Trojaner-Board - GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt."

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt." (https://www.trojaner-board.de/123116-gvu-trojaner-100-zahlungsaufforderung-computer-mehreren-unten-aufgefuehrten-gruende-gesperrt.html)

GVU Trojaner mit 100€ Zahlungsaufforderung "Ihr computer ist aus einem oder mehreren der unten aufgeführten Gründe gesperrt."

habe ebenfalls das problem .. :-/

OTL Logfile:

Code:

OTL logfile created on: 30.08.2012 21:03:29 - Run 3

OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Gast\Desktop

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,99 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,58% Memory free

5,98 Gb Paging File | 4,77 Gb Available in Paging File | 79,73% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 900,41 Gb Total Space | 706,04 Gb Free Space | 78,41% Space Free | Partition Type: NTFS

Drive D: | 30,00 Gb Total Space | 22,02 Gb Free Space | 73,41% Space Free | Partition Type: NTFS

Drive E: | 6,33 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive F: | 232,88 Gb Total Space | 198,50 Gb Free Space | 85,23% Space Free | Partition Type: NTFS

 

Computer Name: SATURN-PC | User Name: saturn | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Users\Gast\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)

PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

PRC - C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)

PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)

PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()

PRC - C:\Windows\System32\atieclxx.exe (AMD)

PRC - C:\Windows\System32\atiesrxx.exe (AMD)

PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\635b3aec298ad5e8c903b2323d79cc5a\IAStorUtil.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3748.36963__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3748.36959__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3748.36878__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3748.36942__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3748.36851__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3748.36900__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3748.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3748.36892__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3748.36850__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3748.36850__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Dashboard\2.0.3748.36965__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3748.36877__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3748.36892__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3748.36883__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3748.36941__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3748.36907__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3748.36836__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3748.36886__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3748.36931__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3748.36891__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3748.36875__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3748.36843__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3748.36883__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3748.36855__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Runtime\2.0.3748.36965__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3748.36963__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3748.36957__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3748.36871__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3748.36819__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3748.36816__90ba9c70f846762e\CLI.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3748.36867__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3748.36907__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3748.36941__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3748.36891__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3748.36847__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3748.36929__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3748.36877__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3748.36936__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3748.36886__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3748.36884__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3748.36815__90ba9c70f846762e\LOG.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3748.36923__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3748.36847__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3748.36818__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3748.36882__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3748.36818__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3748.36825__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3748.36817__90ba9c70f846762e\APM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3748.36843__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3748.36836__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3748.36816__90ba9c70f846762e\NEWAEM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3748.36929__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3748.36820__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3748.36817__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3748.36824__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3748.36822__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3748.36817__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3748.36825__90ba9c70f846762e\DEM.Graphics.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3748.36928__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3748.36822__90ba9c70f846762e\AEM.Server.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3748.36821__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3748.36819__90ba9c70f846762e\MOM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3748.36820__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3748.36936__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3748.36826__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3748.36821__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3748.36832__90ba9c70f846762e\CLI.Component.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3748.36917__90ba9c70f846762e\CLI.Component.Systemtray.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3748.36843__90ba9c70f846762e\CLI.Component.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3748.36923__90ba9c70f846762e\MOM.Implementation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3748.36921__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3748.36824__90ba9c70f846762e\CLI.Component.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3748.36823__90ba9c70f846762e\APM.Server.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3748.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3748.36821__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3748.36822__90ba9c70f846762e\AEM.Server.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3748.36820__90ba9c70f846762e\CLI.Foundation.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3748.36830__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3748.36818__90ba9c70f846762e\LOG.Foundation.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3748.36819__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3748.36923__90ba9c70f846762e\CCC.Implementation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3748.36842__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3748.36831__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3748.36849__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()

MOD - C:\Programme\WinRAR\RarExt.dll ()

MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll ()

MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (Sony PC Companion) -- C:\Programme\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)

SRV - (cvhsvc) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)

SRV - (sftvsa) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

SRV - (sftlist) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)

SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)

SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()

SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)

SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)

SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (cpuz132) -- C:\Users\saturn\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found

DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)

DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)

DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)

DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)

DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)

DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)

DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation)

DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation)

DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation)

DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation)

DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation)

DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation)

DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation)

DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)

DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)

DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)

DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)

DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)

DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)

DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)

DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)

DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)

DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)

DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)

DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)

DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)

DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)

DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)

DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)

DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = StartPins

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b21b691e0000000000006c626d568a37&tlver=1.4.19.19&ss=1&affID=17395

IE - HKLM\..\URLSearchHook:  - No CLSID value found

IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found

IE - HKLM\..\SearchScopes,DefaultScope = 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.medion.com [binary data]

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.medion.com [binary data]

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://vshare.toolbarhome.com/?hp=df

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.medion.com [binary data]

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.medion.com [binary data]

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Suche

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultthis.engineName: "Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Ask.com"

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://startsear.ch/?hp=df"

FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9

FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2

FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3

FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"

FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\saturn\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\saturn\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\saturn\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\saturn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\PROGRA~1\MOZILL~1\plugins\NpFv522.dll (1 mal 1 Software GmbH)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.13 17:24:49 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.07.11 17:51:44 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 00:41:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.14 21:35:19 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.13 17:24:49 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\saturn\AppData\Roaming\15001.001 [2012.08.30 17:31:02 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 00:41:35 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.14 21:35:19 | 000,000,000 | ---D | M]

 

[2011.10.21 20:13:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Extensions

[2012.08.21 23:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions

[2012.07.29 23:38:09 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2012.08.21 23:35:26 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

[2010.11.26 14:42:54 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012.04.12 19:40:17 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\bbrs_002@blabbers.com

[2011.08.18 11:08:05 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\ffxtlbr@babylon.com

[2012.03.27 20:26:54 | 000,000,000 | ---D | M] (vShare) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\vshare@toolbar

[2012.03.28 17:36:16 | 000,002,404 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\askcom.xml

[2011.07.23 23:14:05 | 000,002,023 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\badoo.xml

[2010.11.29 23:06:08 | 000,001,832 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\bing.xml

[2010.11.26 21:34:12 | 000,000,873 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\conduit.xml

[2012.08.28 23:02:19 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-1.xml

[2011.09.06 20:19:34 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-10.xml

[2011.09.07 20:47:16 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-11.xml

[2011.09.27 21:47:46 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-12.xml

[2011.10.03 12:46:41 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-13.xml

[2011.11.08 18:55:12 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-14.xml

[2011.11.10 23:59:21 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-15.xml

[2011.11.30 22:10:47 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-16.xml

[2012.01.04 17:20:09 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-17.xml

[2012.01.04 21:52:23 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-18.xml

[2012.02.01 20:25:27 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-19.xml

[2011.03.24 17:00:29 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-2.xml

[2012.02.13 19:21:45 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-20.xml

[2012.02.19 16:23:43 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-21.xml

[2011.04.21 18:40:32 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-3.xml

[2011.05.14 09:17:55 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-4.xml

[2011.06.28 19:45:36 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-5.xml

[2011.07.03 14:31:14 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-6.xml

[2011.08.16 20:02:32 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-7.xml

[2011.08.17 13:05:22 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-8.xml

[2011.08.19 17:26:23 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-9.xml

[2011.03.05 18:47:43 | 000,001,056 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin.xml

[2011.10.21 20:11:20 | 000,002,516 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\SearchResults.xml

[2012.01.07 18:51:20 | 000,000,792 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\startsear.xml

[2010.11.13 20:18:18 | 000,003,915 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\sweetim.xml

[2012.03.27 20:27:00 | 000,001,565 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\web-search.xml

[2012.08.08 20:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012.08.30 00:41:35 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2009.09.21 11:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFv522.dll

[2011.10.27 15:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll

[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.03.03 15:28:38 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2012.08.30 00:41:35 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.10.21 20:11:20 | 000,002,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Search the web (Babylon) (Enabled)

CHR - default_search_provider: search_url = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b21b691e0000000000006c626d568a37&tlver=1.4.19.19&ss=1&affID=17395

CHR - default_search_provider: suggest_url = 

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: LiveVDO plug-in (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\chvsharetvplg.dll

CHR - plugin: LiveVDO plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll

CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll

CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\saturn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Users\saturn\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

CHR - plugin: Media Go Detector (Enabled) = c:\Program Files\Sony\Media Go\npmediago.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Browser Companion Helper = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: General Crawler = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\

CHR - Extension: LiveVDO plugin = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\

 

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( )

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Programme\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)

O2 - BHO: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\BrowserCompanion\updatebhoWin32.dll ( )

O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\saturn\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL ()

O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)

O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.

O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-501\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.

O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-501\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe (Badoo)

O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [Facebook Update] C:\Users\saturn\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)

O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [Userinit] C:\Users\saturn\AppData\Roaming\appConf32.exe ()

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - Startup: C:\Users\saturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk = C:\Users\saturn\AppData\Roaming\BrowserCompanion\tcbhn.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O8 - Extra context menu item: Free YouTube Download - C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA324995-E6B1-43EE-83D6-9FB83E2B28FF}: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)

O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - E:\autorun.exe -- [ UDF ]

O32 - AutoRun File - [2011.08.11 04:04:53 | 000,000,047 | R--- | M] () - E:\Autorun.inf -- [ UDF ]

O33 - MountPoints2\{7dcb8fca-b755-11df-8a77-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{7dcb8fca-b755-11df-8a77-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.)

O33 - MountPoints2\{8764202b-f88c-11df-9981-6c626d568a37}\Shell - "" = AutoRun

O33 - MountPoints2\{8764202b-f88c-11df-9981-6c626d568a37}\Shell\AutoRun\command - "" = H:\Startme.exe

O33 - MountPoints2\E\Shell - "" = AutoRun

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.)

