini
2013-06-11 19:51 - 2009-07-01 13:31 - 00001094 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-11 19:51 - 2006-11-02 15:01 - 00032510 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-11 19:51 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-11 19:51 - 2006-11-02 14:47 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-11 19:51 - 2006-11-02 14:47 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-10 19:45 - 2011-10-13 19:54 - 00001128 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2545246944-803647612-1363379426-1000UA.job
2013-06-10 19:30 - 2009-07-01 13:31 - 00001098 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-10 19:26 - 2009-01-27 08:23 - 00000000 ____D C:\Program Files\Microsoft Windows OneCare Live
2013-06-10 19:20 - 2012-04-20 20:03 - 00000000 ____D C:\Users\Avelina\AppData\Roaming\Skype
2013-06-10 18:57 - 2012-04-12 13:16 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-09 12:45 - 2013-06-09 12:45 - 00001669 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-09 12:45 - 2013-06-09 12:43 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-09 12:45 - 2010-07-11 12:48 - 00000000 ____D C:\Program Files\iTunes
2013-06-09 12:43 - 2013-06-09 12:43 - 00000000 ____D C:\Program Files\iPod
2013-06-09 12:43 - 2009-01-28 16:34 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-06-09 11:45 - 2011-10-13 19:54 - 00001076 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2545246944-803647612-1363379426-1000Core.job
2013-06-07 11:53 - 2009-04-12 20:03 - 00000000 ____D C:\Users\Avelina\AppData\Roaming\vlc
2013-06-07 11:52 - 2012-04-09 19:42 - 00002057 ____A C:\Users\Avelina\Desktop\Google Chrome.lnk
2013-06-07 11:21 - 2010-09-02 18:00 - 00000000 ____D C:\Users\Avelina\AppData\Roaming\dvdcss
2013-05-31 16:52 - 2012-01-27 13:33 - 00000000 ____D C:\Users\Avelina\Desktop\Musik zum sortieren!
2013-05-29 16:25 - 2012-05-10 17:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-05-27 11:16 - 2013-05-25 14:48 - 00000000 ____D C:\Users\Avelina\Desktop\HfG Karlsruhe
2013-05-26 19:20 - 2013-05-26 19:19 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-24 18:33 - 2013-05-24 18:33 - 00001731 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-05-24 18:33 - 2013-05-24 18:33 - 00000000 ____D C:\Program Files\QuickTime
2013-05-18 12:59 - 2012-04-12 13:15 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-05-18 12:59 - 2011-06-05 18:21 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-05-18 11:58 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-05-18 11:27 - 2006-11-02 14:47 - 00466312 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-15 20:35 - 2008-09-30 07:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-15 20:26 - 2006-11-02 12:24 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-05-14 17:33 - 2013-05-14 17:33 - 02138776 ____A (Solid State Networks) C:\Users\Avelina\Desktop\install_flashplayer11x32au_mssd_aih.exe

Files to move or delete:
====================
C:\Users\Avelina\AppData\Roaming\skype.dat
C:\Users\Avelina\AppData\Roaming\skype.ini

