Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: dwlgina3.dll a not found

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.01.2012, 18:24   #1
Pryncess
 
dwlgina3.dll a not found - Standard

dwlgina3.dll a not found



desktop geht nicht an auch nicht beim eintipen von explorer.exe mein otl.exe sende ich unten bitte um schnelle hilfe viele dank


OTL logfile created on: 1/22/2012 5:43:47 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 83.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116.44 Gb Total Space | 26.77 Gb Free Space | 22.99% Space Free | Partition Type: NTFS
Drive D: | 114.98 Gb Total Space | 65.59 Gb Free Space | 57.04% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (TOSHIBA Bluetooth Service)
SRV - File not found [Auto] -- -- (LiveUpdate Notice Ex)
SRV - [2012/01/16 13:06:02 | 000,909,152 | ---- | M] () [Auto] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/11/10 08:17:31 | 000,167,264 | ---- | M] () [On_Demand] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/07/05 03:25:08 | 002,428,968 | ---- | M] (mobile concepts GmbH) [On_Demand] -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV - [2011/06/01 07:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/11/25 10:41:58 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/06/22 09:09:10 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/22 09:09:03 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/06/14 09:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/04/30 04:04:55 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/29 11:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/21 00:02:30 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007/03/29 03:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/02/12 07:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006/11/14 13:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/10/04 23:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 09:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 12:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2005/11/17 07:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (TpChoice)
DRV - File not found [Kernel | On_Demand] -- -- (Tosrfcom)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (igfx)
DRV - [2011/09/15 02:41:32 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/05/05 13:08:30 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/22 09:09:05 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys -- (AVGIDSDrivervtx)
DRV - [2010/06/22 09:09:05 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys -- (AVGIDSFiltervtx)
DRV - [2010/06/22 09:09:05 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys -- (AVGIDSShimvtx)
DRV - [2010/06/22 09:09:05 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\Windows\System32\drivers\AVGIDSvx.sys -- (AVGIDSErHrvtx)
DRV - [2010/06/22 09:08:58 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/04/08 07:43:56 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\Windows\System32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/04/08 07:40:19 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2010/02/26 08:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 08:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 08:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 08:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 08:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/02/26 08:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010/02/25 10:51:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2009/12/07 13:53:18 | 000,103,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/04/10 23:45:22 | 000,066,560 | ---- | M] (CxExerSoft) [Kernel | System] -- C:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2009/04/09 07:38:30 | 000,110,592 | ---- | M] (ZTE Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2009/04/09 07:38:30 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2009/04/09 07:38:30 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009/04/09 07:38:30 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009/04/09 07:38:30 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009/04/09 07:38:30 | 000,007,680 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/30 02:56:17 | 000,646,392 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008/02/20 11:46:30 | 000,019,840 | ---- | M] (Generic) [Kernel | On_Demand] -- C:\Windows\System32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2007/11/01 17:20:12 | 003,170,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/07/02 04:50:58 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2007/04/30 00:42:14 | 000,081,408 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/04/26 15:09:38 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007/03/06 08:01:04 | 000,014,848 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot] -- C:\Windows\System32\drivers\CplIR.sys -- (CplIR)
DRV - [2007/01/24 07:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2007/01/18 09:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2007/01/18 09:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/28 02:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 02:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006/10/23 09:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 05:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/05 15:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/07/28 09:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Program Files\Messenger_Plus_Live_Germany\prxtbMes0.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\ak_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
IE - HKU\ak_ON_C\Software\Micro

IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Nil_gül_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
IE - HKU\Nil_gül_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
IE - HKU\Nil_gül_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Nil_gül_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Nil_gül_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Rabia_Aktas_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
IE - HKU\Rabia_Aktas_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?AF=100482&babsrc=HP_ss&mntrId=1ce49e3400000000000000ffeddf8e4d
IE - HKU\Rabia_Aktas_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Rabia_Aktas_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\Rabia_Aktas_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Rabia_Aktas_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B27691090-89a1-4c8a-b30d-bb286a9a9530%7D&mid=7472b18f8a5b3da87c4b24ab510ea19b-b9bacd256edd8ef4a345beb2d795336c18246904&ds=AVG&v=10.0.0.7&lang=de&pr=fr&d=2011-12-07%2010%3A13%3A29&sap=ku&q="
FF - prefs.js..network.proxy.backup.ftp: "204. 93. 211. 219"
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.socks: "204. 93. 211. 219"
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "204. 93. 211. 219"
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp: "202.137.18.40"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.http: "202.137.18.40"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "202.137.18.40"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "202.137.18.40"
FF - prefs.js..network.proxy.ssl_port: 80

