Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Weißer Bildschirm beim Start von Windows 7

Weißer Bildschirm beim Start von Windows 7


Log-Analyse und Auswertung: Weißer Bildschirm beim Start von Windows 7

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 13.06.2013, 21:18   #1
Alex81
 
Weißer Bildschirm beim Start von Windows 7 - Beitrag

Weißer Bildschirm beim Start von Windows 7


Hallo miteinander,

der PC meiner Freundin hat sich den Virus mit der "Bundespolizei Meldung" eingefangen. Die Meldung mit der Zahlungsaufforderung von 100 Euro kam aber nur beim erstmaligen Auftreten des Virus.

Wenn ich den PC jetzt normal hochfahre erscheint nach der Anmeldung nur ein weißer Bildschirm. Ich habe festgestellt dass ich nur im Abgesicherten Modus mit Eingabeaufforderung starten kann.

Im Allgemeinen sind die Symthome so wie auch in diesem Thema beschrieben:
http://www.trojaner-board.de/132644-...i-hinweis.html

Ich habe schon eine OTLPE CD gebrannt und den infizierten PC davon gebootet.
Nach dem Scan des Windows-Ordners gabs eine OTL.txt, jedoch keine Extras.txt.

Hier die OTL.txt:
Code:
ATTFilter
OTL logfile created on: 6/13/2013 11:19:40 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = I: | %SystemRoot% = I:\Windows | %ProgramFiles% = I:\Program Files (x86)
Drive C: | 10.88 Gb Total Space | 4.92 Gb Free Space | 45.25% Space Free | Partition Type: NTFS
Drive D: | 63.02 Gb Total Space | 62.93 Gb Free Space | 99.86% Space Free | Partition Type: NTFS
Drive I: | 1789.03 Gb Total Space | 1424.97 Gb Free Space | 79.65% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/11/28 13:01:45 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand] -- I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/05/20 10:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Windows\System32\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto] -- I:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2013/05/17 09:32:50 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- I:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto] -- I:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/29 15:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand] -- I:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/02/25 18:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto] -- I:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 02:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto] -- I:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/01/08 07:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto] -- I:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/14 05:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto] -- I:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/05/08 06:30:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- I:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/08 06:30:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- I:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/11/06 05:45:29 | 000,075,136 | ---- | M] () [Auto] -- I:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/01 03:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand] -- I:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 03:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/08/26 12:48:00 | 000,285,152 | ---- | M] () [Auto] -- I:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)
SRV - [2010/07/22 09:12:04 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand] -- I:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/05/21 05:58:30 | 000,673,088 | ---- | M] (SoftThinks) [Auto] -- I:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/02 07:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- I:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/07/13 21:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009/06/26 05:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand] -- I:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- I:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/21 02:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto] -- I:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/02/06 01:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- I:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2013/02/06 01:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- I:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2012/12/13 08:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/05 10:23:34 | 000,098,888 | ---- | M] (Citrix Systems, Inc.) [Kernel | System] -- I:\Windows\System32\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/05/08 06:30:50 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System] -- I:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/05/08 06:30:50 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto] -- I:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/10/11 09:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- I:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/10/01 03:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 03:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 03:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- I:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 03:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/04/19 04:52:20 | 001,254,464 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\bcmwlhigh664.sys -- (BCMH43XX)
DRV:64bit: - [2010/08/12 00:07:46 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- I:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/05/20 10:26:30 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV:64bit: - [2010/02/03 06:21:56 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/10/16 07:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009/09/26 11:42:58 | 000,233,984 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009/09/23 04:42:58 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009/09/17 16:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- I:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2007/03/05 14:49:38 | 000,047,888 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV:64bit: - [2007/03/05 14:48:12 | 000,037,648 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV:64bit: - [2007/03/05 14:47:08 | 000,025,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\BtNetDrv.sys -- (BT)
DRV:64bit: - [2007/03/05 14:42:54 | 000,049,680 | ---- | M] (IVT Corporation.) [Kernel | Boot] -- I:\Windows\System32\drivers\BTHidMgr.sys -- (BTHidMgr)
DRV:64bit: - [2007/03/05 14:41:34 | 000,024,976 | ---- | M] (IVT Corporation.) [Kernel | Boot] -- I:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
DRV:64bit: - [2007/03/05 14:39:28 | 000,063,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV:64bit: - [2007/03/05 14:38:20 | 000,047,120 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV:64bit: - [2007/03/05 14:35:40 | 000,037,648 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV:64bit: - [2007/01/19 13:24:24 | 000,025,312 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot] -- I:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV:64bit: - [2006/11/01 06:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- I:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/06/26 04:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System] -- I:\Windows\SysWOW64\drivers\RxFilter.sys -- (RxFilter)
DRV - [2007/03/05 14:49:38 | 000,047,888 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\SysWOW64\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007/03/05 14:48:12 | 000,037,648 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\SysWOW64\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007/03/05 14:47:08 | 000,025,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\SysWOW64\drivers\btnetdrv.sys -- (BT)
DRV - [2007/03/05 14:42:54 | 000,049,680 | ---- | M] (IVT Corporation.) [Kernel | Boot] -- I:\Windows\SysWOW64\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007/03/05 14:41:34 | 000,024,976 | ---- | M] (IVT Corporation.) [Kernel | Boot] -- I:\Windows\SysWOW64\drivers\VBTEnum.sys -- (BTHidEnum)
DRV - [2007/03/05 14:39:28 | 000,063,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\SysWOW64\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2007/03/05 14:38:20 | 000,047,120 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\SysWOW64\drivers\VComm.sys -- (VComm)
DRV - [2007/03/05 14:35:40 | 000,037,648 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- I:\Windows\SysWOW64\drivers\blueletaudio.sys -- (BlueletAudio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Kecki_ON_I\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3227975
IE - HKU\Kecki_ON_I\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
IE - HKU\Kecki_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.vol.at/
IE - HKU\Kecki_ON_I\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - Reg Error: Key error. File not found
IE - HKU\Kecki_ON_I\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - Reg Error: Key error. File not found
IE - HKU\Kecki_ON_I\..\URLSearchHook: {cdf97ee2-ded0-4369-835e-99dd08225fa5} - Reg Error: Key error. File not found
IE - HKU\Kecki_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Kecki_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
 