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-11 20:47

==================== End Of Log ============================
--- --- ---

--- --- ---


Auf dem Stick wurde auch noch eine Addition gespeichert, falls die wichtig ist:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-06-2013 02
Ran by Avelina at 2013-06-11 21:02:59 Run:
Running from J:\
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 6.1.2)
7-Zip 4.65
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader X (10.1.6) - Deutsch (Version: 10.1.6)
Amazon MP3-Downloader 1.0.9
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ATI AVIVO Codecs (Version: 9.16.0.30508)
ATI Catalyst Install Manager (Version: 3.0.691.0)
Avira Free Antivirus (Version: 12.1.9.1236)
Bonjour (Version: 3.0.0.10)
Canon MP Navigator EX 2.0
Canon MP240 series Benutzerregistrierung
Canon MP240 series MP Drivers
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2008.0820.2135.36847)
Catalyst Control Center Graphics Full Existing (Version: 2008.0820.2135.36847)
Catalyst Control Center Graphics Full New (Version: 2008.0820.2135.36847)
Catalyst Control Center Graphics Light (Version: 2008.0820.2135.36847)
Catalyst Control Center Graphics Previews Common (Version: 2008.0820.2135.36847)
Catalyst Control Center Graphics Previews Vista (Version: 2008.0820.2135.36847)
Catalyst Control Center HydraVision Full (Version: 2008.0820.2135.36847)
Catalyst Control Center InstallProxy (Version: 2008.0820.2135.36847)
Catalyst Control Center Localization German (Version: 2008.0820.2135.36847)
CCC Help English (Version: 2008.0820.2134.36847)
CCC Help German (Version: 2008.0820.2134.36847)
ccc-core-static (Version: 2008.0820.2135.36847)
ccc-utility (Version: 2008.0820.2135.36847)
CCleaner (Version: 3.28)
Color Efex Pro 3.0 Standard (Version: 3.1.0.9)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Die Sims 2
Die Sims™ 3 (Version: 1.34.27)
DivX-Setup (Version: 2.5.0.8)
Flatcast 5.0
GIMP 2.6.8
Google Chrome (Version: 27.0.1453.110)
Google Update Helper (Version: 1.3.21.145)
GTOneCare (Version: 2.0.42)
Inkjet Printer/Scanner Extended Survey Program
iTunes (Version: 11.0.4.4)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
LightScribe Applications (Version: 1.4.128.1)
LightScribe System Software  1.14.25.1 (Version: 1.14.25.1)
McAfee SiteAdvisor (Version: 3.6.193)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Protection Service (Version: 2.1.1300.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows Live OneCare Resources v2.5.2900.30 (Version: 2.5.2900.30)
Microsoft Windows OneCare Live AntiSpyware and AntiVirus (Version: 1.5.1958.0)
Microsoft Windows OneCare Live v2.5.2900.20 Idcrl Install (Version: 2.5.2900.20)
Microsoft Windows OneCare Live v2.5.2900.30 (Version: 2.5.2900.30)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyDVD-VR Recorder (Version: 1.0)
Opera 12.15 (Version: 12.15.1748)
Origin (Version: 8.6.0.357)
Paint.NET v3.5.10 (Version: 3.60.0)
Plants vs. Zombies 1.0.4.7924 (by Scar)
PX Engine (Version: 4.02)
QuickTime (Version: 7.74.80.86)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5700)
Roxio WinOnCD 9 Basic (Version: 9.0.603)
Segoe UI (Version: 15.4.2271.0615)
Skins (Version: 2008.0820.2135.36847)
Skype Click to Call (Version: 6.0.10201)
Skype™ 6.3 (Version: 6.3.105)
Sonic MyDVD-VR (Version: 1.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Splashtop Remote (Version: 1.4.0.4)
StarOffice 8 (Version: 8.00.8945)
SweetIM for Messenger 2.7 (Version: 2.7.0008)
SweetIM Toolbar for Internet Explorer 3.4 (Version: 3.4.0010)
System Requirements Lab
System Requirements Lab (Version: 4.1.71.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.5 (Version: 2.0.5)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live OneCare (Version: 2.5.2900.30)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
XMedia Recode 2.3.0.2 (Version: 2.3.0.2)
Xvid 1.1.2 final uninstall (Version: 1.1)

==================== Restore Points  =========================

25-04-2013 20:23:21 Windows Update
28-04-2013 19:19:27 Geplanter Prüfpunkt
09-05-2013 18:40:09 Geplanter Prüfpunkt
10-05-2013 07:37:08 Geplanter Prüfpunkt
11-05-2013 06:22:16 Geplanter Prüfpunkt
13-05-2013 07:46:22 Geplanter Prüfpunkt
15-05-2013 18:22:15 Windows Update
24-05-2013 21:18:17 Geplanter Prüfpunkt
26-05-2013 18:57:32 Geplanter Prüfpunkt
27-05-2013 08:26:36 Geplanter Prüfpunkt
06-06-2013 17:09:29 Geplanter Prüfpunkt

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/11/2013 08:56:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2013 08:30:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2013 07:51:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2013 07:46:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2013 07:46:02 PM) (Source: Software Licensing Service) (User: )
Description: Fehler beim Starten des Softwarelizenzierungsdienstes. hr=0x80070002, [2, 4]

Error: (06/11/2013 07:13:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2013 05:42:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2013 05:15:33 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (06/11/2013 05:14:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2013 05:11:48 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


System errors:
=============
Error: (06/11/2013 08:56:30 PM) (Source: Service Control Manager) (User: )
Description: AFD
avipbb
avkmgr
DfsC
MSFWHLPR
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
ssmdrv
tdx
Wanarpv6