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.08.30 17:31:02 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\15001.001

[2012.08.30 17:30:57 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{0E613BF5-99C9-4D6E-A5C7-3C8A8B726A3D}

[2012.08.30 01:00:16 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\UAs

[2012.08.29 23:48:31 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\14001.018

[2012.08.29 23:48:10 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\xmldm

[2012.08.29 23:48:10 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\kock

[2012.08.29 17:46:10 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{45BB5B7B-E517-4DE1-B97C-2113FF6565FD}

[2012.08.28 17:00:19 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{492AFC1D-F7EA-4C50-AD17-96FF644062A4}

[2012.08.27 18:36:05 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CA3BA918-9967-4BEB-AC71-4E551A916D6E}

[2012.08.26 13:14:17 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{595F87C4-CE04-495F-A742-933539E126DD}

[2012.08.25 12:54:04 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{10B71342-4939-43A0-B43A-A5DE9F83CB6A}

[2012.08.24 16:24:36 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CE456119-6ED6-40A8-B873-129C003FEC3D}

[2012.08.23 17:58:18 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{47A621AC-9D43-4815-B1EA-AA7EAAE4F1D4}

[2012.08.22 19:32:30 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{7B3EC23A-8DFC-4A4A-91E4-C50C08F4B53E}

[2012.08.21 19:29:58 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{A6A5751B-EDD0-4473-99CA-0BCA1E49CC6F}

[2012.08.20 19:12:22 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{FB55A9D2-4535-455C-8D6A-81BCE37E845A}

[2012.08.19 23:12:06 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{772247CC-347D-4A4B-8C3D-F2F57351FC10}

[2012.08.19 11:11:41 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{765B961C-8A74-46D1-AF32-49E2138CF330}

[2012.08.18 15:01:16 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{8EB45775-62D9-4E3D-8536-B530E9D271A3}

[2012.08.18 15:01:05 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{4E250644-FF84-4FC0-B140-6072D21D4EA8}

[2012.08.17 19:16:56 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{6B20B3AD-F018-4910-84CA-2CE8308FF140}

[2012.08.17 19:16:45 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{A50BC3C0-D090-4CA1-AE30-38897D6EB7D2}

[2012.08.16 21:07:38 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{29C8D437-6D6C-41DB-A834-039FDD854B24}

[2012.08.16 21:07:27 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{0EC0876F-DF9A-4FF0-951B-B9C18B42F89C}

[2012.08.16 00:58:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2012.08.16 00:58:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2012.08.16 00:58:16 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2012.08.16 00:58:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2012.08.16 00:58:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2012.08.16 00:58:15 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2012.08.16 00:58:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2012.08.15 19:35:13 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll

[2012.08.15 19:35:11 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2012.08.15 19:35:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll

[2012.08.15 19:31:03 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{038C2AF4-8050-4912-9929-C48518C61082}

[2012.08.15 19:30:52 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{27DDCD14-C4B8-4F94-B5EE-7F77778594C6}

[2012.08.14 21:33:45 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{16A5F277-9259-4574-A3BD-2A10BA621E82}

[2012.08.14 21:33:34 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{B142047A-458F-4F25-ADEA-0594D24DA7BC}

[2012.08.13 19:50:15 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{F7B3D38D-B975-4419-87EE-91E7C04E08A8}

[2012.08.13 19:50:04 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CCE40081-5E7B-4CA2-9E82-E6C2B9F313C5}

[2012.08.12 14:12:53 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{772246A7-022E-4A9F-9165-0AAE985FE8FF}

[2012.08.12 14:12:42 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{9B454AB5-56E1-48C9-8949-197DA9A6B532}

[2012.08.12 01:44:22 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{42997C90-7669-4C55-B7C4-B3710B595E6E}

[2012.08.12 01:44:01 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CE4C7301-81FF-45BD-BE9D-8C5D0085B081}

[2012.08.11 13:43:44 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{0CEAC16A-9DA8-4AC6-8DE9-404C9DDEBED0}

[2012.08.11 13:43:33 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{1C5B8746-3B61-4407-9249-E17F3B07DC64}

[2012.08.10 18:50:36 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{5F40EABF-E76B-4C1A-8BF6-1CED8AA475C7}

[2012.08.10 18:50:25 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{BAD4AA54-CBFB-418C-8957-258233097489}

[2012.08.09 19:31:54 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{5B81B170-3930-4301-85F9-DE68E90CAAFD}

[2012.08.09 19:31:43 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{E86DF26B-BADC-4DA2-8F76-1CC244D7D34C}

[2012.08.08 18:15:54 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{2B7B849D-F92E-4ED8-B8B9-E5E56DCFEA4F}

[2012.08.08 18:15:41 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{B3BEC570-DC82-442C-B5E1-145C20447BFE}

[2012.08.07 21:04:33 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{79DC4DC9-E89C-4F3E-B583-ED99F440D1A7}

[2012.08.07 21:04:22 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{97CA0DE8-91E7-48A0-89D3-D16D5642760B}

[2012.08.06 12:48:31 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{A300A314-AD98-43CB-92AF-E1A4638D960A}

[2012.08.06 12:48:20 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{BC4460E8-010B-4B14-9A90-DBC782BF4D40}

[2012.08.06 12:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

[2012.08.05 13:54:40 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{9B45BE82-0D7C-4F4C-9499-8436EDD29066}

[2012.08.05 13:54:29 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{B615AE2A-E68C-4624-9473-4F450A987889}

[2012.08.05 02:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan

[2012.08.05 02:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan

[2012.08.04 22:44:24 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{2190359B-7AE7-4ABA-9201-0D55FEEEFAF7}

[2012.08.04 22:44:13 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{4985FE69-424C-4812-916F-991004FBB926}

[2012.08.03 12:09:23 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{EB127C51-FB0D-49B2-B712-F8A9615553B9}

[2012.08.03 12:09:12 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{46E7C127-ECF3-4776-9992-2B2031CA3C4D}

[2012.08.02 12:33:07 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{E6382E74-5F61-4DA7-A12C-8B74402B3755}

[2012.08.02 12:32:45 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{E8646B3D-125D-49B3-946E-BF82FE39E07D}

[2012.08.02 00:32:19 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{79FF3F25-F8F2-4439-BFF2-F92523D36FA6}

[2012.08.02 00:14:06 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\Flatcast

[2012.08.01 12:31:43 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{78312348-3EB3-4617-8988-0C3799B6F53C}

[2012.08.01 12:31:21 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{6CAFECB4-7237-495D-8FD7-95E01998995B}

[2012.08.01 00:30:56 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{28077E05-C484-47EE-902B-36FCE1222BD8}

[2 C:\Users\saturn\AppData\Roaming\*.tmp files -> C:\Users\saturn\AppData\Roaming\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.08.30 21:03:40 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000UA.job

[2012.08.30 20:57:47 | 004,503,728 | ---- | M] () -- C:\ProgramData\nud0repor.pad

[2012.08.30 20:57:42 | 000,000,016 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\blckdom.res

[2012.08.30 20:46:30 | 000,001,889 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk

[2012.08.30 20:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.08.30 20:28:00 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000UA.job

[2012.08.30 18:42:20 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.08.30 18:42:20 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.08.30 17:31:12 | 000,198,288 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\AcroIEHelpe204.dll

[2012.08.30 17:31:12 | 000,007,424 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe204.dll

[2012.08.30 17:24:10 | 006,746,756 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012.08.30 17:24:10 | 002,105,144 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.08.30 17:24:10 | 002,027,810 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012.08.30 17:24:10 | 001,741,430 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012.08.30 17:19:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.08.30 17:19:50 | 2408,927,232 | -HS- | M] () -- C:\hiberfil.sys

[2012.08.29 23:48:42 | 000,006,400 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe.dll

[2012.08.29 23:28:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000Core.job

[2012.08.28 17:00:56 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012.08.28 17:00:56 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2012.08.26 18:19:42 | 000,001,070 | ---- | M] () -- C:\Users\saturn\Desktop\Proje Öneri.rtf

[2012.08.26 15:03:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000Core.job

[2012.08.24 19:57:15 | 000,051,500 | ---- | M] () -- C:\Users\saturn\Desktop\402917_356228744458343_1596952542_n.jpg

[2012.08.22 19:33:22 | 000,002,420 | ---- | M] () -- C:\Users\saturn\Desktop\Google Chrome.lnk

[2012.08.16 21:06:24 | 000,294,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012.08.10 23:49:09 | 000,031,530 | ---- | M] () -- C:\Users\saturn\Desktop\427221_430599956982139_1143617147_n.jpg

[2012.08.10 19:18:16 | 000,000,199 | ---- | M] () -- C:\Users\saturn\Desktop\guteschheeinneee.rtf

[2012.08.08 21:08:50 | 000,039,179 | ---- | M] () -- C:\Users\saturn\Desktop\376234_414643878585881_1521063534_n.jpg

[2012.08.08 20:58:54 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012.08.06 12:05:50 | 000,002,044 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2012.08.06 12:05:50 | 000,002,044 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2012.08.03 14:49:21 | 000,028,740 | ---- | M] () -- C:\Users\saturn\Desktop\418572_305202276243594_321663588_n.jpg

[2012.08.02 16:43:36 | 000,036,432 | ---- | M] () -- C:\Users\saturn\Desktop\403851_10150981963967509_502008573_n.jpg

[2012.08.02 02:18:47 | 000,033,961 | ---- | M] () -- C:\Users\saturn\Desktop\391238_10152027841325190_1023298352_n.jpg

[2012.08.02 00:14:07 | 000,000,857 | ---- | M] () -- C:\Windows\unins000.dat

[2012.08.02 00:14:04 | 000,695,578 | ---- | M] () -- C:\Windows\unins000.exe

[2012.08.01 20:46:51 | 000,000,202 | ---- | M] () -- C:\Users\saturn\Desktop\roland...rtf

[2012.08.01 11:44:38 | 000,023,709 | ---- | M] () -- C:\Users\saturn\Desktop\539014_333697686712084_271076204_n.jpg

[2012.08.01 11:18:19 | 000,053,201 | ---- | M] () -- C:\Users\saturn\Desktop\483330_10151055869764870_854887321_n.jpg

[2012.08.01 01:01:58 | 000,087,761 | ---- | M] () -- C:\Users\saturn\Desktop\480380_472900902721283_1402432126_n.jpg

[2 C:\Users\saturn\AppData\Roaming\*.tmp files -> C:\Users\saturn\AppData\Roaming\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.08.30 20:46:30 | 004,503,728 | ---- | C] () -- C:\ProgramData\nud0repor.pad

[2012.08.30 20:46:30 | 000,001,889 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk

[2012.08.30 17:31:12 | 000,198,288 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\AcroIEHelpe204.dll

[2012.08.30 17:31:12 | 000,007,424 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe204.dll

[2012.08.29 23:48:42 | 000,006,400 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe.dll