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\Hotbar@Hotbar.com: C:\Program Files\Hotbar\bin\11.0.78.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/03/28 17:50:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2011/09/15 02:43:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/11/17 08:14:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions [2011/04/17 14:40:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012/01/16 13:16:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/21 17:23:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/21 17:23:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/11/17 08:14:09 | 000,000,000 | ---D | M]

[2011/12/06 12:02:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nil gül\AppData\Roaming\Mozilla\Extensions
[2012/01/18 15:49:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nil gül\AppData\Roaming\Mozilla\Firefox\Profiles\816ykjbe.default\extensions
[2012/01/18 15:49:13 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Nil gül\AppData\Roaming\Mozilla\Firefox\Profiles\816ykjbe.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/05/19 12:07:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/23 11:34:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/16 10:51:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/26 16:32:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2012/01/16 13:16:06 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\10.0.0.7
File not found (No name found) -- C:\USERS\NIL GüL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\816YKJBE.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
[2009/09/07 23:40:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/08/12 01:13:04 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 15:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/08/11 23:19:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/01/16 13:05:59 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/01/22 09:09:54 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/08/11 23:14:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/08/11 23:19:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/08/11 23:19:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/08/11 23:19:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/08/11 23:19:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

Hosts file not found
O2 - BHO: (ShopperReports) - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Idea2 SidebarBrowserMonitor Class) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O2 - BHO: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Program Files\Messenger_Plus_Live_Germany\prxtbMes0.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O3 - HKLM\..\Toolbar: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Program Files\Messenger_Plus_Live_Germany\prxtbMes0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\Gast_ON_C\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\Gast_ON_C\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\MUSTER_ON_C\..\Toolbar\WebBrowser: (Messenger Plus Live Germany Toolbar) - {542E4D79-1970-4E95-9862-FDB96F61B280} - C:\Program Files\Messenger_Plus_Live_Germany\prxtbMes0.dll (Conduit Ltd.)
O3 - HKU\Nil_gül_ON_C\..\Toolbar\WebBrowser: (Messenger Plus Live Germany Toolbar) - {542E4D79-1970-4E95-9862-FDB96F61B280} - C:\Program Files\Messenger_Plus_Live_Germany\prxtbMes0.dll (Conduit Ltd.)
O3 - HKU\Rabia_Aktas_ON_C\..\Toolbar\WebBrowser: (Messenger Plus Live Germany Toolbar) - {542E4D79-1970-4E95-9862-FDB96F61B280} - C:\Program Files\Messenger_Plus_Live_Germany\prxtbMes0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BvtUtility] C:\Program Files\BvT Grup\BvT Live Tv\BvtUtility.exe (CanliTv.com)
O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
O4 - HKLM..\Run: [DivX Download Manager] File not found
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [lZoxBNSHVhEHmPm] C:\Windows\System32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe (IObit )
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [lZoxBNSHVhEHmPm] C:\Windows\System32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe (IObit )
O4 - HKU\ak_ON_C..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\ak_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Gast_ON_C..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\Gast_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\MUSTER_ON_C..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Nil_gül_ON_C..\Run: [Akamai NetSession Interface] C:\Users\Nil gül\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\Nil_gül_ON_C..\Run: [lZoxBNSHVhEHmPm] C:\Users\Nil gül\AppData\Roaming\h4w5eu5zy.exe (IObit )
O4 - HKU\Nil_gül_ON_C..\Run: [MozillaPlugins] C:\Users\Nil gül\AppData\Roaming\05D8ED.exe ()