Error: (06/11/2013 08:56:30 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (06/11/2013 08:56:30 PM) (Source: Service Control Manager) (User: )
Description: NLA (Network Location Awareness)Netzwerkspeicher-Schnittstellendienst%%1068

Error: (06/11/2013 08:56:30 PM) (Source: Service Control Manager) (User: )
Description: MSFWDrvMSFWHLPR%%31

Error: (06/11/2013 08:56:30 PM) (Source: Service Control Manager) (User: )
Description: IP-HilfsdienstNetzwerkspeicher-Schnittstellendienst%%1068

Error: (06/11/2013 08:56:30 PM) (Source: Service Control Manager) (User: )
Description: WebClientWebDav Client Redirector Driver%%1068

Error: (06/11/2013 08:56:30 PM) (Source: Service Control Manager) (User: )
Description: SMB 2.0 MiniRedirectorSMB MiniRedirector Wrapper and Engine%%1068

Error: (06/11/2013 08:56:30 PM) (Source: Service Control Manager) (User: )
Description: SMB 1.x MiniRedirectorSMB MiniRedirector Wrapper and Engine%%1068

Error: (06/11/2013 08:56:30 PM) (Source: Service Control Manager) (User: )
Description: SMB MiniRedirector Wrapper and EngineRedirected Buffering Sub Sysytem%%31

Error: (06/11/2013 08:56:30 PM) (Source: Service Control Manager) (User: )
Description: WebDav Client Redirector DriverRedirected Buffering Sub Sysytem%%31


Microsoft Office Sessions:
=========================
Error: (11/22/2011 00:57:39 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5413 seconds with 3360 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2011-08-16 16:45:46.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\McAfee\SITEAD~1\sahook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-08-16 16:45:46.709
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-08-16 16:45:46.345
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\PROGRA~1\McAfee\SITEAD~1\sahook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-08-16 16:45:46.323
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-09-10 17:26:09.963
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-09-10 17:26:09.799
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-09-09 14:22:34.663
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-09-09 14:22:34.495
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-09-09 14:11:14.471
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-09-09 14:11:14.255
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 1790.44 MB
Available physical RAM: 1269.7 MB
Total Pagefile: 3827.41 MB
Available Pagefile: 3431.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.58 MB

==================== Drives ================================

Drive c: (VISTA) (Fixed) (Total:225.07 GB) (Free:104.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (!!! NICHT LOESCHEN !!!) (Fixed) (Total:7.81 GB) (Free:2.73 GB) NTFS
Drive j: () (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 7AF742B1)
Partition 1: (Active) - (Size=225 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 4 GB) (Disk ID: 5E6F612F)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================

Alt 11.06.2013, 20:12   #12
schrauber
/// the machine
/// TB-Ausbilder
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Zitat:
Jahaa, endlich hat mal was geklappt!
nicht verzagen, schrauber fragen


Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
ATTFilter
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Users\Avelina\AppData\Roaming\skype.dat <==== ATTENTION 
C:\Users\Avelina\AppData\Roaming\skype.dat
C:\Users\Avelina\AppData\Roaming\skype.ini
Speichere diese bitte als Fixlist.txt auf deinem Stick.
  • Starte nun FRST erneut und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

Rechner neu booten und freuen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.06.2013, 20:22   #13
farafella
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Hey, es läuft! Oh woow und die GUV-Seite ist verschwunden! Schrauber, du bist mein Held!

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-06-2013 02
Ran by Avelina at 2013-06-11 21:21:17 Run:1
Running from J:\
Boot Mode: Safe Mode (minimal)

==============================================

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon => Key deleted successfully.
C:\Users\Avelina\AppData\Roaming\skype.dat => Moved successfully.
C:\Users\Avelina\AppData\Roaming\skype.ini => Moved successfully.

==== End of Fixlog ====

Alt 12.06.2013, 07:10   #14
schrauber
/// the machine
/// TB-Ausbilder
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Hehe

wir sind aber noch nicht fertig

Jetzt bitte alles im normalen Windows ausführen.

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
  • Doppelklick auf die OTL.exe
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal Ausgabe
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.06.2013, 09:17   #15
farafella
 
GVU-Meldung: Computer gesperrt - Standard

GVU-Meldung: Computer gesperrt


Hab ich gemacht Kann ich eigentlich auch schon Updates machen? Mir werden diverse Sicherheitsupdates von Windows und Java angezeigt..