[2012.08.29 23:48:22 | 000,000,016 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\blckdom.res

[2012.08.26 17:47:10 | 000,001,070 | ---- | C] () -- C:\Users\saturn\Desktop\Proje Öneri.rtf

[2012.08.24 19:57:14 | 000,051,500 | ---- | C] () -- C:\Users\saturn\Desktop\402917_356228744458343_1596952542_n.jpg

[2012.08.10 23:49:08 | 000,031,530 | ---- | C] () -- C:\Users\saturn\Desktop\427221_430599956982139_1143617147_n.jpg

[2012.08.10 19:18:16 | 000,000,199 | ---- | C] () -- C:\Users\saturn\Desktop\guteschheeinneee.rtf

[2012.08.08 21:08:47 | 000,039,179 | ---- | C] () -- C:\Users\saturn\Desktop\376234_414643878585881_1521063534_n.jpg

[2012.08.05 02:25:51 | 000,002,044 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2012.08.05 02:25:51 | 000,002,044 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2012.08.03 14:49:20 | 000,028,740 | ---- | C] () -- C:\Users\saturn\Desktop\418572_305202276243594_321663588_n.jpg

[2012.08.02 16:43:35 | 000,036,432 | ---- | C] () -- C:\Users\saturn\Desktop\403851_10150981963967509_502008573_n.jpg

[2012.08.02 02:18:47 | 000,033,961 | ---- | C] () -- C:\Users\saturn\Desktop\391238_10152027841325190_1023298352_n.jpg

[2012.08.02 00:14:06 | 000,695,578 | ---- | C] () -- C:\Windows\unins000.exe

[2012.08.02 00:14:06 | 000,000,857 | ---- | C] () -- C:\Windows\unins000.dat

[2012.08.01 20:46:50 | 000,000,202 | ---- | C] () -- C:\Users\saturn\Desktop\roland...rtf

[2012.08.01 11:44:37 | 000,023,709 | ---- | C] () -- C:\Users\saturn\Desktop\539014_333697686712084_271076204_n.jpg

[2012.08.01 11:18:14 | 000,053,201 | ---- | C] () -- C:\Users\saturn\Desktop\483330_10151055869764870_854887321_n.jpg

[2012.08.01 01:01:56 | 000,087,761 | ---- | C] () -- C:\Users\saturn\Desktop\480380_472900902721283_1402432126_n.jpg

[2011.10.13 17:18:45 | 000,197,043 | ---- | C] () -- C:\Windows\hpwins27.dat

[2011.10.13 16:55:29 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat.temp

[2011.06.02 21:53:21 | 000,000,068 | ---- | C] () -- C:\Windows\System32\enbseries.ini

[2011.02.19 21:29:11 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll

[2011.01.07 22:02:33 | 000,000,482 | ---- | C] () -- C:\Windows\eReg.dat

[2010.12.23 22:06:10 | 000,002,856 | ---- | C] () -- C:\Windows\mgxoschk.ini

[2008.12.09 17:23:13 | 000,050,640 | RHS- | C] () -- C:\Users\saturn\AppData\Roaming\appConf32.exe

 
 ========== LOP Check ==========

 

[2012.07.04 15:37:04 | 000,000,000 | ---D | M] -- C:\Users\ersatz\AppData\Roaming\SoftGrid Client

[2011.05.17 10:52:32 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Babylon

[2012.07.28 15:26:37 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\MAGIX

[2011.10.23 19:07:39 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\SoftGrid Client

[2012.08.29 23:48:31 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\14001.018

[2012.08.30 17:31:02 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\15001.001

[2012.01.06 15:05:47 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\2K Sports

[2012.03.03 15:28:37 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Babylon

[2011.04.24 00:12:27 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Blender Foundation

[2012.08.30 20:56:40 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\BrowserCompanion

[2011.07.28 19:09:44 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\DVDVideoSoft

[2011.07.28 19:05:00 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers

[2012.08.02 00:14:06 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Flatcast

[2011.01.03 01:02:30 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\ICQ

[2010.11.13 20:20:29 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\IrfanView

[2012.08.29 23:48:10 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\kock

[2011.01.28 18:59:58 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Leadertech

[2011.02.19 21:45:00 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\MAGIX

[2012.03.03 15:30:59 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Media Finder

[2011.10.21 20:11:18 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\MusicNet

[2012.08.19 02:45:26 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\SoftGrid Client

[2011.03.20 15:08:29 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Sony

[2011.03.20 15:03:05 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Sony Setup

[2010.11.12 19:25:23 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\TP

[2012.08.30 01:00:16 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\UAs

[2010.11.03 22:16:45 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Uniblue

[2011.03.11 00:59:31 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Windows Live Writer

[2012.08.30 01:01:08 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\xmldm

[2012.08.29 23:28:00 | 000,001,120 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000Core.job

[2012.08.30 20:28:00 | 000,001,142 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000UA.job

[2012.07.11 17:42:32 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 
 

< End of report >

--- --- ---

OTL Logfile:

Code:

OTL logfile created on: 30.08.2012 21:03:29 - Run 3

OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Gast\Desktop

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,99 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,58% Memory free

5,98 Gb Paging File | 4,77 Gb Available in Paging File | 79,73% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 900,41 Gb Total Space | 706,04 Gb Free Space | 78,41% Space Free | Partition Type: NTFS

Drive D: | 30,00 Gb Total Space | 22,02 Gb Free Space | 73,41% Space Free | Partition Type: NTFS

Drive E: | 6,33 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive F: | 232,88 Gb Total Space | 198,50 Gb Free Space | 85,23% Space Free | Partition Type: NTFS

 

Computer Name: SATURN-PC | User Name: saturn | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Users\Gast\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)

PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

PRC - C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)

PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)

PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()

PRC - C:\Windows\System32\atieclxx.exe (AMD)

PRC - C:\Windows\System32\atiesrxx.exe (AMD)

PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\635b3aec298ad5e8c903b2323d79cc5a\IAStorUtil.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3748.36963__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3748.36959__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3748.36878__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3748.36942__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3748.36851__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3748.36900__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3748.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3748.36892__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3748.36850__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3748.36850__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Dashboard\2.0.3748.36965__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3748.36877__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3748.36892__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3748.36883__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3748.36941__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3748.36907__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3748.36836__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3748.36886__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3748.36931__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3748.36891__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3748.36875__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3748.36843__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3748.36883__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3748.36855__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Runtime\2.0.3748.36965__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3748.36963__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3748.36957__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3748.36871__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3748.36819__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3748.36816__90ba9c70f846762e\CLI.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3748.36867__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3748.36907__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3748.36941__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3748.36891__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3748.36847__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3748.36929__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3748.36877__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3748.36936__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3748.36886__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3748.36884__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3748.36815__90ba9c70f846762e\LOG.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3748.36923__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3748.36847__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3748.36818__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3748.36882__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3748.36818__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3748.36825__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3748.36817__90ba9c70f846762e\APM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3748.36843__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3748.36836__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3748.36816__90ba9c70f846762e\NEWAEM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3748.36929__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3748.36820__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3748.36817__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3748.36824__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3748.36822__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3748.36817__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3748.36825__90ba9c70f846762e\DEM.Graphics.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3748.36928__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3748.36822__90ba9c70f846762e\AEM.Server.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3748.36821__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3748.36819__90ba9c70f846762e\MOM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3748.36820__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3748.36936__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3748.36826__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3748.36821__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3748.36832__90ba9c70f846762e\CLI.Component.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3748.36917__90ba9c70f846762e\CLI.Component.Systemtray.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3748.36843__90ba9c70f846762e\CLI.Component.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3748.36923__90ba9c70f846762e\MOM.Implementation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3748.36921__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3748.36824__90ba9c70f846762e\CLI.Component.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3748.36823__90ba9c70f846762e\APM.Server.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3748.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3748.36821__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3748.36822__90ba9c70f846762e\AEM.Server.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3748.36820__90ba9c70f846762e\CLI.Foundation.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3748.36830__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3748.36818__90ba9c70f846762e\LOG.Foundation.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3748.36819__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3748.36923__90ba9c70f846762e\CCC.Implementation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3748.36842__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3748.36831__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3748.36849__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()

MOD - C:\Programme\WinRAR\RarExt.dll ()

MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll ()

MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (Sony PC Companion) -- C:\Programme\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)

SRV - (cvhsvc) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)

SRV - (sftvsa) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

SRV - (sftlist) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)

SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)

SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()

SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)

SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)

SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (cpuz132) -- C:\Users\saturn\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found

DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)

DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)

DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)

DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)

DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)

DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)

DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation)

DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation)

DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation)

DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation)

DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation)

DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation)

DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation)

DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)

DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)

DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)

DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)

DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)

DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)

DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)

DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)

DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)

DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)

DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)

DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)

DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)

DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)

DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)

DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)

DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = StartPins

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b21b691e0000000000006c626d568a37&tlver=1.4.19.19&ss=1&affID=17395

IE - HKLM\..\URLSearchHook:  - No CLSID value found

IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found

IE - HKLM\..\SearchScopes,DefaultScope = 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.medion.com [binary data]

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.medion.com [binary data]

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://vshare.toolbarhome.com/?hp=df

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.medion.com [binary data]

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.medion.com [binary data]

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Suche

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1465593394-840541334-2811811331-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultthis.engineName: "Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Ask.com"

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://startsear.ch/?hp=df"

FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9

FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2

FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3

FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"

FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\saturn\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\saturn\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\saturn\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\saturn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\PROGRA~1\MOZILL~1\plugins\NpFv522.dll (1 mal 1 Software GmbH)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.13 17:24:49 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.07.11 17:51:44 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 00:41:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.14 21:35:19 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.13 17:24:49 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\saturn\AppData\Roaming\15001.001 [2012.08.30 17:31:02 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 00:41:35 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.14 21:35:19 | 000,000,000 | ---D | M]

 

[2011.10.21 20:13:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Extensions

[2012.08.21 23:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions

[2012.07.29 23:38:09 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2012.08.21 23:35:26 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

[2010.11.26 14:42:54 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012.04.12 19:40:17 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\bbrs_002@blabbers.com

[2011.08.18 11:08:05 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\ffxtlbr@babylon.com