O4 - HKU\Nil_gül_ON_C..\Run: [TOSCDSPD] File not found
O4 - HKU\Nil_gül_ON_C..\Run: [tSUpODctlIrm.exe] C:\ProgramData\tSUpODctlIrm.exe (Microsoft Corporation)
O4 - HKU\Rabia_Aktas_ON_C..\Run: [] File not found
O4 - HKLM..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe (Microsoft Corporation)
O4 - HKU\ak_ON_C..\RunOnce: [avg_spchecker] C:\Program Files\AVG\AVG9\Notification\SPChecker1.exe ()
O4 - HKU\Gast_ON_C..\RunOnce: [avg_spchecker] C:\Program Files\AVG\AVG9\Notification\SPChecker1.exe ()
O4 - Startup: C:\Users\Rabia Aktas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O7 - HKU\ak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\ak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\ak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\MUSTER_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\MUSTER_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\MUSTER_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\Nil_gül_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nil_gül_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Nil_gül_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\Nil_gül_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\Nil_gül_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Nil_gül_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Rabia_Aktas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Rabia_Aktas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\Rabia_Aktas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\Rabia_Aktas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Free YouTube Download - C:\Users\Nil gül\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to DVD Converter - C:\Users\Nil gül\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm ()
O9 - Extra Button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O9 - Extra 'Tools' menuitem : Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - File not found
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - File not found
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe) - C:\Windows\System32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe (IObit )
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe) - C:\Windows\System32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe (IObit )
O20 - HKU\Nil_gül_ON_C Winlogon: Shell - (C:\Users\Nil gül\AppData\Roaming\h4w5eu5zy.exe) - C:\Users\Nil gül\AppData\Roaming\h4w5eu5zy.exe (IObit )
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{af4324c7-8c0d-11de-a736-001b38b71667}\Shell - "" = AutoRun
O33 - MountPoints2\{af4324c7-8c0d-11de-a736-001b38b71667}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{ca635b6c-2b34-11e1-8bfe-001de0a2974f}\Shell - "" = AutoRun
O33 - MountPoints2\{ca635b6c-2b34-11e1-8bfe-001de0a2974f}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ca635b6e-2b34-11e1-8bfe-001de0a2974f}\Shell - "" = AutoRun
O33 - MountPoints2\{ca635b6e-2b34-11e1-8bfe-001de0a2974f}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{ca635b71-2b34-11e1-8bfe-001b38b71667}\Shell - "" = AutoRun
O33 - MountPoints2\{ca635b71-2b34-11e1-8bfe-001b38b71667}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ca635b72-2b34-11e1-8bfe-001b38b71667}\Shell - "" = AutoRun
O33 - MountPoints2\{ca635b72-2b34-11e1-8bfe-001b38b71667}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/22 09:10:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
[2012/01/22 09:10:02 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012/01/22 09:09:59 | 000,000,000 | ---D | C] -- C:\Users\Rabia Aktas\AppData\Roaming\SumatraPDF
[2012/01/22 09:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\DealPly
[2012/01/22 09:09:53 | 000,000,000 | ---D | C] -- C:\Users\Rabia Aktas\AppData\Roaming\Babylon
[2012/01/22 09:09:53 | 000,000,000 | ---D | C] -- C:\Users\Rabia Aktas\AppData\Local\Babylon
[2012/01/22 09:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/01/22 09:09:50 | 000,000,000 | ---D | C] -- C:\Users\Rabia Aktas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader
[2012/01/22 09:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\PDFReader
[2012/01/22 08:28:22 | 000,483,328 | ---- | C] (IObit ) -- C:\Users\Rabia Aktas\AppData\Roaming\h4w5eu5zy.exe
[2012/01/22 08:28:22 | 000,095,744 | ---- | C] (Kassl GmbH) -- C:\Users\Nil gül\AppData\Roaming\dwlGina3.dll
[2012/01/22 08:24:08 | 000,483,328 | ---- | C] (IObit ) -- C:\Users\Nil gül\AppData\Roaming\h4w5eu5zy.exe