Code:
ATTFilter
OTL logfile created on: 12.06.2013 09:55:13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Avelina\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,33 Gb Available Physical Memory | 19,15% Memory free
3,74 Gb Paging File | 1,97 Gb Available in Paging File | 52,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225,07 Gb Total Space | 101,96 Gb Free Space | 45,30% Space Free | Partition Type: NTFS
Drive D: | 7,81 Gb Total Space | 2,73 Gb Free Space | 34,97% Space Free | Partition Type: NTFS
 
Computer Name: AVELINA-PC | User Name: Avelina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Avelina\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.)
PRC - c:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
PRC - C:\Programme\Splashtop\Splashtop Remote\Server\SRServer.exe (Splashtop Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
PRC - C:\Programme\Microsoft Windows OneCare Live\winssnotify.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Windows OneCare Live\winss.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Windows OneCare Live\OcHealthMon.exe (Microsoft Corporation)
PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe (Microsoft Corporation)
PRC - C:\Windows\Philips\SPC500NC\Monitor.exe (PixArt Imaging Incorporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtCore4.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (McAfee SiteAdvisor Service) -- c:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SplashtopRemoteService) -- C:\Programme\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (SSUService) -- C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (winss) -- C:\Programme\Microsoft Windows OneCare Live\winss.exe (Microsoft Corporation)
SRV - (OcHealthMon) -- C:\Programme\Microsoft Windows OneCare Live\OcHealthMon.exe (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (OneCareMP) -- C:\Programme\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (msfwsvc) -- C:\Programme\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (CrystalSysInfo) -- C:\Program Files\MediaCoder\SysInfo.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.)
DRV - (ahcix86s) -- C:\Windows\System32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - (MSFWDrv) -- C:\Windows\System32\drivers\msfwdrv.sys (Microsoft Corporation)
DRV - (MSFWHLPR) -- C:\Windows\System32\drivers\msfwhlpr.sys (Microsoft Corporation)
DRV - (nvrd32) -- C:\Windows\System32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys (Advanced Micro Devices)
DRV - (SPC500NC) -- C:\Windows\System32\drivers\SPC500NC.SYS (PixArt Imaging Inc.)
DRV - (RxFilter) -- C:\Windows\System32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (O2SDRDR) -- C:\Windows\System32\drivers\o2sd.sys (O2Micro )
DRV - (O2MDRDR) -- C:\Windows\System32\drivers\o2media.sys (O2Micro )
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{590D71E2-C581-41F2-969C-EEE5F2EC38F2}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{5A0F516D-59CF-4F5A-86C7-840899F28D02}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7BE10A6337-382E-4FE6-96DE-936ADC34DD04%7D:1.4.3
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.2.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}:1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..network.proxy.type: 2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Avelina\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Avelina\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.05.07 10:52:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.29 00:05:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.26 19:20:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.26 19:20:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.26 19:20:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.26 19:20:06 | 000,000,000 | ---D | M]
 