========== FireFox ==========
 
FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.defaultthis.engineName: "appbario2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227975&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?SSPV=FFB2&ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:2.0
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: I:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: I:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: I:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: I:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: I:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Citrix.com/npican: I:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: I:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: I:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: I:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.102.0: I:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: I:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: I:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: I:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: I:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: I:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: I:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: I:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: I:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: I:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: I:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: I:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Acrobat: I:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: I:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: I:\Users\Kecki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013/02/22 11:07:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/05/10 07:46:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/25 06:07:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/25 06:07:27 | 000,000,000 | ---D | M]
 
[2010/07/29 12:45:42 | 000,000,000 | ---D | M] (No name found) -- I:\Users\Kecki\AppData\Roaming\Mozilla\Extensions
[2010/07/29 12:45:42 | 000,000,000 | ---D | M] (No name found) -- I:\Users\Kecki\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2013/05/23 13:05:48 | 000,000,000 | ---D | M] (No name found) -- I:\Users\Kecki\AppData\Roaming\Mozilla\Firefox\Profiles\qeg5wvbr.default\extensions
[2011/11/25 14:47:24 | 000,000,000 | ---D | M] (toolplugin) -- I:\Users\Kecki\AppData\Roaming\Mozilla\Firefox\Profiles\qeg5wvbr.default\extensions\welcome@toolmin.com
[2011/05/17 08:30:57 | 000,002,396 | ---- | M] () -- I:\Users\Kecki\AppData\Roaming\Mozilla\Firefox\Profiles\qeg5wvbr.default\searchplugins\askcom.xml
[2010/10/03 04:40:13 | 000,000,873 | ---- | M] () -- I:\Users\Kecki\AppData\Roaming\Mozilla\Firefox\Profiles\qeg5wvbr.default\searchplugins\bProtect.xml
[2012/09/17 12:56:11 | 000,000,949 | ---- | M] () -- I:\Users\Kecki\AppData\Roaming\Mozilla\Firefox\Profiles\qeg5wvbr.default\searchplugins\conduit.xml
[2012/03/14 14:53:07 | 000,003,915 | ---- | M] () -- I:\Users\Kecki\AppData\Roaming\Mozilla\Firefox\Profiles\qeg5wvbr.default\searchplugins\sweetim.xml
[2013/02/22 10:28:03 | 000,000,000 | ---D | M] (No name found) -- I:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/06 14:38:50 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/10/18 13:22:01 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
File not found (No name found) -- 
() (No name found) -- I:\USERS\KECKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QEG5WVBR.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}.XPI
[2012/03/17 13:42:02 | 000,097,208 | ---- | M] (Mozilla Foundation) -- I:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/17 13:42:01 | 000,001,392 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/03/17 13:42:01 | 000,002,252 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/17 13:42:01 | 000,001,153 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/03/26 09:09:28 | 000,002,046 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2012/03/17 13:42:01 | 000,006,805 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/25 14:47:24 | 000,000,158 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
[2012/03/17 13:42:01 | 000,001,178 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/03/17 13:42:01 | 000,001,105 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011/08/31 12:55:34 | 000,000,862 | ---- | M]) - I:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - I:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - I:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - I:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - I:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {cdf97ee2-ded0-4369-835e-99dd08225fa5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} -  File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - I:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\Kecki_ON_I\..\Toolbar\WebBrowser: (no name) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No CLSID value found.