[2012/01/21 17:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/01/21 17:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/01/21 17:26:43 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/01/21 17:22:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/01/21 17:22:40 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/01/21 17:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012/01/21 17:20:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/01/21 15:25:24 | 000,450,440 | -HS- | C] (Microsoft Corporation) -- C:\ProgramData\tSUpODctlIrm.exe
[2012/01/20 14:39:48 | 000,000,000 | ---D | C] -- C:\Users\Nil gül\Desktop\BB9700_PredatorZero.php-Dateien
[2012/01/18 15:49:12 | 000,000,000 | ---D | C] -- C:\Users\Nil gül\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/01/12 13:27:24 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/12 13:26:56 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/12 13:26:54 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/12 13:25:49 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/12 13:25:49 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2011/12/28 13:03:33 | 000,000,000 | ---D | C] -- C:\Users\MUSTER\AppData\Roaming\Apple Computer
[2011/12/25 11:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[3 C:\Users\Rabia Aktas\Desktop\*.tmp files -> C:\Users\Rabia Aktas\Desktop\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/22 10:54:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/22 10:50:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6058A02A-C761-4193-9B15-B3265741BCD7}.job
[2012/01/22 10:50:00 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{01EBFE70-A3D4-4E95-9346-CD121520D84B}.job
[2012/01/22 10:50:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{71A7EA0A-2F2D-4545-8E71-531B5D7FDC39}.job
[2012/01/22 10:50:00 | 000,000,412 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0FFFAF26-C41B-4EBA-94A2-72009AEB62FC}.job
[2012/01/22 10:40:39 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/22 10:33:31 | 091,975,189 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2012/01/22 10:28:52 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/22 10:28:52 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/22 09:24:17 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/22 09:10:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
[2012/01/22 09:10:03 | 000,000,237 | ---- | M] () -- C:\user.js
[2012/01/22 09:09:50 | 000,000,788 | ---- | M] () -- C:\Users\Rabia Aktas\Desktop\PDF Reader.lnk
[2012/01/22 08:28:22 | 000,095,744 | ---- | M] (Kassl GmbH) -- C:\Users\Nil gül\AppData\Roaming\dwlGina3.dll
[2012/01/21 17:27:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/01/21 17:22:58 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/01/21 17:20:09 | 000,001,830 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/01/21 15:31:14 | 000,483,328 | ---- | M] (IObit ) -- C:\Users\Rabia Aktas\AppData\Roaming\h4w5eu5zy.exe
[2012/01/21 15:31:14 | 000,483,328 | ---- | M] (IObit ) -- C:\Users\Nil gül\AppData\Roaming\h4w5eu5zy.exe
[2012/01/21 15:22:18 | 000,450,440 | -HS- | M] (Microsoft Corporation) -- C:\ProgramData\tSUpODctlIrm.exe
[2012/01/21 15:20:55 | 000,034,816 | -HS- | M] () -- C:\Users\Nil gül\AppData\Roaming\05D8ED.exe
[2012/01/20 14:39:52 | 000,018,882 | ---- | M] () -- C:\Users\Nil gül\Desktop\BB9700_PredatorZero.php.htm
[2012/01/19 18:41:03 | 000,637,090 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/19 18:41:03 | 000,603,042 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/19 18:41:03 | 000,134,740 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/19 18:41:03 | 000,106,858 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/18 15:54:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/01/18 15:54:42 | 000,000,997 | ---- | M] () -- C:\Users\Nil gül\Desktop\DVDVideoSoft Free Studio.lnk
[2012/01/18 15:54:38 | 000,001,070 | ---- | M] () -- C:\Users\Nil gül\Desktop\Free YouTube Download.lnk
[2012/01/18 15:49:05 | 000,001,065 | ---- | M] () -- C:\Users\Nil gül\Desktop\Free DVD Video Burner.lnk
[2012/01/18 15:48:58 | 000,001,156 | ---- | M] () -- C:\Users\Nil gül\Desktop\Free YouTube to DVD Converter.lnk
[2012/01/18 12:51:22 | 000,621,032 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[2011/12/25 11:54:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/12/24 06:10:51 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[3 C:\Users\Rabia Aktas\Desktop\*.tmp files -> C:\Users\Rabia Aktas\Desktop\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/22 09:10:03 | 000,000,237 | ---- | C] () -- C:\user.js
[2012/01/22 09:09:50 | 000,000,788 | ---- | C] () -- C:\Users\Rabia Aktas\Desktop\PDF Reader.lnk
[2012/01/21 15:21:19 | 000,034,816 | -HS- | C] () -- C:\Users\Nil gül\AppData\Roaming\05D8ED.exe
[2012/01/20 14:39:48 | 000,018,882 | ---- | C] () -- C:\Users\Nil gül\Desktop\BB9700_PredatorZero.php.htm
[2012/01/18 15:54:38 | 000,001,070 | ---- | C] () -- C:\Users\Nil gül\Desktop\Free YouTube Download.lnk
[2012/01/18 15:49:05 | 000,001,065 | ---- | C] () -- C:\Users\Nil gül\Desktop\Free DVD Video Burner.lnk
[2012/01/18 15:49:04 | 000,000,997 | ---- | C] () -- C:\Users\Nil gül\Desktop\DVDVideoSoft Free Studio.lnk
[2012/01/18 15:48:58 | 000,001,156 | ---- | C] () -- C:\Users\Nil gül\Desktop\Free YouTube to DVD Converter.lnk
[2011/12/07 03:29:37 | 000,000,000 | ---- | C] () -- C:\Users\Nil gül\AppData\Local\{BE5F4EDA-7F92-4DDE-8FE5-A17F99A7633D}
[2011/04/09 11:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/02/01 04:41:46 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010/04/17 09:11:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/04/17 09:11:23 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/04/17 08:52:53 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/04/09 16:36:57 | 000,000,020 | ---- | C] () -- C:\Windows\System32\IGFXDEV.DLL
[2009/11/22 09:25:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/05/26 16:36:18 | 000,005,632 | ---- | C] () -- C:\Users\Gast\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/01 17:34:15 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2008/12/31 19:50:15 | 000,000,680 | ---- | C] () -- C:\Users\Rabia Aktas\AppData\Local\d3d9caps.dat
[2008/12/31 08:33:15 | 000,000,036 | -H-- | C] () -- C:\Windows\System32\swk.ini
[2008/09/12 16:34:40 | 000,006,471 | ---- | C] () -- C:\Users\Rabia Aktas\AppData\Roaming\NMM-MetaData.db
[2008/09/04 21:09:46 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/08/17 16:13:04 | 000,000,241 | ---- | C] () -- C:\Windows\QSync.INI
[2008/04/30 04:10:44 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008/04/29 13:53:08 | 000,031,007 | ---- | C] () -- C:\Users\Rabia Aktas\AppData\Roaming\UserTile.png
[2008/04/29 13:32:44 | 000,092,160 | ---- | C] () -- C:\Users\Rabia Aktas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/29 09:14:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/01/08 03:35:57 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/01/08 03:35:57 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/01/08 03:35:56 | 000,154,206 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/10/15 13:52:56 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/10/15 13:51:56 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007/10/15 13:51:56 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007/10/15 13:51:56 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007/10/15 13:51:56 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007/07/12 14:33:09 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2007/07/12 14:33:09 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2007/07/12 14:33:09 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007/07/12 14:33:09 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007/07/12 03:45:09 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/07/12 03:45:09 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/07/12 03:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/07/12 03:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/07/12 03:45:09 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/07/12 03:45:09 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/07/12 03:26:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007/04/16 01:35:21 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007/04/16 01:02:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007/04/15 23:38:28 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll
[2006/12/05 06:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/02 10:33:31 | 000,637,090 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006/11/02 10:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006/11/02 10:33:31 | 000,134,740 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006/11/02 10:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 001,738,096 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,603,042 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,106,858 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/11/23 07:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005/07/22 14:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2009/04/26 12:46:36 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\PC Suite
[2011/07/17 15:58:26 | 000,000,000 | ---D | M] -- C:\Users\MUSTER\AppData\Roaming\Opera
[2011/07/17 09:21:00 | 000,000,000 | ---D | M] -- C:\Users\MUSTER\AppData\Roaming\Systweak
[2011/06/13 05:27:56 | 000,000,000 | ---D | M] -- C:\Users\MUSTER\AppData\Roaming\TeamViewer
[2012/01/18 16:08:59 | 000,000,000 | ---D | M] -- C:\Users\Nil gül\AppData\Roaming\DVDVideoSoft
[2012/01/18 15:54:45 | 000,000,000 | ---D | M] -- C:\Users\Nil gül\AppData\Roaming\DVDVideoSoftIEHelpers