[2010.01.31 09:29:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Avelina\AppData\Roaming\mozilla\Extensions
[2013.05.13 12:54:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Avelina\AppData\Roaming\mozilla\Firefox\Profiles\850jpg8x.default\extensions
[2013.04.28 22:21:48 | 000,346,768 | ---- | M] () (No name found) -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\extensions\personas@christopher.beard.xpi
[2013.05.09 13:50:36 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.04.07 17:08:18 | 000,048,903 | ---- | M] () (No name found) -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\extensions\{E10A6337-382E-4FE6-96DE-936ADC34DD04}.xpi
[2013.06.06 18:06:03 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-1.xml
[2011.08.17 18:01:49 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-2.xml
[2011.09.01 20:21:07 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-3.xml
[2011.09.08 13:13:18 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-4.xml
[2011.09.30 11:37:14 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-5.xml
[2011.10.01 16:37:59 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-6.xml
[2011.12.23 15:39:50 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-7.xml
[2012.01.08 15:55:08 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-8.xml
[2012.03.23 00:14:29 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-9.xml
[2011.06.21 21:36:05 | 000,001,056 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin.xml
[2010.10.20 20:27:24 | 000,005,550 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\webde-suche.xml
[2013.05.26 19:20:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.05.26 19:20:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.05.26 19:20:00 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Programme\Mozilla Firefox\extensions\quickstores@quickstores.de
[2013.05.26 19:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.26 19:20:23 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.26 19:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2013.05.26 19:19:58 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
[2009.03.03 12:01:51 | 002,123,736 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFp501.dll
[2009.03.03 12:00:30 | 001,275,856 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFv501.dll
[2012.03.22 22:53:34 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.startfenster.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Avelina\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Avelina\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Avelina\AppData\Local\Google\Chrome\Application\27.0.1453.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Flatcast Producer Plugin 5.0.356 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NpFp501.dll
CHR - plugin: Flatcast Viewer Plugin 5.0.356 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NpFv501.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Turn Off the Lights = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2_0\
CHR - Extension: Download FB album = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbmhonenddnnmbailokbccgmikhkpni\2.1.11_0\
CHR - Extension: YouTube = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: Google-Suche = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Ratchet & Clank Future 2 = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn\3_0\
CHR - Extension: PanicButton = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [OneCareUI] C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PrintDisp] C:\Windows\system32\PrintDisp.exe File not found
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SPC500NC_Monitor] C:\Windows\Philips\SPC500NC\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Avelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Chocolatier/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Chocolatier/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} hxxp://80.237.209.20/objects/NpFv501.dll (Flatcast Viewer 5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F90E7F84-31F1-4A2B-A96F-C887604EFFB9}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\Avelina\AppData\Roaming\skype.dat) -  File not found
O24 - Desktop WallPaper: C:\Users\Avelina\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Avelina\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.12 09:54:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Avelina\Desktop\OTL.exe
[2013.06.11 21:01:41 | 000,000,000 | ---D | C] -- C:\FRST
[2013.06.09 12:45:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.09 12:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.09 12:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.05.26 19:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.05.25 14:48:02 | 000,000,000 | ---D | C] -- C:\Users\Avelina\Desktop\HfG Karlsruhe
[2013.05.24 18:33:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.05.24 18:33:09 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013.05.15 20:35:10 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.15 20:23:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.15 20:23:12 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.15 20:23:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.05.15 20:23:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.15 20:23:10 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.15 20:23:10 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.05.15 20:23:09 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.05.15 18:14:47 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013.05.15 18:14:29 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.14 17:33:16 | 002,138,776 | ---- | C] (Solid State Networks) -- C:\Users\Avelina\Desktop\install_flashplayer11x32au_mssd_aih.exe
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.12 09:59:25 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.12 09:59:19 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.06.12 09:59:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.06.12 09:54:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Avelina\Desktop\OTL.exe
[2013.06.12 09:53:05 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.12 09:53:05 | 000,596,036 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.12 09:53:05 | 000,126,486 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.12 09:53:05 | 000,104,110 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.12 09:47:21 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.12 09:46:56 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 09:46:55 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 09:46:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.12 09:46:13 | 1876,123,648 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.11 21:45:02 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2545246944-803647612-1363379426-1000UA.job
[2013.06.11 21:30:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.11 19:52:20 | 000,055,296 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2013.06.09 12:45:31 | 000,001,669 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.09 11:45:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2545246944-803647612-1363379426-1000Core.job
[2013.06.07 11:52:28 | 000,002,057 | ---- | M] () -- C:\Users\Avelina\Desktop\Google Chrome.lnk
[2013.05.24 18:33:37 | 000,001,731 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013.05.18 11:27:08 | 000,466,312 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.14 17:33:43 | 002,138,776 | ---- | M] (Solid State Networks) -- C:\Users\Avelina\Desktop\install_flashplayer11x32au_mssd_aih.exe
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.11 21:25:25 | 1876,123,648 | -HS- | C] () -- C:\hiberfil.sys
[2013.06.09 12:45:31 | 000,001,669 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.05.24 18:33:37 | 000,001,731 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013.02.04 00:09:02 | 000,005,259 | ---- | C] () -- C:\Users\Avelina\.recently-used.xbel
[2011.12.18 12:51:32 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.18 12:51:32 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.18 12:51:30 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.10.12 16:38:55 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.01.12 23:13:15 | 000,000,680 | ---- | C] () -- C:\Users\Avelina\AppData\Local\d3d9caps.dat
[2009.04.15 10:21:09 | 007,217,820 | ---- | C] () -- C:\Users\Avelina\AppData\Roaming\UserTile.png
[2009.02.26 20:27:12 | 000,000,054 | ---- | C] () -- C:\Users\Avelina\AppData\Roaming\burnaware.ini
[2008.12.07 17:12:52 | 000,000,678 | ---- | C] () -- C:\Users\Avelina\AppData\Roaming\wklnhst.dat
[2008.12.06 15:58:57 | 000,017,920 | ---- | C] () -- C:\Users\Avelina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:BC412591