O3:64bit: - HKU\Kecki_ON_I\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - I:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\Kecki_ON_I\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\Kecki_ON_I\..\Toolbar\WebBrowser: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} -  File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] I:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] I:\Windows\System32\EptMon64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] I:\Windows\System32\THXCfg64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [VX3000] I:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] I:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] I:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] I:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] I:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] I:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXMediaServer] I:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] I:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] I:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] I:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ShwiconXP9106] I:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [THX Audio Control Panel] I:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] I:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\Kecki_ON_I..\Run: [Facebook Update] I:\Users\Kecki\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\LocalService_ON_I..\Run: [Sidebar] I:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_I..\Run: [Sidebar] I:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_I..\Run: [Sidebar] I:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] I:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] I:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKU\LocalService_ON_I..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_I..\RunOnce: [mctadmin]  File not found
O4 - HKU\UpdatusUser_ON_I..\RunOnce: [mctadmin]  File not found
O4 - HKLM..\RunOnceEx: [ContentMerger] I:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe (Sonic Solutions)
O4 - Startup: I:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ()
O4 - Startup: I:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Kecki_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Free YouTube Download - I:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandenes PDF anfügen - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube Download - I:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - I:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - I:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - I:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - I:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - I:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - I:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - I:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - I:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - I:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} hxxp://download.sopcast.com/download/SOPCORE.CAB (SopCore Control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-65B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-425053540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-430053540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (c:\progra~3\bprote~1\22463~1.83\protec~1.dll) -  File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll) - I:\Program Files (x86)\Citrix\ICA Client\RSHook.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - I:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - I:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - I:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Kecki_ON_I Winlogon: Shell - (explorer.exe) - I:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Kecki_ON_I Winlogon: Shell - (C:\Users\Kecki\AppData\Roaming\skype.dat) - I:\Users\Kecki\AppData\Roaming\skype.dat ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - File not found -  -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{01ff4fcf-1ec5-11e2-972c-0009dd65c7cd}\Shell - "" = AutoRun
O33 - MountPoints2\{01ff4fcf-1ec5-11e2-972c-0009dd65c7cd}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{1c6cf1ed-958f-11df-bc34-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1c6cf1ed-958f-11df-bc34-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{1c6cf1ed-958f-11df-bc34-806e6f6e6963}\Shell\readit\command - "" = notepad readme.doc