[2012.03.27 20:26:54 | 000,000,000 | ---D | M] (vShare) -- C:\Users\saturn\AppData\Roaming\mozilla\Firefox\Profiles\o99hlbyo.default\extensions\vshare@toolbar

[2012.03.28 17:36:16 | 000,002,404 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\askcom.xml

[2011.07.23 23:14:05 | 000,002,023 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\badoo.xml

[2010.11.29 23:06:08 | 000,001,832 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\bing.xml

[2010.11.26 21:34:12 | 000,000,873 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\conduit.xml

[2012.08.28 23:02:19 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-1.xml

[2011.09.06 20:19:34 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-10.xml

[2011.09.07 20:47:16 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-11.xml

[2011.09.27 21:47:46 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-12.xml

[2011.10.03 12:46:41 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-13.xml

[2011.11.08 18:55:12 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-14.xml

[2011.11.10 23:59:21 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-15.xml

[2011.11.30 22:10:47 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-16.xml

[2012.01.04 17:20:09 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-17.xml

[2012.01.04 21:52:23 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-18.xml

[2012.02.01 20:25:27 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-19.xml

[2011.03.24 17:00:29 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-2.xml

[2012.02.13 19:21:45 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-20.xml

[2012.02.19 16:23:43 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-21.xml

[2011.04.21 18:40:32 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-3.xml

[2011.05.14 09:17:55 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-4.xml

[2011.06.28 19:45:36 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-5.xml

[2011.07.03 14:31:14 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-6.xml

[2011.08.16 20:02:32 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-7.xml

[2011.08.17 13:05:22 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-8.xml

[2011.08.19 17:26:23 | 000,000,950 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin-9.xml

[2011.03.05 18:47:43 | 000,001,056 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\icqplugin.xml

[2011.10.21 20:11:20 | 000,002,516 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\SearchResults.xml

[2012.01.07 18:51:20 | 000,000,792 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\startsear.xml

[2010.11.13 20:18:18 | 000,003,915 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\sweetim.xml

[2012.03.27 20:27:00 | 000,001,565 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Mozilla\Firefox\Profiles\o99hlbyo.default\searchplugins\web-search.xml

[2012.08.08 20:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012.08.30 00:41:35 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2009.09.21 11:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFv522.dll

[2011.10.27 15:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll

[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.03.03 15:28:38 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2012.08.30 00:41:35 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.10.21 20:11:20 | 000,002,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Search the web (Babylon) (Enabled)

CHR - default_search_provider: search_url = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b21b691e0000000000006c626d568a37&tlver=1.4.19.19&ss=1&affID=17395

CHR - default_search_provider: suggest_url = 

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: LiveVDO plug-in (Enabled) = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\chvsharetvplg.dll

CHR - plugin: LiveVDO plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll

CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll

CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\saturn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Users\saturn\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

CHR - plugin: Media Go Detector (Enabled) = c:\Program Files\Sony\Media Go\npmediago.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Browser Companion Helper = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: General Crawler = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\

CHR - Extension: LiveVDO plugin = C:\Users\saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\

 

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( )

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Programme\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)

O2 - BHO: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\BrowserCompanion\updatebhoWin32.dll ( )

O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\saturn\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL ()

O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)

O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.

O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-501\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.

O3 - HKU\S-1-5-21-1465593394-840541334-2811811331-501\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe (Badoo)

O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [Facebook Update] C:\Users\saturn\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)

O4 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000..\Run: [Userinit] C:\Users\saturn\AppData\Roaming\appConf32.exe ()

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - Startup: C:\Users\saturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk = C:\Users\saturn\AppData\Roaming\BrowserCompanion\tcbhn.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\S-1-5-21-1465593394-840541334-2811811331-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O8 - Extra context menu item: Free YouTube Download - C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA324995-E6B1-43EE-83D6-9FB83E2B28FF}: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)

O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - E:\autorun.exe -- [ UDF ]

O32 - AutoRun File - [2011.08.11 04:04:53 | 000,000,047 | R--- | M] () - E:\Autorun.inf -- [ UDF ]

O33 - MountPoints2\{7dcb8fca-b755-11df-8a77-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{7dcb8fca-b755-11df-8a77-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.)

O33 - MountPoints2\{8764202b-f88c-11df-9981-6c626d568a37}\Shell - "" = AutoRun

O33 - MountPoints2\{8764202b-f88c-11df-9981-6c626d568a37}\Shell\AutoRun\command - "" = H:\Startme.exe

O33 - MountPoints2\E\Shell - "" = AutoRun

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.08.11 04:04:53 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.)

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.08.30 17:31:02 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\15001.001

[2012.08.30 17:30:57 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{0E613BF5-99C9-4D6E-A5C7-3C8A8B726A3D}

[2012.08.30 01:00:16 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\UAs

[2012.08.29 23:48:31 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\14001.018

[2012.08.29 23:48:10 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\xmldm

[2012.08.29 23:48:10 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\kock

[2012.08.29 17:46:10 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{45BB5B7B-E517-4DE1-B97C-2113FF6565FD}

[2012.08.28 17:00:19 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{492AFC1D-F7EA-4C50-AD17-96FF644062A4}

[2012.08.27 18:36:05 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CA3BA918-9967-4BEB-AC71-4E551A916D6E}

[2012.08.26 13:14:17 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{595F87C4-CE04-495F-A742-933539E126DD}

[2012.08.25 12:54:04 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{10B71342-4939-43A0-B43A-A5DE9F83CB6A}

[2012.08.24 16:24:36 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CE456119-6ED6-40A8-B873-129C003FEC3D}

[2012.08.23 17:58:18 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{47A621AC-9D43-4815-B1EA-AA7EAAE4F1D4}

[2012.08.22 19:32:30 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{7B3EC23A-8DFC-4A4A-91E4-C50C08F4B53E}

[2012.08.21 19:29:58 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{A6A5751B-EDD0-4473-99CA-0BCA1E49CC6F}

[2012.08.20 19:12:22 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{FB55A9D2-4535-455C-8D6A-81BCE37E845A}

[2012.08.19 23:12:06 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{772247CC-347D-4A4B-8C3D-F2F57351FC10}

[2012.08.19 11:11:41 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{765B961C-8A74-46D1-AF32-49E2138CF330}

[2012.08.18 15:01:16 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{8EB45775-62D9-4E3D-8536-B530E9D271A3}

[2012.08.18 15:01:05 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{4E250644-FF84-4FC0-B140-6072D21D4EA8}

[2012.08.17 19:16:56 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{6B20B3AD-F018-4910-84CA-2CE8308FF140}

[2012.08.17 19:16:45 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{A50BC3C0-D090-4CA1-AE30-38897D6EB7D2}

[2012.08.16 21:07:38 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{29C8D437-6D6C-41DB-A834-039FDD854B24}

[2012.08.16 21:07:27 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{0EC0876F-DF9A-4FF0-951B-B9C18B42F89C}

[2012.08.16 00:58:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2012.08.16 00:58:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2012.08.16 00:58:16 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2012.08.16 00:58:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2012.08.16 00:58:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2012.08.16 00:58:15 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2012.08.16 00:58:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2012.08.15 19:35:13 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll

[2012.08.15 19:35:11 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2012.08.15 19:35:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll

[2012.08.15 19:31:03 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{038C2AF4-8050-4912-9929-C48518C61082}

[2012.08.15 19:30:52 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{27DDCD14-C4B8-4F94-B5EE-7F77778594C6}

[2012.08.14 21:33:45 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{16A5F277-9259-4574-A3BD-2A10BA621E82}

[2012.08.14 21:33:34 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{B142047A-458F-4F25-ADEA-0594D24DA7BC}

[2012.08.13 19:50:15 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{F7B3D38D-B975-4419-87EE-91E7C04E08A8}

[2012.08.13 19:50:04 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CCE40081-5E7B-4CA2-9E82-E6C2B9F313C5}

[2012.08.12 14:12:53 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{772246A7-022E-4A9F-9165-0AAE985FE8FF}

[2012.08.12 14:12:42 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{9B454AB5-56E1-48C9-8949-197DA9A6B532}

[2012.08.12 01:44:22 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{42997C90-7669-4C55-B7C4-B3710B595E6E}

[2012.08.12 01:44:01 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{CE4C7301-81FF-45BD-BE9D-8C5D0085B081}

[2012.08.11 13:43:44 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{0CEAC16A-9DA8-4AC6-8DE9-404C9DDEBED0}

[2012.08.11 13:43:33 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{1C5B8746-3B61-4407-9249-E17F3B07DC64}

[2012.08.10 18:50:36 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{5F40EABF-E76B-4C1A-8BF6-1CED8AA475C7}

[2012.08.10 18:50:25 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{BAD4AA54-CBFB-418C-8957-258233097489}

[2012.08.09 19:31:54 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{5B81B170-3930-4301-85F9-DE68E90CAAFD}

[2012.08.09 19:31:43 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{E86DF26B-BADC-4DA2-8F76-1CC244D7D34C}

[2012.08.08 18:15:54 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{2B7B849D-F92E-4ED8-B8B9-E5E56DCFEA4F}

[2012.08.08 18:15:41 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{B3BEC570-DC82-442C-B5E1-145C20447BFE}

[2012.08.07 21:04:33 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{79DC4DC9-E89C-4F3E-B583-ED99F440D1A7}

[2012.08.07 21:04:22 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{97CA0DE8-91E7-48A0-89D3-D16D5642760B}

[2012.08.06 12:48:31 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{A300A314-AD98-43CB-92AF-E1A4638D960A}

[2012.08.06 12:48:20 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{BC4460E8-010B-4B14-9A90-DBC782BF4D40}

[2012.08.06 12:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

[2012.08.05 13:54:40 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{9B45BE82-0D7C-4F4C-9499-8436EDD29066}

[2012.08.05 13:54:29 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{B615AE2A-E68C-4624-9473-4F450A987889}

[2012.08.05 02:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan

[2012.08.05 02:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan

[2012.08.04 22:44:24 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{2190359B-7AE7-4ABA-9201-0D55FEEEFAF7}

[2012.08.04 22:44:13 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{4985FE69-424C-4812-916F-991004FBB926}

[2012.08.03 12:09:23 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{EB127C51-FB0D-49B2-B712-F8A9615553B9}

[2012.08.03 12:09:12 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{46E7C127-ECF3-4776-9992-2B2031CA3C4D}