< End of report >
Code:
ATTFilter
OTL logfile created on: 12.06.2013 09:55:13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Avelina\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,33 Gb Available Physical Memory | 19,15% Memory free
3,74 Gb Paging File | 1,97 Gb Available in Paging File | 52,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225,07 Gb Total Space | 101,96 Gb Free Space | 45,30% Space Free | Partition Type: NTFS
Drive D: | 7,81 Gb Total Space | 2,73 Gb Free Space | 34,97% Space Free | Partition Type: NTFS
 
Computer Name: AVELINA-PC | User Name: Avelina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Avelina\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.)
PRC - c:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
PRC - C:\Programme\Splashtop\Splashtop Remote\Server\SRServer.exe (Splashtop Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
PRC - C:\Programme\Microsoft Windows OneCare Live\winssnotify.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Windows OneCare Live\winss.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Windows OneCare Live\OcHealthMon.exe (Microsoft Corporation)
PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe (Microsoft Corporation)
PRC - C:\Windows\Philips\SPC500NC\Monitor.exe (PixArt Imaging Incorporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtCore4.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (McAfee SiteAdvisor Service) -- c:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SplashtopRemoteService) -- C:\Programme\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (SSUService) -- C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (winss) -- C:\Programme\Microsoft Windows OneCare Live\winss.exe (Microsoft Corporation)
SRV - (OcHealthMon) -- C:\Programme\Microsoft Windows OneCare Live\OcHealthMon.exe (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (OneCareMP) -- C:\Programme\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (msfwsvc) -- C:\Programme\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (CrystalSysInfo) -- C:\Program Files\MediaCoder\SysInfo.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.)
DRV - (ahcix86s) -- C:\Windows\System32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - (MSFWDrv) -- C:\Windows\System32\drivers\msfwdrv.sys (Microsoft Corporation)
DRV - (MSFWHLPR) -- C:\Windows\System32\drivers\msfwhlpr.sys (Microsoft Corporation)
DRV - (nvrd32) -- C:\Windows\System32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys (Advanced Micro Devices)
DRV - (SPC500NC) -- C:\Windows\System32\drivers\SPC500NC.SYS (PixArt Imaging Inc.)
DRV - (RxFilter) -- C:\Windows\System32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (O2SDRDR) -- C:\Windows\System32\drivers\o2sd.sys (O2Micro )
DRV - (O2MDRDR) -- C:\Windows\System32\drivers\o2media.sys (O2Micro )
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{590D71E2-C581-41F2-969C-EEE5F2EC38F2}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{5A0F516D-59CF-4F5A-86C7-840899F28D02}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7BE10A6337-382E-4FE6-96DE-936ADC34DD04%7D:1.4.3
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.2.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}:1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..network.proxy.type: 2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Avelina\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Avelina\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.05.07 10:52:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.29 00:05:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.26 19:20:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.26 19:20:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.26 19:20:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.26 19:20:06 | 000,000,000 | ---D | M]
 