[2008/05/22 14:35:56 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\.contentlauncher
[2010/04/28 07:15:55 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\AF435A3049108B3CB335680D69A10661
[2010/04/11 10:51:39 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\AVG9
[2012/01/22 09:09:53 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\Babylon
[2008/05/22 14:36:41 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\contentlauncher
[2010/04/26 08:44:22 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\Desktop Sidebar
[2008/06/02 13:06:08 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\DesktopSMS
[2010/12/25 20:18:34 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\DVDVideoSoftIEHelpers
[2009/10/25 16:24:17 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\Hotbar
[2010/12/29 10:31:34 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\Local
[2010/11/17 08:17:28 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\Nokia
[2008/05/02 16:16:54 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\Opera
[2010/04/03 15:12:36 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\PC Suite
[2011/04/17 14:40:18 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\ShopperReports3
[2012/01/22 09:09:59 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\SumatraPDF
[2010/12/11 18:03:13 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\TeamViewer
[2008/05/31 18:08:35 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\Toshiba
[2011/03/14 18:00:20 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\TuneUp Software
[2010/12/11 04:25:24 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\Vodafone
[2009/10/10 12:27:31 | 000,000,000 | ---D | M] -- C:\Users\Rabia Aktas\AppData\Roaming\WeatherDPA
[2008/04/29 10:29:41 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/01/16 13:06:10 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG Secure Search
[2010/04/08 07:43:00 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG Security Toolbar
[2010/04/26 08:55:20 | 000,000,000 | ---D | M] -- C:\ProgramData\avg9
[2012/01/22 09:09:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2011/02/13 09:57:11 | 000,000,000 | ---D | M] -- C:\ProgramData\BewerbungsMaster
[2011/03/14 14:27:22 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/04/29 10:29:41 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2008/04/29 10:29:41 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/10/10 14:45:41 | 000,000,000 | ---D | M] -- C:\ProgramData\HotbarSA
[2010/04/21 07:32:40 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations
[2007/04/16 01:37:05 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2011/02/01 21:21:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Messenger Plus!
[2009/03/29 13:40:33 | 000,000,000 | ---D | M] -- C:\ProgramData\Nokia
[2010/11/17 08:07:37 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaInstallerCache
[2008/05/07 16:31:36 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2008/04/29 10:29:41 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2008/04/29 10:37:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Toshiba
[2008/04/29 10:33:42 | 000,000,000 | ---D | M] -- C:\ProgramData\ToshibaEurope
[2011/03/14 18:04:28 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2007/07/12 03:44:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Ulead Systems
[2007/07/12 03:26:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Vista64
[2010/12/11 04:24:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Vodafone
[2008/04/29 10:29:41 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2010/04/21 05:51:27 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2007/07/12 03:26:43 | 000,000,000 | ---D | M] -- C:\ProgramData\XP
[2011/03/14 17:59:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010/12/28 15:39:37 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/08 15:09:34 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/04/08 23:13:31 | 000,000,016 | -H-- | M] () -- C:\Windows\Tasks\mxfilerelatedcache.mxc2
[2012/01/22 08:36:25 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/01/22 10:50:00 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{01EBFE70-A3D4-4E95-9346-CD121520D84B}.job
[2012/01/22 10:50:00 | 000,000,412 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0FFFAF26-C41B-4EBA-94A2-72009AEB62FC}.job
[2010/12/15 21:29:59 | 000,000,430 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2292FFA0-9951-4CCB-A4DF-A8F0B3683F38}.job
[2012/01/22 10:50:00 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6058A02A-C761-4193-9B15-B3265741BCD7}.job
[2012/01/22 10:50:00 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{71A7EA0A-2F2D-4545-8E71-531B5D7FDC39}.job