[2012.08.02 12:33:07 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{E6382E74-5F61-4DA7-A12C-8B74402B3755}

[2012.08.02 12:32:45 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{E8646B3D-125D-49B3-946E-BF82FE39E07D}

[2012.08.02 00:32:19 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{79FF3F25-F8F2-4439-BFF2-F92523D36FA6}

[2012.08.02 00:14:06 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Roaming\Flatcast

[2012.08.01 12:31:43 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{78312348-3EB3-4617-8988-0C3799B6F53C}

[2012.08.01 12:31:21 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{6CAFECB4-7237-495D-8FD7-95E01998995B}

[2012.08.01 00:30:56 | 000,000,000 | ---D | C] -- C:\Users\saturn\AppData\Local\{28077E05-C484-47EE-902B-36FCE1222BD8}

[2 C:\Users\saturn\AppData\Roaming\*.tmp files -> C:\Users\saturn\AppData\Roaming\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.08.30 21:03:40 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000UA.job

[2012.08.30 20:57:47 | 004,503,728 | ---- | M] () -- C:\ProgramData\nud0repor.pad

[2012.08.30 20:57:42 | 000,000,016 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\blckdom.res

[2012.08.30 20:46:30 | 000,001,889 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk

[2012.08.30 20:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.08.30 20:28:00 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000UA.job

[2012.08.30 18:42:20 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.08.30 18:42:20 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.08.30 17:31:12 | 000,198,288 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\AcroIEHelpe204.dll

[2012.08.30 17:31:12 | 000,007,424 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe204.dll

[2012.08.30 17:24:10 | 006,746,756 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012.08.30 17:24:10 | 002,105,144 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.08.30 17:24:10 | 002,027,810 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012.08.30 17:24:10 | 001,741,430 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012.08.30 17:19:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.08.30 17:19:50 | 2408,927,232 | -HS- | M] () -- C:\hiberfil.sys

[2012.08.29 23:48:42 | 000,006,400 | ---- | M] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe.dll

[2012.08.29 23:28:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000Core.job

[2012.08.28 17:00:56 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012.08.28 17:00:56 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2012.08.26 18:19:42 | 000,001,070 | ---- | M] () -- C:\Users\saturn\Desktop\Proje Öneri.rtf

[2012.08.26 15:03:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000Core.job

[2012.08.24 19:57:15 | 000,051,500 | ---- | M] () -- C:\Users\saturn\Desktop\402917_356228744458343_1596952542_n.jpg

[2012.08.22 19:33:22 | 000,002,420 | ---- | M] () -- C:\Users\saturn\Desktop\Google Chrome.lnk

[2012.08.16 21:06:24 | 000,294,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012.08.10 23:49:09 | 000,031,530 | ---- | M] () -- C:\Users\saturn\Desktop\427221_430599956982139_1143617147_n.jpg

[2012.08.10 19:18:16 | 000,000,199 | ---- | M] () -- C:\Users\saturn\Desktop\guteschheeinneee.rtf

[2012.08.08 21:08:50 | 000,039,179 | ---- | M] () -- C:\Users\saturn\Desktop\376234_414643878585881_1521063534_n.jpg

[2012.08.08 20:58:54 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012.08.06 12:05:50 | 000,002,044 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2012.08.06 12:05:50 | 000,002,044 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2012.08.03 14:49:21 | 000,028,740 | ---- | M] () -- C:\Users\saturn\Desktop\418572_305202276243594_321663588_n.jpg

[2012.08.02 16:43:36 | 000,036,432 | ---- | M] () -- C:\Users\saturn\Desktop\403851_10150981963967509_502008573_n.jpg

[2012.08.02 02:18:47 | 000,033,961 | ---- | M] () -- C:\Users\saturn\Desktop\391238_10152027841325190_1023298352_n.jpg

[2012.08.02 00:14:07 | 000,000,857 | ---- | M] () -- C:\Windows\unins000.dat

[2012.08.02 00:14:04 | 000,695,578 | ---- | M] () -- C:\Windows\unins000.exe

[2012.08.01 20:46:51 | 000,000,202 | ---- | M] () -- C:\Users\saturn\Desktop\roland...rtf

[2012.08.01 11:44:38 | 000,023,709 | ---- | M] () -- C:\Users\saturn\Desktop\539014_333697686712084_271076204_n.jpg

[2012.08.01 11:18:19 | 000,053,201 | ---- | M] () -- C:\Users\saturn\Desktop\483330_10151055869764870_854887321_n.jpg

[2012.08.01 01:01:58 | 000,087,761 | ---- | M] () -- C:\Users\saturn\Desktop\480380_472900902721283_1402432126_n.jpg

[2 C:\Users\saturn\AppData\Roaming\*.tmp files -> C:\Users\saturn\AppData\Roaming\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.08.30 20:46:30 | 004,503,728 | ---- | C] () -- C:\ProgramData\nud0repor.pad

[2012.08.30 20:46:30 | 000,001,889 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk

[2012.08.30 17:31:12 | 000,198,288 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\AcroIEHelpe204.dll

[2012.08.30 17:31:12 | 000,007,424 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe204.dll

[2012.08.29 23:48:42 | 000,006,400 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\BAcroIEHelpe.dll

[2012.08.29 23:48:22 | 000,000,016 | ---- | C] () -- C:\Users\saturn\AppData\Roaming\blckdom.res

[2012.08.26 17:47:10 | 000,001,070 | ---- | C] () -- C:\Users\saturn\Desktop\Proje Öneri.rtf

[2012.08.24 19:57:14 | 000,051,500 | ---- | C] () -- C:\Users\saturn\Desktop\402917_356228744458343_1596952542_n.jpg

[2012.08.10 23:49:08 | 000,031,530 | ---- | C] () -- C:\Users\saturn\Desktop\427221_430599956982139_1143617147_n.jpg

[2012.08.10 19:18:16 | 000,000,199 | ---- | C] () -- C:\Users\saturn\Desktop\guteschheeinneee.rtf

[2012.08.08 21:08:47 | 000,039,179 | ---- | C] () -- C:\Users\saturn\Desktop\376234_414643878585881_1521063534_n.jpg

[2012.08.05 02:25:51 | 000,002,044 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2012.08.05 02:25:51 | 000,002,044 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2012.08.03 14:49:20 | 000,028,740 | ---- | C] () -- C:\Users\saturn\Desktop\418572_305202276243594_321663588_n.jpg

[2012.08.02 16:43:35 | 000,036,432 | ---- | C] () -- C:\Users\saturn\Desktop\403851_10150981963967509_502008573_n.jpg

[2012.08.02 02:18:47 | 000,033,961 | ---- | C] () -- C:\Users\saturn\Desktop\391238_10152027841325190_1023298352_n.jpg

[2012.08.02 00:14:06 | 000,695,578 | ---- | C] () -- C:\Windows\unins000.exe

[2012.08.02 00:14:06 | 000,000,857 | ---- | C] () -- C:\Windows\unins000.dat

[2012.08.01 20:46:50 | 000,000,202 | ---- | C] () -- C:\Users\saturn\Desktop\roland...rtf

[2012.08.01 11:44:37 | 000,023,709 | ---- | C] () -- C:\Users\saturn\Desktop\539014_333697686712084_271076204_n.jpg

[2012.08.01 11:18:14 | 000,053,201 | ---- | C] () -- C:\Users\saturn\Desktop\483330_10151055869764870_854887321_n.jpg

[2012.08.01 01:01:56 | 000,087,761 | ---- | C] () -- C:\Users\saturn\Desktop\480380_472900902721283_1402432126_n.jpg

[2011.10.13 17:18:45 | 000,197,043 | ---- | C] () -- C:\Windows\hpwins27.dat

[2011.10.13 16:55:29 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat.temp

[2011.06.02 21:53:21 | 000,000,068 | ---- | C] () -- C:\Windows\System32\enbseries.ini

[2011.02.19 21:29:11 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll

[2011.01.07 22:02:33 | 000,000,482 | ---- | C] () -- C:\Windows\eReg.dat

[2010.12.23 22:06:10 | 000,002,856 | ---- | C] () -- C:\Windows\mgxoschk.ini

[2008.12.09 17:23:13 | 000,050,640 | RHS- | C] () -- C:\Users\saturn\AppData\Roaming\appConf32.exe

 
 ========== LOP Check ==========

 

[2012.07.04 15:37:04 | 000,000,000 | ---D | M] -- C:\Users\ersatz\AppData\Roaming\SoftGrid Client

[2011.05.17 10:52:32 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Babylon

[2012.07.28 15:26:37 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\MAGIX

[2011.10.23 19:07:39 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\SoftGrid Client

[2012.08.29 23:48:31 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\14001.018

[2012.08.30 17:31:02 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\15001.001

[2012.01.06 15:05:47 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\2K Sports

[2012.03.03 15:28:37 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Babylon

[2011.04.24 00:12:27 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Blender Foundation

[2012.08.30 20:56:40 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\BrowserCompanion

[2011.07.28 19:09:44 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\DVDVideoSoft

[2011.07.28 19:05:00 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\DVDVideoSoftIEHelpers

[2012.08.02 00:14:06 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Flatcast

[2011.01.03 01:02:30 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\ICQ

[2010.11.13 20:20:29 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\IrfanView

[2012.08.29 23:48:10 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\kock

[2011.01.28 18:59:58 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Leadertech

[2011.02.19 21:45:00 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\MAGIX

[2012.03.03 15:30:59 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Media Finder

[2011.10.21 20:11:18 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\MusicNet

[2012.08.19 02:45:26 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\SoftGrid Client

[2011.03.20 15:08:29 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Sony

[2011.03.20 15:03:05 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Sony Setup

[2010.11.12 19:25:23 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\TP

[2012.08.30 01:00:16 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\UAs

[2010.11.03 22:16:45 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Uniblue

[2011.03.11 00:59:31 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\Windows Live Writer

[2012.08.30 01:01:08 | 000,000,000 | ---D | M] -- C:\Users\saturn\AppData\Roaming\xmldm

[2012.08.29 23:28:00 | 000,001,120 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000Core.job

[2012.08.30 20:28:00 | 000,001,142 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1465593394-840541334-2811811331-1000UA.job

[2012.07.11 17:42:32 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 
 

< End of report >

--- --- ---

wo finde ich die "extra" datei ?

oder können sie mir einfach schreiben welche schritte zutun ist..?

Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

mbam-log-2012-09-01 (18-46-48).txt

Scan type: Full scan (C:\|D:\|F:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 385752
Time elapsed: 1 hour(s), 21 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 43
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> No action taken.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> No action taken.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> No action taken.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> No action taken.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> No action taken.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> No action taken.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> No action taken.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> No action taken.
HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.
HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> No action taken.
HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> No action taken.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> No action taken.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.
HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> No action taken.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> No action taken.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> No action taken.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> No action taken.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.
HKCR\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> No action taken.
HKCR\gencrawler_gc.GenCrawler (Trojan.Downloader) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> No action taken.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> No action taken.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> No action taken.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> No action taken.

Registry Values Detected: 7
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: ;áÃzÊ;XA³0öm»Áµ -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: StartSearchTB -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: -> No action taken.
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (StartPins) Good: (Google) -> No action taken.

Folders Detected: 1
C:\Program Files\BrowserCompanion (PUP.Blabbers) -> No action taken.

Files Detected: 17
C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> No action taken.
C:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> No action taken.
C:\Program Files\StartSearch plugin\ssBarLcher.dll (PUP.VShareRedir) -> No action taken.
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> No action taken.
c:\users\saturn\appdata\roaming\mediaf~1\extens~1\gencra~1.dll (Trojan.Downloader) -> No action taken.
C:\Program Files\KONAMI\Pro Evolution Soccer 2012\rld.dll (PUP.Hacktool.crk) -> No action taken.
F:\100V1253\100V1253.exe (Worm.WuKill) -> No action taken.
F:\Downloads2010\Downloads2010.exe (Worm.WuKill) -> No action taken.
F:\Video\Video.exe (Worm.WuKill) -> No action taken.
C:\Users\saturn\AppData\Roaming\appConf32.exe (Backdoor.Agent) -> No action taken.
C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> No action taken.
C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> No action taken.
C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> No action taken.
C:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> No action taken.
C:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> No action taken.
C:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> No action taken.
C:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> No action taken.

(end)

Code:

mbam-log-2012-09-01 (18-46-48).txt
 

Scan type: Full scan (C:\|D:\|F:\|Q:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 385752

Time elapsed: 1 hour(s), 21 minute(s), 4 second(s)
 

Memory Processes Detected: 0

(No malicious items detected)
 

Memory Modules Detected: 0

(No malicious items detected)
 

Registry Keys Detected: 43

HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> No action taken.

HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> No action taken.

HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> No action taken.

HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> No action taken.

HKCR\wit4ie.WitBHO (PUP.Blabbers) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.

HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> No action taken.

HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> No action taken.

HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> No action taken.

HKCR\tdataprotocol.CTData (PUP.Blabbers) -> No action taken.

HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.

HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> No action taken.

HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> No action taken.

HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> No action taken.

HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.

HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.

HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> No action taken.

HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.

HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> No action taken.

HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> No action taken.

HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> No action taken.

HKCR\updatebho.TimerBHO (PUP.Blabbers) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.

HKCR\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> No action taken.

HKCR\gencrawler_gc.GenCrawler (Trojan.Downloader) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> No action taken.

HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> No action taken.

HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> No action taken.

HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> No action taken.
 

Registry Values Detected: 7

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: ;áÃzÊ;XA³0öm»Áµ -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: StartSearchTB -> No action taken.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: -> No action taken.

HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.

HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.

HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> No action taken.
 

Registry Data Items Detected: 1

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (StartPins) Good: (Google) -> No action taken.
 

Folders Detected: 1

C:\Program Files\BrowserCompanion (PUP.Blabbers) -> No action taken.
 

Files Detected: 17

C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> No action taken.

C:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> No action taken.

C:\Program Files\StartSearch plugin\ssBarLcher.dll (PUP.VShareRedir) -> No action taken.

C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> No action taken.

c:\users\saturn\appdata\roaming\mediaf~1\extens~1\gencra~1.dll (Trojan.Downloader) -> No action taken.

C:\Program Files\KONAMI\Pro Evolution Soccer 2012\rld.dll (PUP.Hacktool.crk) -> No action taken.

F:\100V1253\100V1253.exe (Worm.WuKill) -> No action taken.

F:\Downloads2010\Downloads2010.exe (Worm.WuKill) -> No action taken.

F:\Video\Video.exe (Worm.WuKill) -> No action taken.

C:\Users\saturn\AppData\Roaming\appConf32.exe (Backdoor.Agent) -> No action taken.

C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> No action taken.

C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> No action taken.

C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> No action taken.

C:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> No action taken.

C:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> No action taken.

C:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> No action taken.

C:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> No action taken.
 

(end)

Code:

C:\Program Files\KONAMI\Pro Evolution Soccer 2011\tool.exe        Variante von Win32/Packed.MoleboxVS.A Anwendung

C:\Program Files\KONAMI\Pro Evolution Soccer 2011\Tsc Extreme 11_Yeni_Kamera.exe        Variante von Win32/Packed.MoleboxVS.A Anwendung

C:\Program Files\KONAMI\Pro Evolution Soccer 2012\rld.dll        Variante von Win32/Packed.VMProtect.AAH Trojaner

C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\9wm4wpyy.default\Cache\2\84\B3218d01        JS/TrojanDownloader.Iframe.NKE Trojaner

C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\9wm4wpyy.default\Cache\3\EB\2AEC3d01        JS/TrojanDownloader.Iframe.NKE Trojaner

C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\9wm4wpyy.default\Cache\9\6B\4D41Ad01        JS/TrojanDownloader.Iframe.NKE Trojaner

C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\9wm4wpyy.default\Cache\D\D2\3B045d01        JS/TrojanDownloader.Iframe.NKE Trojaner

C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\9wm4wpyy.default\Cache\E\F8\91E6Cd01        JS/TrojanDownloader.Iframe.NKE Trojaner

C:\Users\saturn\AppData\Local\Babylon\Setup\Setup.exe        Win32/Toolbar.Babylon Anwendung

C:\Users\saturn\AppData\Local\Temp\roper0dun.exe        Win32/Reveton.H Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\10142300-69746e27        Java/Exploit.CVE-2012-1723.BB Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\26ac0981-2e8f944c        Java/Exploit.CVE-2012-1723.BE Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\64d564da-299fb2be        Win32/Reveton.H Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\6e15cd83-6f9d45a8        Mehrere Bedrohungen

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\1b39289e-1aa38c87        Variante von Java/Exploit.CVE-2012-1723.AL Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\7f9ae8a3-2b1711b9        Java/Exploit.CVE-2012-1723.AS Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\db3f965-5f9952a1        Java/Exploit.Agent.AB Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\5519ed69-7c398704        Variante von Java/Exploit.CVE-2012-1723.BH Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\77aae62d-1a1fe24a        Variante von Java/Exploit.CVE-2012-1723.BH Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\7bdf831-357aa3a0        Java/Agent.EW Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\7e0277f6-2eff8c9d        Java/Exploit.CVE-2012-1723.AT Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\281e2d79-5d15fffd        Java/Exploit.CVE-2012-1723.E Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\4ead3006-37770936        Variante von Java/Exploit.CVE-2012-1723.BH Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\1a1befff-2b6643ed        Java/Exploit.CVE-2012-4681.F Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\613f55c9-6f4624f9        Java/Exploit.CVE-2012-1723.X Trojaner

C:\Users\saturn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\68583089-3b222fcb        Java/Exploit.CVE-2012-0507.CR Trojaner

C:\Users\saturn\AppData\Roaming\appConf32.exe        Variante von Win32/Kryptik.ALAK Trojaner

C:\Users\saturn\Desktop\EXTREME12\yedek.rar        Variante von Win32/Packed.BoxedApp.A Anwendung

C:\Users\saturn\Desktop\EXTREME12\Program Files\KONAMI\Pro Evolution Soccer 2012\rld.dll        Variante von Win32/Packed.VMProtect.AAH Trojaner

C:\Users\saturn\Desktop\EXTREME12\Program Files\KONAMI\Pro Evolution Soccer 2012\T.S.C exTReme 12 Gerçekçi.exe        Variante von Win32/Packed.BoxedApp.A Anwendung

C:\Users\saturn\Desktop\EXTREME12\Program Files\KONAMI\Pro Evolution Soccer 2012\x.exe        Variante von Win32/Packed.BoxedApp.A Anwendung

C:\Users\saturn\Desktop\EXTREME12\TSC_exTReme_12\yedek.rar        Variante von Win32/Packed.BoxedApp.A Anwendung

C:\Users\saturn\Desktop\EXTREME12\TSC_exTReme_12\Program Files\KONAMI\Pro Evolution Soccer 2012\rld.dll        Variante von Win32/Packed.VMProtect.AAH Trojaner

C:\Users\saturn\Desktop\EXTREME12\yedek\T.S.C exTReme 12 Gerçekçi.exe        Variante von Win32/Packed.BoxedApp.A Anwendung

C:\Users\saturn\Desktop\EXTREME12\yedek\x.exe        Variante von Win32/Packed.BoxedApp.A Anwendung

C:\Users\saturn\Downloads\facebook.password.stealer.2012.download-final-version.cfg.exe        Variante von Win32/Adware.MediaFinder.C Anwendung

C:\Users\saturn\Downloads\SoftonicDownloader_fuer_adobe-photoshop.exe        Variante von Win32/SoftonicDownloader.A Anwendung

C:\Users\saturn\Downloads\SoftonicDownloader_fuer_blender.exe        Variante von Win32/SoftonicDownloader.A Anwendung

C:\Users\saturn\Downloads\SoftonicDownloader_fuer_microsoft-word-viewer.exe        Win32/SoftonicDownloader.D Anwendung

C:\Users\saturn\Downloads\SweetImSetup.exe        Variante von Win32/SweetIM.A Anwendung

C:\Users\saturn\Downloads\TR12_V.1.1.rar        Mehrere Bedrohungen

C:\Users\saturn\Downloads\EX12_Guncelleme_V1_4\Porgram Files\KONAMI\Pro Evolution Soccer 2012\rld.dll        Variante von Win32/Packed.VMProtect.AAH Trojaner

C:\Users\saturn\Downloads\TR12_V.1.1\Program Files\KONAMI\Pro Evolution Soccer 2012\rld.dll        Variante von Win32/Packed.VMProtect.AAH Trojaner