[2010.01.31 09:29:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Avelina\AppData\Roaming\mozilla\Extensions
[2013.05.13 12:54:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Avelina\AppData\Roaming\mozilla\Firefox\Profiles\850jpg8x.default\extensions
[2013.04.28 22:21:48 | 000,346,768 | ---- | M] () (No name found) -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\extensions\personas@christopher.beard.xpi
[2013.05.09 13:50:36 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.04.07 17:08:18 | 000,048,903 | ---- | M] () (No name found) -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\extensions\{E10A6337-382E-4FE6-96DE-936ADC34DD04}.xpi
[2013.06.06 18:06:03 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-1.xml
[2011.08.17 18:01:49 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-2.xml
[2011.09.01 20:21:07 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-3.xml
[2011.09.08 13:13:18 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-4.xml
[2011.09.30 11:37:14 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-5.xml
[2011.10.01 16:37:59 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-6.xml
[2011.12.23 15:39:50 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-7.xml
[2012.01.08 15:55:08 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-8.xml
[2012.03.23 00:14:29 | 000,000,950 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin-9.xml
[2011.06.21 21:36:05 | 000,001,056 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\icqplugin.xml
[2010.10.20 20:27:24 | 000,005,550 | ---- | M] () -- C:\Users\Avelina\AppData\Roaming\mozilla\firefox\profiles\850jpg8x.default\searchplugins\webde-suche.xml
[2013.05.26 19:20:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.05.26 19:20:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.05.26 19:20:00 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Programme\Mozilla Firefox\extensions\quickstores@quickstores.de
[2013.05.26 19:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.26 19:20:23 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.26 19:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2013.05.26 19:19:58 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
[2009.03.03 12:01:51 | 002,123,736 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFp501.dll
[2009.03.03 12:00:30 | 001,275,856 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFv501.dll
[2012.03.22 22:53:34 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.startfenster.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Avelina\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Avelina\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Avelina\AppData\Local\Google\Chrome\Application\27.0.1453.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Flatcast Producer Plugin 5.0.356 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NpFp501.dll
CHR - plugin: Flatcast Viewer Plugin 5.0.356 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NpFv501.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Turn Off the Lights = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2_0\
CHR - Extension: Download FB album = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbmhonenddnnmbailokbccgmikhkpni\2.1.11_0\
CHR - Extension: YouTube = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: Google-Suche = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Ratchet & Clank Future 2 = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn\3_0\
CHR - Extension: PanicButton = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Avelina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [OneCareUI] C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PrintDisp] C:\Windows\system32\PrintDisp.exe File not found
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SPC500NC_Monitor] C:\Windows\Philips\SPC500NC\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Avelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Chocolatier/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Chocolatier/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} hxxp://80.237.209.20/objects/NpFv501.dll (Flatcast Viewer 5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F90E7F84-31F1-4A2B-A96F-C887604EFFB9}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\Avelina\AppData\Roaming\skype.dat) -  File not found
O24 - Desktop WallPaper: C:\Users\Avelina\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Avelina\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.12 09:54:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Avelina\Desktop\OTL.exe
[2013.06.11 21:01:41 | 000,000,000 | ---D | C] -- C:\FRST
[2013.06.09 12:45:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.09 12:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.09 12:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.05.26 19:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.05.25 14:48:02 | 000,000,000 | ---D | C] -- C:\Users\Avelina\Desktop\HfG Karlsruhe
[2013.05.24 18:33:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.05.24 18:33:09 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013.05.15 20:35:10 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.15 20:23:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.15 20:23:12 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.15 20:23:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.05.15 20:23:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.15 20:23:10 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.15 20:23:10 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.05.15 20:23:09 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.05.15 18:14:47 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013.05.15 18:14:29 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.14 17:33:16 | 002,138,776 | ---- | C] (Solid State Networks) -- C:\Users\Avelina\Desktop\install_flashplayer11x32au_mssd_aih.exe
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.12 09:59:25 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.12 09:59:19 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.06.12 09:59:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.06.12 09:54:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Avelina\Desktop\OTL.exe
[2013.06.12 09:53:05 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.12 09:53:05 | 000,596,036 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.12 09:53:05 | 000,126,486 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.12 09:53:05 | 000,104,110 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.12 09:47:21 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.12 09:46:56 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 09:46:55 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 09:46:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.12 09:46:13 | 1876,123,648 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.11 21:45:02 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2545246944-803647612-1363379426-1000UA.job
[2013.06.11 21:30:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.11 19:52:20 | 000,055,296 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2013.06.09 12:45:31 | 000,001,669 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.09 11:45:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2545246944-803647612-1363379426-1000Core.job
[2013.06.07 11:52:28 | 000,002,057 | ---- | M] () -- C:\Users\Avelina\Desktop\Google Chrome.lnk
[2013.05.24 18:33:37 | 000,001,731 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013.05.18 11:27:08 | 000,466,312 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.14 17:33:43 | 002,138,776 | ---- | M] (Solid State Networks) -- C:\Users\Avelina\Desktop\install_flashplayer11x32au_mssd_aih.exe
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.11 21:25:25 | 1876,123,648 | -HS- | C] () -- C:\hiberfil.sys
[2013.06.09 12:45:31 | 000,001,669 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.05.24 18:33:37 | 000,001,731 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013.02.04 00:09:02 | 000,005,259 | ---- | C] () -- C:\Users\Avelina\.recently-used.xbel
[2011.12.18 12:51:32 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.18 12:51:32 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.18 12:51:30 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.10.12 16:38:55 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.01.12 23:13:15 | 000,000,680 | ---- | C] () -- C:\Users\Avelina\AppData\Local\d3d9caps.dat
[2009.04.15 10:21:09 | 007,217,820 | ---- | C] () -- C:\Users\Avelina\AppData\Roaming\UserTile.png
[2009.02.26 20:27:12 | 000,000,054 | ---- | C] () -- C:\Users\Avelina\AppData\Roaming\burnaware.ini
[2008.12.07 17:12:52 | 000,000,678 | ---- | C] () -- C:\Users\Avelina\AppData\Roaming\wklnhst.dat
[2008.12.06 15:58:57 | 000,017,920 | ---- | C] () -- C:\Users\Avelina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:BC412591