========== Purity Check ==========


< End of report >

Alt 22.01.2012, 19:20   #2
Swisstreasure
/// Malwareteam
 
dwlgina3.dll a not found - Standard

dwlgina3.dll a not found





Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Fixen mit OTLpe
  • Starte den unbootbaren Computer erneut mit der OTLPE-CD,
  • warte bis der Reatogo-X-Pe-Desktop erscheint und doppelklicke das OTLPE-Icon.
  • Kopiere folgendes Skript in das Textfeld unterhalb von Custom Scans/Fixes:
    Code:
    ATTFilter
    :OTL
    O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O3 - HKU\Gast_ON_C\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
    O3 - HKU\Gast_ON_C\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
    O4 - HKLM..\Run: [lZoxBNSHVhEHmPm] C:\Windows\System32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe (IObit )
    O4 - HKU\.DEFAULT..\Run: [lZoxBNSHVhEHmPm] C:\Windows\System32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe (IObit )
    O4 - HKU\Nil_gül_ON_C..\Run: [MozillaPlugins] C:\Users\Nil gül\AppData\Roaming\05D8ED.exe ()
    O4 - HKU\Nil_gül_ON_C..\Run: [lZoxBNSHVhEHmPm] C:\Users\Nil gül\AppData\Roaming\h4w5eu5zy.exe (IObit )
    O4 - HKU\Nil_gül_ON_C..\Run: [TOSCDSPD] File not found
    O4 - HKU\Nil_gül_ON_C..\Run: [tSUpODctlIrm.exe] C:\ProgramData\tSUpODctlIrm.exe (Microsoft Corporation)
    O4 - HKU\Rabia_Aktas_ON_C..\Run: [] File not found
    O20 - HKLM Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe) - C:\Windows\System32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe (IObit )
    O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe) - C:\Windows\System32\config\systemprofile\AppData\Roaming\h4w5eu5zy.exe (IObit )
    O20 - HKU\Nil_gül_ON_C Winlogon: Shell - (C:\Users\Nil gül\AppData\Roaming\h4w5eu5zy.exe) - C:\Users\Nil gül\AppData\Roaming\h4w5eu5zy.exe (IObit )
    O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
    O33 - MountPoints2\{af4324c7-8c0d-11de-a736-001b38b71667}\Shell - "" = AutoRun
    O33 - MountPoints2\{af4324c7-8c0d-11de-a736-001b38b71667}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
    O33 - MountPoints2\{ca635b6c-2b34-11e1-8bfe-001de0a2974f}\Shell - "" = AutoRun
    O33 - MountPoints2\{ca635b6c-2b34-11e1-8bfe-001de0a2974f}\Shell\AutoRun\command - "" = D:\AutoRun.exe
    O33 - MountPoints2\{ca635b6e-2b34-11e1-8bfe-001de0a2974f}\Shell - "" = AutoRun
    O33 - MountPoints2\{ca635b6e-2b34-11e1-8bfe-001de0a2974f}\Shell\AutoRun\command - "" = H:\AutoRun.exe
    O33 - MountPoints2\{ca635b71-2b34-11e1-8bfe-001b38b71667}\Shell - "" = AutoRun
    O33 - MountPoints2\{ca635b71-2b34-11e1-8bfe-001b38b71667}\Shell\AutoRun\command - "" = D:\AutoRun.exe
    O33 - MountPoints2\{ca635b72-2b34-11e1-8bfe-001b38b71667}\Shell - "" = AutoRun
    O33 - MountPoints2\{ca635b72-2b34-11e1-8bfe-001b38b71667}\Shell\AutoRun\command - "" = D:\AutoRun.exe
    [2012/01/21 15:21:19 | 000,034,816 | -HS- | C] () -- C:\Users\Nil gül\AppData\Roaming\05D8ED.exe
    [2012/01/22 08:28:22 | 000,483,328 | ---- | C] (IObit ) -- C:\Users\Rabia Aktas\AppData\Roaming\h4w5eu5zy.exe
    [2012/01/22 08:28:22 | 000,095,744 | ---- | C] (Kassl GmbH) -- C:\Users\Nil gül\AppData\Roaming\dwlGina3.dll
    [2012/01/22 08:24:08 | 000,483,328 | ---- | C] (IObit ) -- C:\Users\Nil gül\AppData\Roaming\h4w5eu5zy.exe
    [2012/01/22 08:28:22 | 000,095,744 | ---- | M] (Kassl GmbH) -- C:\Users\Nil gül\AppData\Roaming\dwlGina3.dll
    [2012/01/21 15:31:14 | 000,483,328 | ---- | M] (IObit ) -- C:\Users\Rabia Aktas\AppData\Roaming\h4w5eu5zy.exe
    [2012/01/21 15:31:14 | 000,483,328 | ---- | M] (IObit ) -- C:\Users\Nil gül\AppData\Roaming\h4w5eu5zy.exe
    [2012/01/21 15:22:18 | 000,450,440 | -HS- | M] (Microsoft Corporation) -- C:\ProgramData\tSUpODctlIrm.exe
    [2012/01/21 15:20:55 | 000,034,816 | -HS- | M] () -- C:\Users\Nil gül\AppData\Roaming\05D8ED.exe
    :Commands
    [purity]
    [emptytemp]
    [purity]
    [emptytemp]
             
  • Sollte das mangels Internet-Verbindung nicht möglich sein,
  • kopiere den Text aus der folgenden Code-Box und speichere ihn als Fix.txt auf einen USB-Stick.
  • Schließe den USB-Stick an den Computer an und öffne Fix.txt mit dem Explorer auf dem Reatogo-Desktop.
  • Kopiere den Inhalt von Fix.txt in das Textfeld unterhalb von Custom Scans/Fixes:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Kopiere den Inhalt hier in Code-Tags in Deinen Thread.
  • Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>
  • Teste, ob den Computer nun wieder in den normalen Windows-Modus booten kannst und berichte.
__________________


Alt 22.01.2012, 20:59   #3
Pryncess
 
dwlgina3.dll a not found - Standard

dwlgina3.dll a not found



jetzt kommt die meldung dwlgina nicht mehr aber der desktop bleibt immer noch dunkel hab explorer.exe eingegeben kann meine daten sehen aber desktop bleibt tzrotzdem dunkel
__________________

Alt 22.01.2012, 21:48   #4
Swisstreasure
/// Malwareteam
 
dwlgina3.dll a not found - Standard

dwlgina3.dll a not found



Poste bitte noch das Log.

Und kannst Du nun ein Scan mit Malwarebytes Antimalware machen?

Antwort

Themen zu dwlgina3.dll a not found
.dll, akamai, avg, avg secure search, avg security toolbar, babylon toolbar, babylontoolbar, bho, bonjour, cid, compare, computer, conduit, converter, cyberghost, dealply, desktop, disabletaskmgr, download, dwlgina3.dll, error, firefox, format, generic, google earth, home, iobit, logfile, notification, port, realtek, registry, roc_roc_dec12, scan, schnelle hilfe, secure search, security, software, studio, symantec, trojaner, version=1.0, vista, vtoolbarupdater



Ähnliche Themen: dwlgina3.dll a not found


  1. found.in entfernen
    Anleitungen, FAQs & Links - 25.10.2015 (2)
  2. dwlgina3.dll wurde nicht gefunden, Desktop bleibt leer
    Log-Analyse und Auswertung - 13.03.2012 (13)
  3. Computer startet nicht mehr, dwlgina3.dll wurde nicht gefunden
    Log-Analyse und Auswertung - 23.02.2012 (29)
  4. Erst can nott find dwlgina3.dll mit Blackscreen, jetzt den GEMA-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 18.02.2012 (38)
  5. dwlgina3.dll konnte nicht gefunden werden.. Blackscreen
    Log-Analyse und Auswertung - 17.02.2012 (3)
  6. Can not find dwlgina3.dll Bitte um Hilfe
    Log-Analyse und Auswertung - 12.02.2012 (3)
  7. can not find dwlgina3.dll
    Log-Analyse und Auswertung - 03.02.2012 (33)
  8. dwlgina3.dll, vista startet nicht mehr
    Log-Analyse und Auswertung - 31.01.2012 (5)
  9. Rechner startet nicht, weil er die dwlgina3.dll datei nicht findet
    Log-Analyse und Auswertung - 27.01.2012 (41)
  10. PC Startet nicht (dwlgina3.dll) und Booten von OTLPE-CD funktioniert nicht
    Log-Analyse und Auswertung - 27.01.2012 (22)
  11. dwlgina3.dll wurde nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (22)
  12. can not find dwlgina3.dll. windows 7 startet nicht.
    Plagegeister aller Art und deren Bekämpfung - 24.01.2012 (7)
  13. Ebenso Probleme mit DWLGINA3.dll
    Log-Analyse und Auswertung - 24.01.2012 (25)
  14. Windows 7 lässt sich nicht mehr anmelden: dwlgina3.dll
    Plagegeister aller Art und deren Bekämpfung - 16.01.2012 (16)
  15. Windows 7: can not find dwlgina3.dll
    Log-Analyse und Auswertung - 11.01.2012 (5)
  16. dwlgina3.dll, gema, windows vista laesst sich nicht mehr starten
    Plagegeister aller Art und deren Bekämpfung - 19.11.2011 (10)
  17. Can not find dwlgina3.dll --> Rechner lässrt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 16.11.2011 (3)

Zum Thema dwlgina3.dll a not found - desktop geht nicht an auch nicht beim eintipen von explorer.exe mein otl.exe sende ich unten bitte um schnelle hilfe viele dank OTL logfile created on: 1/22/2012 5:43:47 PM - Run - dwlgina3.dll a not found...
Archiv
Du betrachtest: dwlgina3.dll a not found auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.