C:\Users\saturn\Downloads\TR12_V.1.1\Program Files\KONAMI\Pro Evolution Soccer 2012\T.S.C exTReme 12 Gerçekçi.exe        Variante von Win32/Packed.BoxedApp.A Anwendung

C:\Users\saturn\Downloads\TR12_V.1.1\Program Files\KONAMI\Pro Evolution Soccer 2012\x.exe        Variante von Win32/Packed.BoxedApp.A Anwendung

F:\comment.htt        VBS/Starter.A Trojaner

F:\100V1253\100V1253.exe        Win32/Wukill.B Wurm

F:\C-Media\WIN_ME\CMUninst.exe        Win32/Sality.AE Virus

F:\C-Media\WIN_ME\Mixer.exe        Win32/Sality.AE Virus

F:\C-Media\WIN_ME\Setup.exe        Win32/Sality.AE Virus

F:\da4aabec4377ea3dd2e941\mrtstub.exe        Win32/Sality.AE Virus

F:\ddba20ef6c4370e70c6e17a5f741\HotFixInstaller.exe        Win32/Sality.AE Virus

F:\Downloads\IE8-WindowsXP-x86-DEU.exe        Win32/Sality.AE Virus

F:\Downloads\nvTaskBar.exe        Win32/Sality.AE Virus

F:\Downloads\nvudisp.exe        Win32/Sality.AE Virus

F:\Downloads\nwiz.exe        Win32/Sality.AE Virus

F:\Downloads\PhysX_9.09.0814_SystemSoftware.exe        Win32/Sality.AE Virus

F:\Downloads\PluginInstaller.exe        Win32/Sality.AE Virus

F:\Downloads\setup.exe        Win32/Sality.AE Virus

F:\Downloads\taskmanager17.exe        Win32/Sality.AE Virus

F:\Downloads\WDM_R236.exe        Win32/Sality.AE Virus

F:\Downloads\WLinstaller.exe        Win32/Sality.AE Virus

F:\Downloads\wlsetup-custom.exe        Win32/Sality.AE Virus

F:\Downloads\213_via686a_audio_109\driverupdater_multilang.exe        Win32/Sality.AE Virus

F:\Downloads\AFSExplorer_0_61\AFSExplorer_0_61.exe        Win32/Sality.AE Virus

F:\Downloads\cmedia_mediarack211\driverupdater_multilang.exe        Win32/Sality.AE Virus

F:\Downloads\Windows_Media_Player\Windows Media Player\setup_wm.exe        Win32/Sality.AE Virus

F:\Downloads\Windows_Media_Player\Windows Media Player\wmlaunch.exe        Win32/Sality.AE Virus

F:\Downloads\Windows_Media_Player\Windows Media Player\WMPDMC.exe        Win32/Sality.AE Virus

F:\Downloads\Windows_Media_Player\Windows Media Player\wmpenc.exe        Win32/Sality.AE Virus

F:\Downloads\Windows_Media_Player\Windows Media Player\wmplayer.exe        Win32/Sality.AE Virus

F:\Downloads\Windows_Media_Player\Windows Media Player\wmpnetwk.exe        Win32/Sality.AE Virus

F:\Downloads\Windows_Media_Player\Windows Media Player\wmpnscfg.exe        Win32/Sality.AE Virus

F:\Downloads\Windows_Media_Player\Windows Media Player\wmprph.exe        Win32/Sality.AE Virus

F:\Downloads\Windows_Media_Player\Windows Media Player\wmpshare.exe        Win32/Sality.AE Virus

F:\Downloads\Windows_Media_Player\Windows Media Player\WMPSideShowGadget.exe        Win32/Sality.AE Virus

F:\Downloads\wizard_win\wizard.exe        Win32/Sality.AE Virus

F:\Downloads2010\Downloads2010.exe        Win32/Wukill.B Wurm

F:\Downloads2010\registrybooster.exe        Win32/RegistryBooster Anwendung

F:\LAN\WinSetup.exe        Win32/Sality.AE Virus

F:\LAN\WinUinst.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\Setup.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\ara\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\ara\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\br\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\br\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\chs\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\chs\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\cht\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\cht\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\cs\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\cs\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\da\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\da\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\el\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\el\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\es\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\es\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\fi\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\fi\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\fr\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\fr\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\ger\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\heb\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\heb\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\hu\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\hu\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\it\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\it\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\jpn\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\jpn\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\kor\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\kor\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\nl\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\nl\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\no\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\no\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\pl\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\pl\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\pt\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\pt\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\ru\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\ru\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\sk\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\sk\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\sl\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\sl\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\sv\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\sv\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\tr\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\tr\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\us\kb835221.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\BusDriver\us\2k3\kb835221_srv03.exe        Win32/Sality.AE Virus

F:\Medion\5.12.01.0008_AZA_(05.05.2005)\C-Media 5.12.01.0008_AZA_(050505)\Driver\CMIRMDRV.EXE        Win32/Sality.AE Virus

F:\Medion\lan_via_3.58.0.0443\WINSETUP.EXE        Win32/Sality.AE Virus

F:\Medion\lan_via_3.58.0.0443\WINUINST.EXE        Win32/Sality.AE Virus

F:\Medion\lan_via_3.58.0.0443\NICSET\NICSET_218.EXE        Win32/Sality.AE Virus

F:\Medion\nVidia_GeForce_93.71\nvudisp.exe        Win32/Sality.AE Virus

F:\Medion\Win2k\setup.exe        Win32/Sality.AE Virus

F:\Meine empfangenen Dateien3\game xp\GameXP.exe        Win32/Sality.AE Virus

F:\NVIDIA\DisplayDriver\195.62\WinXP\International\hdaudio_1.00.00.63_xp_vista_win7.exe        Win32/Sality.AE Virus

F:\NVIDIA\DisplayDriver\195.62\WinXP\International\keystone.exe        Win32/Sality.AE Virus

F:\NVIDIA\DisplayDriver\195.62\WinXP\International\nvAppBar.exe        Win32/Sality.AE Virus

F:\NVIDIA\DisplayDriver\195.62\WinXP\International\nvDspSch.exe        Win32/Sality.AE Virus

F:\NVIDIA\DisplayDriver\195.62\WinXP\International\nviewsetup.exe        Win32/Sality.AE Virus

F:\NVIDIA\DisplayDriver\195.62\WinXP\International\nvTaskBar.exe        Win32/Sality.AE Virus

F:\NVIDIA\DisplayDriver\195.62\WinXP\International\nvudisp.exe        Win32/Sality.AE Virus

F:\NVIDIA\DisplayDriver\195.62\WinXP\International\nwiz.exe        Win32/Sality.AE Virus

F:\NVIDIA\DisplayDriver\195.62\WinXP\International\PhysX_9.09.0814_SystemSoftware.exe        Win32/Sality.AE Virus

F:\NVIDIA\DisplayDriver\195.62\WinXP\International\setup.exe        Win32/Sality.AE Virus

F:\NVIDIA\WinXP\182.50\IS\nvudisp.exe        Win32/Sality.AE Virus

F:\NVIDIA\WinXP\182.50\IS\PDsetup.exe        Win32/Sality.AE Virus

F:\NVIDIA\WinXP\182.50\IS\PhysX_9.09.0203_SystemSoftware.exe        Win32/Sality.AE Virus

F:\NVIDIA\WinXP\182.50\IS\setup.exe        Win32/Sality.AE Virus

F:\RECYCLER\S-1-5-21-117609710-261903793-682003330-1005\Dn1\kitserver\GDBManager\GDBManager.exe        Win32/Sality.AE Virus

F:\Sound\BusDriver- Zuerst installieren!\kb835221.exe        Win32/Sality.AE Virus

F:\Sound\Driver\CMIRMDRV.EXE        Win32/Sality.AE Virus

F:\Tools\Adobe Reader 7\AdbeRdr70_deu_full.exe        Win32/Sality.AE Virus

F:\Tools\AOL\QuickTimeFullInstaller.exe        Win32/Sality.AE Virus

F:\Tools\AOL\RealPlayer10-5GOLD_de.exe        Win32/Sality.AE Virus

F:\Tools\DivX Pro\DivXPro521XP2K.exe        Win32/Sality.AE Virus

F:\Tools\DivX Pro\DivXProGuide.exe        Win32/Sality.AE Virus

F:\Tools\Home Cinema\Setup.exe        Win32/Sality.AE Virus

F:\Tools\Home Cinema\MusicMatch\Deu\MMSetup.exe        Win32/Sality.AE Virus

F:\Tools\Home Cinema\MusicMatch\Enu\MMSetup.exe        Win32/Sality.AE Virus

F:\Tools\Home Cinema\MusicMatch\Esp\MMSetup.exe        Win32/Sality.AE Virus

F:\Tools\Home Cinema\MusicMatch\Fra\MMSetup.exe        Win32/Sality.AE Virus

F:\Tools\Home Cinema\MusicMatch\Ita\MMSetup.exe        Win32/Sality.AE Virus

F:\Tools\Home Cinema\PDVD\Setup.exe        Win32/Sality.AE Virus

F:\Tools\Home Cinema\PP\Setup.exe        Win32/Sality.AE Virus

F:\Tools\Home Cinema\PP\WMFDist.exe        Win32/Sality.AE Virus

F:\Tools\Home Cinema\PPTemplate\Setup.exe        Win32/Sality.AE Virus

F:\Tools\Microsoft Windows XP Updates\DotNet 1.1\dotnetfx.exe        Win32/Sality.AE Virus

F:\Tools\Microsoft Windows XP Updates\DotNet 1.1\langpack.exe        Win32/Sality.AE Virus

F:\Tools\Microsoft Windows XP Updates\DotNet 1.1\NDP1.1sp1-KB867460-X86.exe        Win32/Sality.AE Virus

F:\Tools\Microsoft Windows XP Updates\Journal Viewer\SETUP.EXE        Win32/Sality.AE Virus

F:\Tools\Microsoft Windows XP Updates\MSN Messenger 7\Install_MSN_Messenger_DE.EXE        Win32/Sality.AE Virus

F:\Tools\Microsoft Windows XP Updates\Sun Java\jre-1_5_0_05-windows-i586-p.exe        Win32/Sality.AE Virus

F:\Tools\Microsoft Windows XP Updates\Windows Media\mp10setup.exe        Win32/Sality.AE Virus