< End of report >

Antwort
Seite 1 von 2 1 2

Themen zu GVU-Meldung: Computer gesperrt
abend, angst, anleitung, befallen, bereits, compu, computer, entfernt, erfahrungen, falsch, geholfen, gesperrt, große, gvu-meldung: computer gesperrt, hilfreich, hoffe, inter, keinerlei, leitung, schritt, troja, trojaner, verletzt, wissen


« Blöderweise schlechten Link in Email geöffnet | Ständig öffnen sich Internetfenster ohne das ich etwas anwähle und schließen sich von selbst wieder »


Ähnliche Themen: GVU-Meldung: Computer gesperrt


  1. GVU-Meldung: Computer gesperrt
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (15)
  2. Mein Laptop zeigt die Meldung an: Ihr Computer ist gesperrt, nun immer ein weißer Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (3)
  3. Computer gesperrt, Meldung Bundesamt für Internetsicherheit
    Plagegeister aller Art und deren Bekämpfung - 16.08.2013 (5)
  4. Trojaner - Computer gesperrt, Meldung angeblich von der Bundespolizei
    Plagegeister aller Art und deren Bekämpfung - 01.08.2013 (27)
  5. Computer gesperrt mit Meldung vom Bundesamt für Internetsicherheit usw.
    Plagegeister aller Art und deren Bekämpfung - 20.05.2013 (13)
  6. weißer Bildschirm, danach erscheint die Meldung dass der Computer gesperrt ist für 72 Stunden.
    Log-Analyse und Auswertung - 20.05.2013 (65)
  7. 'Ihr Computer ist gesperrt!'Meldung. GVU fördert 100 EUR
    Log-Analyse und Auswertung - 28.01.2013 (11)
  8. Ihr Computer wurde gesperrt Meldung
    Plagegeister aller Art und deren Bekämpfung - 15.01.2013 (8)
  9. Computer mit WIN7 gesperrt nach SUISA-Meldung
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (17)
  10. Meldung: Computer gesperrt...Bundespolizei...OTL schon installiert
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (3)
  11. weißer Bildschirm mit der Meldung Ihr Computer wurde gesperrt
    Log-Analyse und Auswertung - 14.08.2012 (14)
  12. Computer wurde gesperrt, Meldung der Bundespolizei
    Plagegeister aller Art und deren Bekämpfung - 12.06.2012 (1)
  13. Computer gesperrt nach Suisa-Meldung
    Log-Analyse und Auswertung - 10.04.2012 (1)
  14. schwarzer Bildschirm, meldung, ihr computer wurde gesperrt.....
    Plagegeister aller Art und deren Bekämpfung - 22.03.2012 (5)
  15. Gema Meldung der Computer sei gesperrt, Windows 7, Task Manager kann nicht geöffnet werden
    Plagegeister aller Art und deren Bekämpfung - 18.03.2012 (7)
  16. Meldung "Security Center !Achtung! Ihr Computer wurde gesperrt"
    Log-Analyse und Auswertung - 06.02.2012 (3)
  17. windows 7, weißer Bildschirm, Meldung: windows security center, Achtung! Ihr Computer wurde gesperrt
    Log-Analyse und Auswertung - 06.02.2012 (11)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema GVU-Meldung: Computer gesperrt - Guuten Abend allen fleißigen Helfern, ich hoffe mir kann geholfen werden Wie ich bereits durch meine Internetrecherche herausgefunden habe, ist auch unser PC von dem GVU Trojaner befallen, der uns - GVU-Meldung: Computer gesperrt...
Archiv
Du betrachtest: GVU-Meldung: Computer gesperrt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131