O33 - MountPoints2\{b559aea5-0589-11e2-bfcf-0009dd65c7cd}\Shell - "" = AutoRun
O33 - MountPoints2\{b559aea5-0589-11e2-bfcf-0009dd65c7cd}\Shell\AutoRun\command - "" = J:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/05/25 06:07:22 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/05/25 06:07:19 | 000,000,000 | ---D | C] -- I:\Program Files (x86)\QuickTime
[2013/05/25 06:02:30 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/05/25 06:02:18 | 000,000,000 | ---D | C] -- I:\Program Files\iTunes
[2013/05/25 06:02:18 | 000,000,000 | ---D | C] -- I:\Program Files (x86)\iTunes
[2013/05/25 06:02:18 | 000,000,000 | ---D | C] -- I:\Program Files\iPod
[2013/05/25 06:02:18 | 000,000,000 | ---D | C] -- I:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/05/25 06:00:39 | 000,000,000 | -HSD | C] -- I:\Config.Msi
[2013/05/17 14:00:05 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- I:\Windows\System32\AdobePDFUI.dll
[2013/05/17 09:46:52 | 000,526,336 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\ieui.dll
[2013/05/17 09:46:52 | 000,391,168 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\ieui.dll
[2013/05/17 09:46:52 | 000,051,712 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\ie4uinit.exe
[2013/05/17 09:46:51 | 000,603,136 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msfeeds.dll
[2013/05/17 09:46:51 | 000,493,056 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\msfeeds.dll
[2013/05/17 09:46:51 | 000,136,704 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\iesysprep.dll
[2013/05/17 09:46:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\iesysprep.dll
[2013/05/17 09:46:51 | 000,089,600 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\RegisterIEPKEYs.exe
[2013/05/17 09:46:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/05/17 09:46:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\iesetup.dll
[2013/05/17 09:46:51 | 000,061,440 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\iesetup.dll
[2013/05/17 09:46:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\iernonce.dll
[2013/05/17 09:46:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\iernonce.dll
[2013/05/17 09:46:50 | 000,855,552 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\jscript.dll
[2013/05/17 09:46:49 | 003,958,784 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\jscript9.dll
[2013/05/17 09:46:49 | 002,877,440 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\jscript9.dll
[2013/05/17 09:46:49 | 000,690,688 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\jscript.dll
[2013/05/17 09:41:03 | 000,265,064 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\drivers\dxgmms1.sys
[2013/05/17 09:41:03 | 000,144,384 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\cdd.dll
[2013/05/17 09:40:47 | 001,930,752 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\authui.dll
[2013/05/17 09:40:47 | 000,197,120 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\shdocvw.dll
[2013/05/17 09:40:46 | 001,796,096 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\authui.dll
[2013/05/17 09:40:46 | 000,111,448 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\consent.exe
[2013/05/17 09:40:41 | 000,048,640 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\wwanprotdim.dll
[2013/02/19 17:20:22 | 000,018,944 | ---- | C] ( ) -- I:\Windows\SysWow64\implode.dll
[2010/08/10 13:06:53 | 000,082,816 | ---- | C] (VSO Software) -- I:\Users\Kecki\AppData\Roaming\pcouffin.sys
[1 I:\Windows\*.tmp files -> I:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/06/13 16:11:54 | 000,067,584 | --S- | M] () -- I:\Windows\bootstat.dat
[2013/06/13 16:11:42 | 000,000,004 | ---- | M] () -- I:\Users\Kecki\AppData\Roaming\skype.ini
[2013/06/13 16:11:22 | 000,001,106 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/13 16:10:54 | 2115,301,375 | -HS- | M] () -- I:\hiberfil.sys
[2013/06/09 11:56:06 | 000,654,602 | ---- | M] () -- I:\Windows\System32\perfh007.dat
[2013/06/09 11:56:06 | 000,616,484 | ---- | M] () -- I:\Windows\System32\perfh009.dat
[2013/06/09 11:56:06 | 000,130,216 | ---- | M] () -- I:\Windows\System32\perfc007.dat
[2013/06/09 11:56:06 | 000,106,606 | ---- | M] () -- I:\Windows\System32\perfc009.dat
[2013/06/09 11:49:05 | 000,014,240 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/09 11:49:05 | 000,014,240 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/09 11:43:10 | 000,001,110 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/09 11:42:15 | 000,000,648 | ---- | M] () -- I:\Windows\tasks\WebContent AutoUpdate 2012.job
[2013/06/08 11:57:01 | 000,001,138 | ---- | M] () -- I:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1175492960-3731827963-1938662641-1000UA.job
[2013/06/07 19:27:00 | 000,000,884 | ---- | M] () -- I:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/30 08:57:00 | 000,001,116 | ---- | M] () -- I:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1175492960-3731827963-1938662641-1000Core.job
[2013/05/25 06:53:17 | 000,000,221 | ---- | M] () -- I:\Users\Kecki\Desktop\Call of Duty Modern Warfare 3.url
[2013/05/25 06:07:22 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/05/25 06:02:30 | 000,001,785 | ---- | M] () -- I:\Users\Public\Desktop\iTunes.lnk
[2013/05/25 06:02:30 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/05/21 14:48:41 | 000,002,441 | ---- | M] () -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/05/17 13:59:46 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4
[2013/05/17 12:12:53 | 002,954,432 | ---- | M] () -- I:\Windows\System32\FNTCACHE.DAT
[2013/05/17 09:32:50 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- I:\Windows\SysWow64\FlashPlayerApp.exe
[2013/05/17 09:32:50 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- I:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 I:\Windows\*.tmp files -> I:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/06/09 05:48:26 | 000,000,004 | ---- | C] () -- I:\Users\Kecki\AppData\Roaming\skype.ini
[2013/05/25 06:53:17 | 000,000,221 | ---- | C] () -- I:\Users\Kecki\Desktop\Call of Duty Modern Warfare 3.url
[2012/11/26 14:34:30 | 000,053,299 | ---- | C] () -- I:\Windows\SysWow64\pthreadVC.dll
[2012/01/12 10:56:20 | 000,106,496 | ---- | C] () -- I:\Users\Kecki\AppData\Roaming\skype.dat
[2011/09/28 12:44:14 | 000,179,271 | ---- | C] () -- I:\Windows\SysWow64\xlive.dll.cat
[2011/09/27 13:30:39 | 000,000,000 | ---- | C] () -- I:\Windows\SysWow64\Access.dat
[2011/08/14 16:58:33 | 000,000,000 | ---- | C] () -- I:\Users\Kecki\AppData\Local\{AECEA4F3-647B-4269-A120-2793C1F9FB41}
[2011/07/27 09:24:11 | 000,000,000 | ---- | C] () -- I:\Users\Kecki\AppData\Local\{13064918-0232-43E5-B828-7DB8C6B2F456}
[2011/06/30 10:03:14 | 000,000,089 | ---- | C] () -- I:\Windows\sierra.ini
[2011/06/18 05:39:40 | 000,217,088 | ---- | C] () -- I:\Windows\SysWow64\libmySQL.dll
[2011/06/18 05:39:40 | 000,102,400 | ---- | C] () -- I:\Windows\SysWow64\TrackerNET.dll
[2011/05/18 05:05:57 | 000,000,000 | ---- | C] () -- I:\Users\Kecki\AppData\Local\{C0A693CF-5842-4F78-A880-08571C04FE06}
[2011/05/08 07:02:28 | 000,000,000 | ---- | C] () -- I:\Users\Kecki\AppData\Local\{DB43A15E-11E2-4B66-B384-465EEACD5CD1}
[2011/05/05 13:06:30 | 000,252,928 | ---- | C] () -- I:\Windows\SysWow64\DShowRdpFilter.dll
[2011/04/08 09:42:24 | 000,007,680 | ---- | C] () -- I:\Users\Kecki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/26 05:45:36 | 001,526,976 | ---- | C] () -- I:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/16 14:29:09 | 000,000,056 | -H-- | C] () -- I:\Windows\SysWow64\ezsidmv.dat
[2010/08/15 04:02:27 | 000,075,136 | ---- | C] () -- I:\Windows\SysWow64\PnkBstrA.exe
[2010/08/15 04:02:04 | 000,183,112 | ---- | C] () -- I:\Windows\SysWow64\PnkBstrB.exe
[2010/08/10 13:08:26 | 002,109,169 | ---- | C] () -- I:\Users\Kecki\AppData\Roaming\vso_ts_preview.xml
[2010/08/10 13:06:53 | 000,099,384 | ---- | C] () -- I:\Users\Kecki\AppData\Roaming\inst.exe
[2010/08/10 13:06:53 | 000,007,859 | ---- | C] () -- I:\Users\Kecki\AppData\Roaming\pcouffin.cat
[2010/08/10 13:06:53 | 000,001,167 | ---- | C] () -- I:\Users\Kecki\AppData\Roaming\pcouffin.inf
[2010/07/30 05:54:08 | 000,000,331 | ---- | C] () -- I:\Windows\game.ini
[2010/07/22 09:12:45 | 000,177,664 | ---- | C] () -- I:\Windows\SysWow64\APOMngr.DLL
[2010/07/22 09:12:45 | 000,073,728 | ---- | C] () -- I:\Windows\SysWow64\CmdRtr.DLL
[2010/07/22 09:12:45 | 000,001,264 | ---- | C] () -- I:\Windows\THXCfg_SP_APOIM.ini
[2010/07/22 09:12:45 | 000,001,247 | ---- | C] () -- I:\Windows\THXCfg_HP_APOIM.ini
[2010/07/22 09:12:45 | 000,001,247 | ---- | C] () -- I:\Windows\THXCfg_APOIM.ini
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- I:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- I:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- I:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- I:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- I:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- I:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- I:\Windows\SysWow64\msjetoledb40.dll
[2009/06/26 12:24:18 | 000,015,498 | ---- | C] () -- I:\Windows\VX3000.ini
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- I:\Windows\SysWow64\mlang.dat
[2006/10/09 09:29:22 | 000,032,832 | ---- | C] () -- I:\Windows\SysWow64\drivers\BTNetFilter.sys
 
========== LOP Check ==========
 
[2013/05/25 06:02:30 | 000,000,000 | ---D | M] -- I:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2010/07/28 11:41:00 | 000,000,000 | -HSD | M] -- I:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Application Data
[2010/09/12 13:54:09 | 000,000,000 | ---D | M] -- I:\ProgramData\Bluetooth
[2012/07/15 12:15:22 | 000,000,000 | ---D | M] -- I:\ProgramData\bProtectorForWindows
[2013/04/04 14:54:34 | 000,000,000 | ---D | M] -- I:\ProgramData\Citrix
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Documents
[2010/07/28 11:41:00 | 000,000,000 | -HSD | M] -- I:\ProgramData\Dokumente
[2011/06/11 13:16:12 | 000,000,000 | -HSD | M] -- I:\ProgramData\DSS
[2010/11/19 10:20:35 | 000,000,000 | ---D | M] -- I:\ProgramData\EA Core
[2011/12/24 18:06:27 | 000,000,000 | ---D | M] -- I:\ProgramData\EA Logs
[2012/07/15 12:14:59 | 000,000,000 | ---D | M] -- I:\ProgramData\Electronic Arts
[2011/03/26 09:58:23 | 000,000,000 | ---D | M] -- I:\ProgramData\eMule
[2010/07/28 11:41:00 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favorites
[2012/07/15 12:15:56 | 000,000,000 | ---D | M] -- I:\ProgramData\IBUpdaterService
[2013/02/19 17:23:42 | 000,000,000 | ---D | M] -- I:\ProgramData\Nemetschek
[2013/04/05 17:56:26 | 000,000,000 | ---D | M] -- I:\ProgramData\Origin
[2010/07/22 09:08:38 | 000,000,000 | ---D | M] -- I:\ProgramData\PCDr
[2012/06/17 12:29:36 | 000,000,000 | ---D | M] -- I:\ProgramData\Rockstar Games
[2010/11/19 09:59:02 | 000,000,000 | ---D | M] -- I:\ProgramData\Solidshield
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Start Menu
[2010/07/28 11:41:00 | 000,000,000 | -HSD | M] -- I:\ProgramData\Startmenü
[2010/07/22 09:08:41 | 000,000,000 | ---D | M] -- I:\ProgramData\SupportSoft
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Templates
[2011/09/30 12:53:47 | 000,000,000 | ---D | M] -- I:\ProgramData\Tunngle
[2010/07/22 09:11:59 | 000,000,000 | ---D | M] -- I:\ProgramData\Uninstall
[2010/09/26 07:59:39 | 000,000,000 | ---D | M] -- I:\ProgramData\VirtualizedApplications
[2010/07/28 11:41:00 | 000,000,000 | -HSD | M] -- I:\ProgramData\Vorlagen
[2010/08/12 12:44:54 | 000,000,000 | ---D | M] -- I:\ProgramData\vsosdk
[2010/07/28 16:02:38 | 000,000,000 | ---D | M] -- I:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/07/22 09:15:03 | 000,000,000 | -H-D | M] -- I:\ProgramData\{D19C2D22-6043-47E7-B400-83A351841204}
[2013/02/20 15:10:07 | 000,000,492 | ---- | M] () -- I:\Windows\Tasks\AutoUpdate Allplan 2012.job
[2013/05/30 08:57:00 | 000,001,116 | ---- | M] () -- I:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1175492960-3731827963-1938662641-1000Core.job
[2013/06/08 11:57:01 | 000,001,138 | ---- | M] () -- I:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1175492960-3731827963-1938662641-1000UA.job
[2013/02/27 13:06:10 | 000,032,632 | ---- | M] () -- I:\Windows\Tasks\SCHEDLGU.TXT
[2013/06/09 11:42:15 | 000,000,648 | ---- | M] () -- I:\Windows\Tasks\WebContent AutoUpdate 2012.job
 
========== Purity Check ==========
 
 
< End of report >
Vielen Dank schon mal für die Hilfe
Geändert von Alex81 (13.06.2013 um 21:25 Uhr)

 

Themen zu Weißer Bildschirm beim Start von Windows 7
antivir, bho, bildschirm, conduitsearch, conduitsearch entfernen, desktop, device driver, dvdvideosoft ltd., error, firefox, flash player, helper, home, launch, logfile, netgear, plug-in, pup.bundleinstaller.ib, realtek, registry, scan, search the web, software, start von windows, starten, tracker, trojan.ransom, virus, windows


« BKA Trojaner Win 7 nach Zurücksetzen wirklich weg ?? | Email ; Vorsorgliche Sicherheitssperre ihres Postfachs »


Ähnliche Themen: Weißer Bildschirm beim Start von Windows 7


  1. Weißer Bildschirm beim Start von Windows 7
    Log-Analyse und Auswertung - 12.06.2020 (13)
  2. Windows 7 weißer Bildschirm bei Start
    Plagegeister aller Art und deren Bekämpfung - 07.12.2014 (9)
  3. Weißer Bildschirm beim Start
    Plagegeister aller Art und deren Bekämpfung - 27.10.2014 (2)
  4. Weißer Bildschirm Beim Windows Start
    Plagegeister aller Art und deren Bekämpfung - 21.10.2013 (6)
  5. Windows 7 - weißer Bildschirm nach Start
    Plagegeister aller Art und deren Bekämpfung - 16.10.2013 (1)
  6. weißer Bildschirm nach Start Windows 7
    Log-Analyse und Auswertung - 30.09.2013 (14)
  7. Weißer Bildschirm nach Start von Windows 7
    Plagegeister aller Art und deren Bekämpfung - 29.06.2013 (46)
  8. Computer gesperrt, weißer Bildschirm beim Start
    Log-Analyse und Auswertung - 17.06.2013 (13)
  9. weißer Bildschirm beim Start von Windows vista 64bit
    Log-Analyse und Auswertung - 20.05.2013 (11)
  10. weißer bildschirm beim start
    Plagegeister aller Art und deren Bekämpfung - 03.05.2013 (17)
  11. Weißer Bildschirm beim Start von Windows 7 mit Bundespolizei Hinweis
    Plagegeister aller Art und deren Bekämpfung - 03.04.2013 (18)
  12. Weißer Bildschirm nach windows 7 Start
    Plagegeister aller Art und deren Bekämpfung - 22.03.2013 (30)
  13. Weißer Bildschirm nach Start von Windows 7
    Plagegeister aller Art und deren Bekämpfung - 03.03.2013 (39)
  14. Weißer Bildschirm nach Start (Windows 7)
    Plagegeister aller Art und deren Bekämpfung - 26.02.2013 (22)
  15. Weißer Bildschirm bei Windows Start
    Log-Analyse und Auswertung - 26.10.2012 (12)
  16. Weißer Bildschirm beim Start von Windows
    Log-Analyse und Auswertung - 07.10.2012 (6)
  17. Weißer Bildschirm beim Windows-7-Start
    Plagegeister aller Art und deren Bekämpfung - 07.09.2012 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Weißer Bildschirm beim Start von Windows 7 - Hallo miteinander, der PC meiner Freundin hat sich den Virus mit der "Bundespolizei Meldung" eingefangen. Die Meldung mit der Zahlungsaufforderung von 100 Euro kam aber nur beim erstmaligen Auftreten des - Weißer Bildschirm beim Start von Windows 7...
Archiv
Du betrachtest: Weißer Bildschirm beim Start von Windows 7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131