F:\Tools\Microsoft Windows XP Updates\Windows Media\wmcsetup.exe        Win32/Sality.AE Virus

F:\Tools\Nero\setup.exe        Win32/Sality.AE Virus

F:\Tools\Nero\setupx.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Content\Setup.exe        Win32/Sality.AE Virus

F:\Tools\Nero\DirectX\dxsetup.exe        Win32/Sality.AE Virus

F:\Tools\Nero\InCD 4\Setupx.exe        Win32/Sality.AE Virus

F:\Tools\Nero\InCD 4\i386\InCD.exe        Win32/Sality.AE Virus

F:\Tools\Nero\InCD 4\Redist\ShFolder.exe        Win32/Sality.AE Virus

F:\Tools\Nero\InCD 4\w9x\InCD.exe        Win32/Sality.AE Virus

F:\Tools\Nero\InCD Reader\Setupx.exe        Win32/Sality.AE Virus

F:\Tools\Nero\InCD Reader\i386\InCD.exe        Win32/Sality.AE Virus

F:\Tools\Nero\InCD Reader\i386\InCDsrv.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero 6\Setupx.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero 6\Nero\nero.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero 6\Redist\50comupd.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero 6\Redist\InstMsiW.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero 6\Redist\shfolder.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero 6\Redist\WMFADist.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero 6\Redist\wmfdist.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero BurnRights\Setup.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero BurnRights\NeroBurnRights\NeroBurnRights.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero Media Player\Setupx.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero Media Player\NeroMediaPlayer\NeroMediaPlayer.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero Media Player\Redist\ShFolder.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero Media Player\Redist\WMFADist.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero Media Player\Redist\wmfdist.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero Vision Express\Setupx.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero Vision Express\NeroVision\w2k\NeroVision.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero Vision Express\NeroVision\w9x\NeroVision.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero Vision Express\Redist\50comupd.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero Vision Express\Redist\SHFolder.exe        Win32/Sality.AE Virus

F:\Tools\Nero\Nero Vision Express\Redist\wmfdist.exe        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\Dialog.exe        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\Setup.exe        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\ADOBE\ACROBATRD\5.05\DE\ar500deu.exe        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\ADOBE\ACROBATRD\7.00\DE\ACROBAT7DE.exe        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\MICROSOFT\HIGHENC2K\ENCPACK.EXE        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\MICROSOFT\IEXPLORE\5\DE\IE5COMP.EXE        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\MICROSOFT\IEXPLORE\5\DE\ie5setup.exe        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\MICROSOFT\IEXPLORE\6\DE\ie6setup.exe        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\STAMPIT\instmsia.exe        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\STAMPIT\instmsiw.exe        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\STAMPIT\setup.exe        Win32/Sality.AE Virus

F:\Tools\StampIT 2.0\STAMPIT Demo\stampit_guidedtour.exe        Win32/Sality.AE Virus

F:\Tools\StarOffice 7 - Update 5\so-7-pp5-bin-windows.exe        Win32/Sality.AE Virus

F:\Tools\Winflash\MSISetup.exe        Win32/Sality.AE Virus

F:\Tools\Winflash\WinFlash.exe        Win32/Sality.AE Virus

F:\Treiber\Keyboard\KB0108.exe        Win32/Sality.AE Virus

F:\Treiber\LAN\WinSetup.exe        Win32/Sality.AE Virus

F:\Treiber\LAN\WinUinst.exe        Win32/Sality.AE Virus

F:\Treiber\Motherboard\infinst_autol.exe        Win32/Sality.AE Virus

F:\Treiber\Sound\Setup.exe        Win32/Sality.AE Virus

F:\Treiber\Sound\BusDriver- Zuerst installieren!\kb835221.exe        Win32/Sality.AE Virus

F:\Treiber\Sound\Driver\CMIRMDRV.EXE        Win32/Sality.AE Virus

F:\Treiber\VGA\nvudisp.exe        Win32/Sality.AE Virus

F:\Treiber\VGA\setup.exe        Win32/Sality.AE Virus

F:\VGA\nvudisp.exe        Win32/Sality.AE Virus

F:\VGA\setup.exe        Win32/Sality.AE Virus

F:\Video\Video.exe        Win32/Wukill.B Wurm

Arbeitsspeicher        Variante von Win32/Packed.VMProtect.AAH Trojaner

hier die beiden logs... einmal von anti-malware und online scanner..

Könntest du meine Posting bitte ganz durchlesen?!
Du solltest jedes Log nach Möglichkeit in CODE-Tags posten!

Aber nun gut, im Grunde ist das jetzt auch egal denn dein System ist völlig im Eimer! :stirn:

Code:

C:\Users\saturn\Downloads\TR12_V.1.1\Program Files\KONAMI\Pro Evolution Soccer 2012\rld.dll        Variante von Win32/Packed.VMProtect.AAH Trojaner

C:\Users\saturn\Downloads\TR12_V.1.1\Program Files\KONAMI\Pro Evolution Soccer 2012\T.S.C exTReme 12 Gerçekçi.exe        Variante von Win32/Packed.BoxedApp.A Anwendung

C:\Users\saturn\Downloads\TR12_V.1.1\Program Files\KONAMI\Pro Evolution Soccer 2012\x.exe        Variante von Win32/Packed.BoxedApp.A Anwendung

F:\comment.htt        VBS/Starter.A Trojaner

F:\100V1253\100V1253.exe        Win32/Wukill.B Wurm

F:\C-Media\WIN_ME\CMUninst.exe        Win32/Sality.AE Virus

F:\C-Media\WIN_ME\Mixer.exe        Win32/Sality.AE Virus

F:\C-Media\WIN_ME\Setup.exe        Win32/Sality.AE Virus

F:\da4aabec4377ea3dd2e941\mrtstub.exe        Win32/Sality.AE Virus

F:\ddba20ef6c4370e70c6e17a5f741\HotFixInstaller.exe        Win32/Sality.AE Virus

F:\Downloads\IE8-WindowsXP-x86-DEU.exe        Win32/Sality.AE Virus

F:\Downloads\nvTaskBar.exe        Win32/Sality.AE Virus

F:\Downloads\nvudisp.exe        Win32/Sality.AE Virus

F:\Downloads\nwiz.exe        Win32/Sality.AE Virus

F:\Downloads\PhysX_9.09.0814_SystemSoftware.exe        Win32/Sality.AE Virus

F:\Downloads\PluginInstaller.exe        Win32/Sality.AE Virus

Offensichtlicher Crack/Keygen Missbrauch und daraus resultierende Sality-Infektion! :pfui:
Etlicher anderer hirnrissiger Unrat wird da auch noch gefunden!

Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!

In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials

habe aufjedenfall keine illegale software drauf...aber ich werde trotzdem abwarten...würde mich sehr freuen wenn ich das problem beiseitigen kann...

Selbst wenn der übelste Unrat in den Logs auftaucht wird noch alles abgestritten
Erklär mir doch einfach mal was TR12_V.1.1 im Zusammenhang mit Pro Evolution Soccer sein soll und was das für merkwürdige Dateien sind die Malwarebytes noch dazu gefunden hat!

Dein System ist durch die Sality-Infektion hoffnungslos im Eimer!

TR12 v1.1 war eine aktualiersungdatei eines patches für das videospiel PES12 !..

was würdest du mir empfehlen ? was kann ich nun tun ?

Unabhängig ob jetzt hier Cracks/Keygens im Spiel sind oder nicht, dank des Fileinfectors Sality darfst du dein System neu aufsetzen, denn der Sality zerstört einfach zuviel

Zum Thema Datensicherung von infizierten Systemen; mach das über ne Live-CD wie Knoppix, Ubuntu (zweiter Link in meiner Signatur) oder über PartedMagic. Grund: Bei einem Live-System sind keine Schädlinge des infizierten Windows-Systems aktiv, damit ist dann auch eine negative Beeinflussung des Backups durch Schädlinge ausgeschlossen.

Du brauchst natürlich auch ein Sicherungsmedium, am besten dürfte eine externe Platte sein. Sofern du nicht allzuviel sichern musst, kann auch ein USB-Stick ausreichen.

Hier eine kurze Anleitung zu PartedMagic, funktioniert prinzipell so aber fast genauso mit allen anderen Live-Systemen auch.

1. Lade Dir das ISO-Image von PartedMagic herunter, müssten ca. 180 MB sein
2. Brenn es per Imagebrennfunktion auf CD, geht zB mit ImgBurn unter Windows
3. Boote von der gebrannten CD, im Bootmenü von Option 1 starten und warten bis der Linux-Desktop oben ist

http://partedmagic.com/lib/exe/fetch...ia=desktop.png

4. Du müsstest ein Symbol "Mount Devices" finden, das doppelklicken
5. Mounte die Partitionen wo Windows installiert ist, meistens isses /dev/sda1 und natürlich noch etwaige andere Partitionen, wo noch Daten liegen und die gesichert werden müssen - natürlich auch die der externen Platte (du bekommmst nur Lese- und Schreibzugriffe auf die Dateisysteme, wenn diese gemountet sind)
6. Kopiere die Daten der internen Platte auf die externe Platte - kopiere nur persönliche Dateien, Musik, Videos, etc. auf die Backupplatte, KEINE ausführbaren Dateien wie Programme/Spiele/Setups!!
7. Wenn fertig, starte den Rechner neu, schalte die ext. Platte ab und boote von der Windows-DVD zur Neuinstallation (Anleitung beachten)

danke für die sinnvolle hilfe..nur ich habe keine treiber-cd und windows-installations cd mehr...wird ja endeffekt formatiert..

Dann musst du so eine Windows-CD eben auftreiben!
Handbücher sind auch zum Lesen da, da wird beschrieben wie du das Gerät recovern kannst!
Und für den Notfall hat man immer noch das hier => http://www.trojaner-board.de/100776-...tml#post676887

werden die viren eigentlich auch beseitigt wenn ich komplett neu formatiere ?

Artikel zur Neuinstallation lesen!! Erst lesen dann braucht man auch nicht solche Fragen mehr zu stellen
Meinst du nicht auch so eine Neuinstallation wäre sinnfrei wenn man damit keine Schädlinge entfernt und kein sauberes System dadurch bekommt? :stirn: