Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: GVU Trojaner, OTL.txt, OTL Auswertung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.01.2013, 16:53   #1
faktorisator
 
GVU Trojaner, OTL.txt, OTL Auswertung - Rotes Gesicht

GVU Trojaner, OTL.txt, OTL Auswertung



Hallo!

Bin Anfänger aber habe mich mit viel Kaffee und mit euerem Forum mich die ganze letzte nacht und den ganzen Tag vorgearbeitet. Ich brauche meinen LAptop dringend für die Arbeit und bin kurz davoe Windows neu zu installieren. Ich hoffe Ihr könnt mir Helfen... das wäre unglaublich toll...

Ich habe einen GVU Trojaner seit gestern auf einem Windows 7 PC. Durch das booten von einer Antiviren CD konnte er nicht entfernt werden. Nach dem Start von Windows erscheint sofort wieder die angebliche Warnmeldung der GVU.

Im Folgenden die OTL.txthoffe ich poste das jetzt richtig...)

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 1/25/2013 5:36:30 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.80 Gb Total Space | 117.05 Gb Free Space | 26.02% Space Free | Partition Type: NTFS
Drive E: | 3.73 Gb Total Space | 2.89 Gb Free Space | 77.42% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012/11/22 09:35:22 | 000,828,072 | ---- | M] (Check Point Software Technologies) [Auto] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/09/27 06:46:50 | 000,036,160 | ---- | M] (TuneUp Software) [Auto] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011/06/28 00:25:26 | 000,828,856 | ---- | M] (TOSHIBA Corporation) [Disabled] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2011/06/09 23:10:00 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [Disabled] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/05/26 02:09:58 | 000,204,288 | ---- | M] (AMD) [Auto] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/24 11:58:12 | 000,294,848 | ---- | M] (TOSHIBA Corporation) [Disabled] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2011/05/17 16:34:18 | 000,574,896 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/10/20 16:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Disabled] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/20 04:14:43 | 000,541,608 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/01/10 03:12:21 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/02 08:10:28 | 002,448,032 | ---- | M] (Check Point Software Technologies LTD) [Auto] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012/12/18 00:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/29 14:31:04 | 000,038,608 | ---- | M] () [Auto] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/11/09 05:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/19 08:03:47 | 000,008,192 | ---- | M] () [Auto] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2012/01/30 14:28:52 | 000,075,136 | ---- | M] () [Auto] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/01/05 19:56:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/09/27 06:52:38 | 002,027,840 | ---- | M] (TuneUp Software) [Auto] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/09/27 06:46:44 | 000,029,504 | ---- | M] (TuneUp Software) [Auto] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/09/01 02:22:18 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0)
SRV - [2011/07/11 19:16:06 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [Disabled] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/10/22 06:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/09/30 08:00:28 | 000,253,264 | ---- | M] () [Auto] -- C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 07:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/18 12:48:28 | 000,009,216 | ---- | M] (Vodafone) [Auto] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/12/13 05:49:42 | 000,450,136 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2012/11/22 09:35:36 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2012/10/30 17:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/10/15 11:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System] -- C:\windows\System32\Drivers\aswrdr2.sys -- (aswRdr)
DRV:64bit: - [2012/05/11 00:34:12 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2012/03/12 09:09:47 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2012/03/12 09:09:42 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2012/03/12 09:09:42 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2012/02/24 04:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssudobex.sys -- (ssudobex) SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.)
DRV:64bit: - [2012/02/24 04:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2012/02/06 16:12:36 | 000,051,776 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pssdk41.sys -- (PsSdk41)
DRV:64bit: - [2011/07/07 17:02:16 | 001,576,576 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/05/26 03:58:22 | 009,263,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/05/26 01:28:50 | 000,300,544 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/02/09 13:29:10 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/01/05 03:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/12/01 18:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/11/30 16:40:04 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/24 09:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/22 14:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/10/29 13:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2009/10/29 13:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2009/10/29 13:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2009/10/29 13:28:24 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2009/08/18 07:06:36 | 000,135,168 | ---- | M] (ZTE Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV:64bit: - [2009/08/18 07:06:36 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV:64bit: - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 19:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\windows\system32\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/19 21:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/15 15:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand] -- C:\Windows\System32\drivers\QIOMem.sys -- (QIOMem)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/04/08 07:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2007/02/15 19:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2012/01/20 18:47:32 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot] -- C:\Windows\SysWOW64\drivers\Partizan.sys -- (Partizan)
DRV - [2010/11/29 22:27:40 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/02/15 19:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Franzo_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com
IE - HKU\Franzo_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Franzo_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com/?l=dis&o=102874&gct=hp
IE - HKU\Franzo_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\Franzo_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Franzo_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;
 
 
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_5_502_146.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Franzo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2013/01/23 09:45:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/07/07 06:01:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/08/28 09:26:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2013/01/23 09:45:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/24 10:59:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/07/07 06:01:09 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2011/01/27 09:00:57 | 000,001,211 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  File not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Franzo\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\Franzo_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager]  File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba)
O4 - HKLM..\Run: [TSleepSrv]  File not found
O4 - HKLM..\Run: [UIExec] C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe ()
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\Franzo_ON_C..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKU\Franzo_ON_C..\Run: [EPSON B1100 Series]  File not found
O4 - HKU\Franzo_ON_C..\Run: [Facebook Update] C:\Users\Franzo\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\Franzo_ON_C..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\Franzo_ON_C..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\Franzo_ON_C..\Run: [RESTART_STICKY_NOTES]  File not found
O4 - HKU\Franzo_ON_C..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm ()
O8:64bit: - Extra context menu item: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Franzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: 使用迷你快车下载 - C:\FlashGet Network\FlashGet Mini\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用迷你快车下载全部链接 - C:\FlashGet Network\FlashGet Mini\GetAllUrl.htm ()
O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Franzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: 使用迷你快车下载 - C:\FlashGet Network\FlashGet Mini\GetUrl.htm ()
O8 - Extra context menu item: 使用迷你快车下载全部链接 - C:\FlashGet Network\FlashGet Mini\GetAllUrl.htm ()
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (C:\PROGRA~3\dsgsdgdsgdsgw.bat) - C:\ProgramData\dsgsdgdsgdsgw.bat ()
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (C:\PROGRA~3\dsgsdgdsgdsgw.bat) - C:\ProgramData\dsgsdgdsgdsgw.bat ()
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O27:64bit: - HKLM IFEO\facebookmessenger.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\install.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mediacontroller.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\taisregistration.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\Teco.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\tintouch.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\todisc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\toshibaappplace.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\tosramutil.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\tosssdalert.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\tpchviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\trmclcher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{f7d7dd76-1dca-11e1-a084-047d7b02f285}\Shell - "" = AutoRun
O33 - MountPoints2\{f7d7dd76-1dca-11e1-a084-047d7b02f285}\Shell\AutoRun\command - "" = E:\SamsungKiesInstaller.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/24 10:59:45 | 000,000,000 | ---D | C] -- C:\Users\Franzo\AppData\Roaming\RealNetworks
[2013/01/24 10:59:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2013/01/24 10:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/01/24 10:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2013/01/24 10:58:47 | 000,201,424 | ---- | C] (RealNetworks, Inc.) -- C:\windows\SysWow64\rmoc3260.dll
[2013/01/24 10:58:40 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5016.dll
[2013/01/24 10:58:40 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5032.dll
[2013/01/24 10:58:38 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\windows\SysWow64\pncrt.dll
[2013/01/24 10:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2013/01/24 10:58:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2013/01/24 10:57:54 | 000,000,000 | ---D | C] -- C:\Users\Franzo\AppData\Roaming\Real
[2013/01/24 10:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/01/24 08:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/01/24 07:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2013/01/23 09:45:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2013/01/22 12:56:57 | 000,000,000 | ---D | C] -- C:\Users\Franzo\Desktop\ANWALT!!!
[2013/01/22 04:47:12 | 000,000,000 | ---D | C] -- C:\Users\Franzo\Desktop\pisti foto
[2013/01/21 13:24:47 | 000,000,000 | ---D | C] -- C:\Users\Franzo\Desktop\The Gunstringer
[2013/01/20 17:10:42 | 000,000,000 | ---D | C] -- C:\Users\Franzo\Desktop\SOUNDS
[2013/01/20 16:36:30 | 000,000,000 | ---D | C] -- C:\Users\Franzo\Desktop\xboxgames
[2013/01/16 05:50:25 | 000,000,000 | ---D | C] -- C:\Users\Franzo\Desktop\MOM Laser
[2013/01/15 11:34:08 | 000,000,000 | ---D | C] -- C:\Users\Franzo\AppData\Roaming\Avery
[2013/01/15 11:27:28 | 025,541,984 | ---- | C] (Avery Dennison Corp.) -- C:\Users\Franzo\Desktop\averywizard_4_0_2_2877_1_de.exe
[2013/01/11 08:04:33 | 000,000,000 | ---D | C] -- C:\Users\Franzo\Desktop\Brandl
[2013/01/10 02:14:29 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2013/01/10 02:14:29 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncrypt.dll
[2013/01/10 02:14:26 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32spl.dll
[2013/01/10 02:14:26 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2013/01/10 02:14:11 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\usp10.dll
[2013/01/10 02:14:00 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
[2013/01/10 02:14:00 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\System32\fpb.rs
[2013/01/10 02:14:00 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
[2013/01/10 02:14:00 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\System32\oflc-nz.rs
[2013/01/10 02:14:00 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
[2013/01/10 02:14:00 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\System32\csrr.rs
[2013/01/10 02:14:00 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
[2013/01/10 02:14:00 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\System32\cob-au.rs
[2013/01/10 02:13:59 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wpc.dll
[2013/01/10 02:13:59 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
[2013/01/10 02:13:59 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\System32\pegibbfc.rs
[2013/01/10 02:13:59 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
[2013/01/10 02:13:59 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\System32\usk.rs
[2013/01/10 02:13:59 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
[2013/01/10 02:13:59 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\System32\grb.rs
[2013/01/10 02:13:59 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
[2013/01/10 02:13:59 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-pt.rs
[2013/01/10 02:13:59 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
[2013/01/10 02:13:59 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi.rs
[2013/01/10 02:13:59 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
[2013/01/10 02:13:59 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\System32\djctq.rs
[2013/01/10 02:13:58 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\gameux.dll
[2013/01/10 02:13:58 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2013/01/10 02:13:58 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
[2013/01/10 02:13:57 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\System32\cero.rs
[2013/01/10 02:13:57 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
[2013/01/10 02:13:57 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\System32\esrb.rs
[2013/01/10 02:13:57 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
[2013/01/10 02:13:57 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\System32\oflc.rs
[2013/01/10 02:13:57 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
[2013/01/10 02:13:57 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-fi.rs
[2013/01/10 02:13:56 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
[2013/01/10 02:13:17 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KernelBase.dll
[2013/01/10 02:13:16 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\kernel32.dll
[2013/01/10 02:13:15 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wow64win.dll
[2013/01/10 02:13:15 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2013/01/10 02:13:15 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wow64.dll
[2013/01/10 02:13:15 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2013/01/10 02:13:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntvdm64.dll
[2013/01/10 02:13:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wow64cpu.dll
[2013/01/10 02:13:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/01/10 02:13:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013/01/10 02:13:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/01/10 02:13:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013/01/10 02:13:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/01/10 02:13:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/10 02:13:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/10 02:13:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/10 02:13:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013/01/10 02:13:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013/01/10 02:13:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/10 02:13:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/10 02:13:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/10 02:13:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/10 02:13:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/10 02:13:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/10 02:13:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/01/10 02:13:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013/01/10 02:13:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/10 02:13:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/10 02:13:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/10 02:13:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/01/10 02:13:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/01/10 02:13:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013/01/10 02:13:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/01/10 02:13:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/10 02:13:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/01/10 02:13:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013/01/10 02:13:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/01/10 02:13:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/01/10 02:13:11 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/01/10 02:13:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/10 02:13:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/01/10 02:13:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/01/10 02:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013/01/10 02:13:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013/01/10 02:12:46 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskhost.exe
[2013/01/08 21:28:08 | 000,000,000 | ---D | C] -- C:\Users\Franzo\Desktop\ursl pics
[2013/01/08 17:47:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013/01/08 17:47:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/01/08 16:36:29 | 000,000,000 | ---D | C] -- C:\Users\Franzo\AppData\Roaming\Adobe Mini Bridge CS5.1
[2013/01/08 16:36:28 | 000,000,000 | ---D | C] -- C:\Users\Franzo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/01/08 13:21:18 | 000,000,000 | ---D | C] -- C:\Users\Franzo\Desktop\PDT Broschüre HU
[2013/01/08 12:07:56 | 000,000,000 | ---D | C] -- C:\Users\Franzo\AppData\Roaming\com.adobe.dmp.contentviewer
[2013/01/08 11:55:40 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/01/08 08:27:12 | 000,000,000 | ---D | C] -- C:\Users\Franzo\AppData\Roaming\Astute Graphics
[2011/09/25 19:56:26 | 000,216,064 | ---- | C] ( ) -- C:\windows\SysWow64\lagarith.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/01/25 09:17:59 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/01/25 08:59:16 | 1725,063,167 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/25 08:51:48 | 000,024,608 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 08:51:48 | 000,024,608 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 08:45:26 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/25 04:41:05 | 000,624,412 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/01/25 04:41:05 | 000,106,756 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/01/25 04:38:26 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2013/01/24 13:27:32 | 000,002,915 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2013/01/24 13:27:32 | 000,000,159 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.reg
[2013/01/24 13:27:32 | 000,000,067 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.bat
[2013/01/24 13:18:01 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/24 13:12:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/01/24 12:07:19 | 000,000,191 | ---- | M] () -- C:\Users\Franzo\AppData\Roaming\ftpfile.dat
[2013/01/24 11:57:01 | 000,000,932 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3710767384-924277198-688078733-1000UA.job
[2013/01/24 10:59:19 | 000,001,325 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/01/24 10:59:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2013/01/24 10:58:47 | 000,201,424 | ---- | M] (RealNetworks, Inc.) -- C:\windows\SysWow64\rmoc3260.dll
[2013/01/24 10:58:40 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5016.dll
[2013/01/24 10:58:40 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5032.dll
[2013/01/24 10:58:38 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\windows\SysWow64\pncrt.dll
[2013/01/24 10:58:33 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp71.dll
[2013/01/24 08:14:08 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/01/24 08:14:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/01/24 07:44:09 | 000,074,703 | ---- | M] () -- C:\windows\SysWow64\mfc45.dll
[2013/01/23 09:53:54 | 000,417,524 | ---- | M] () -- C:\windows\System32\drivers\vsconfig.xml
[2013/01/23 09:45:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2013/01/22 05:57:00 | 000,000,910 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3710767384-924277198-688078733-1000Core.job
[2013/01/22 04:46:33 | 000,001,033 | ---- | M] () -- C:\Users\Franzo\Desktop\Dropbox.lnk
[2013/01/15 11:27:41 | 025,541,984 | ---- | M] (Avery Dennison Corp.) -- C:\Users\Franzo\Desktop\averywizard_4_0_2_2877_1_de.exe
[2013/01/13 12:21:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/01/11 09:51:06 | 004,998,264 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/01/11 09:47:09 | 000,002,441 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/01/10 04:30:54 | 000,075,458 | ---- | M] () -- C:\Users\Franzo\Desktop\fusion überweisung bestätigung.pdf
[2013/01/10 03:12:21 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/01/10 03:12:21 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/01/08 17:48:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/01/08 17:48:25 | 000,001,273 | ---- | M] () -- C:\Users\Franzo\Desktop\Free YouTube Download.lnk
[2013/01/08 12:01:51 | 000,001,182 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS5.5.lnk
[2013/01/08 11:56:07 | 000,001,117 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS5.5.lnk
[2013/01/08 11:53:53 | 000,001,068 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
[2013/01/07 05:29:59 | 009,471,374 | ---- | M] () -- C:\Users\Franzo\Desktop\ausgabe4.pdf
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/01/24 13:27:32 | 000,002,915 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2013/01/24 13:27:32 | 000,000,159 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.reg
[2013/01/24 13:27:32 | 000,000,067 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.bat
[2013/01/24 13:27:28 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2013/01/24 10:59:19 | 000,001,325 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/01/24 08:14:08 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/01/24 07:44:09 | 000,074,703 | ---- | C] () -- C:\windows\SysWow64\mfc45.dll
[2013/01/10 04:30:54 | 000,075,458 | ---- | C] () -- C:\Users\Franzo\Desktop\fusion überweisung bestätigung.pdf
[2013/01/08 17:48:25 | 000,001,273 | ---- | C] () -- C:\Users\Franzo\Desktop\Free YouTube Download.lnk
[2013/01/08 12:01:51 | 000,001,182 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS5.5.lnk
[2013/01/08 11:56:07 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS5.5.lnk
[2013/01/08 11:53:53 | 000,001,068 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
[2013/01/07 05:29:58 | 009,471,374 | ---- | C] () -- C:\Users\Franzo\Desktop\ausgabe4.pdf
[2012/11/25 18:51:49 | 000,175,104 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll
[2012/11/22 15:22:22 | 000,000,191 | ---- | C] () -- C:\Users\Franzo\AppData\Roaming\ftpfile.dat
[2012/08/28 10:39:46 | 000,000,106 | -HS- | C] () -- C:\windows\WSYS049.SYS
[2012/07/07 05:52:14 | 000,221,538 | ---- | C] () -- C:\windows\hpoins19.dat
[2012/07/07 05:52:14 | 000,013,898 | ---- | C] () -- C:\windows\hpomdl19.dat
[2012/04/10 20:25:43 | 000,014,976 | ---- | C] () -- C:\windows\SysWow64\drivers\SBKUPNT.SYS
[2012/04/10 20:25:43 | 000,013,312 | ---- | C] () -- C:\windows\SysWow64\DEVLOAD.EXE
[2012/04/10 20:25:41 | 000,000,543 | ---- | C] () -- C:\windows\SWISV3.INI
[2012/04/10 20:25:40 | 000,000,287 | ---- | C] () -- C:\windows\SKNIFE.INI
[2012/04/10 20:25:34 | 000,002,799 | ---- | C] () -- C:\windows\SKLANG.INI
[2012/03/28 21:11:08 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2012/01/02 22:46:53 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\srvany.exe
[2011/12/14 23:08:42 | 000,010,560 | ---- | C] () -- C:\windows\SysWow64\secushr.dat
[2011/12/14 22:54:09 | 000,001,788 | ---- | C] () -- C:\windows\SysWow64\secustat.dat
[2011/12/14 22:48:55 | 000,000,025 | ---- | C] () -- C:\windows\libem.INI
[2011/12/07 10:53:24 | 004,770,816 | ---- | C] () -- C:\windows\SysWow64\x264vfw.dll
[2011/11/30 00:07:57 | 000,175,616 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2011/11/30 00:07:53 | 000,280,904 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2011/11/30 00:07:48 | 000,075,136 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2011/10/31 21:44:25 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2011/10/31 21:36:38 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011/10/31 21:34:38 | 000,003,155 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/10/31 11:22:40 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2011/10/31 11:22:40 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2011/10/31 11:22:40 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2011/10/31 11:22:38 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2011/02/03 21:56:58 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll
[2010/11/20 22:24:49 | 000,252,928 | ---- | C] () -- C:\windows\SysWow64\DShowRdpFilter.dll
[2010/09/15 11:55:52 | 000,179,200 | ---- | C] () -- C:\windows\SysWow64\NB Key 1.exe
[2009/10/15 13:17:10 | 000,130,520 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/10/06 02:16:02 | 000,819,200 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:25:04 | 000,197,632 | ---- | C] () -- C:\windows\SysWow64\ir32_32.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2007/11/26 21:56:28 | 000,151,415 | ---- | C] () -- C:\windows\SysWow64\xlive.dll.cat
[2007/02/05 19:05:26 | 000,000,038 | ---- | C] () -- C:\windows\AviSplitter.INI
 
========== LOP Check ==========
 
[2013/01/08 08:27:12 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Astute Graphics
[2013/01/15 11:34:08 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Avery
[2012/02/29 15:29:12 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Babylon
[2012/01/30 17:12:03 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\BigHugeEngine
[2013/01/08 13:13:25 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\BITS
[2011/11/28 17:02:55 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Book Place
[2012/11/23 07:23:36 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/09/02 05:58:57 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\CheckPoint
[2013/01/08 12:07:56 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\com.adobe.dmp.contentviewer
[2012/10/09 21:48:00 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\C__Users_Franzo_AppData_Local_Temp_ir_ext_temp_0_AutoPlay_Docs_Crack_HideIPEasy.exe
[2012/01/06 22:38:55 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\C__Users_Franzo_AppData_Local_Temp_Temp1_Crack.zip_SuperHideIP.exe
[2012/03/15 01:06:13 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Digiarty
[2013/01/22 04:47:19 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Dropbox
[2013/01/08 17:47:57 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\DVDVideoSoft
[2013/01/08 17:46:50 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/08/07 09:16:00 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\elsterformular
[2012/02/03 15:46:20 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\FileZilla
[2012/05/23 01:52:22 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\FlashGet
[2012/05/19 22:20:25 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\FlashGetBHO
[2012/05/19 22:20:34 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\FlashgetSetup
[2012/10/09 21:49:26 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\HideIPEasy
[2012/03/18 14:10:14 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Insync
[2012/07/18 20:28:19 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\NAVIGON Fresh
[2012/07/17 08:21:49 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\OpenOffice.org
[2011/11/28 17:38:13 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Origin
[2012/02/29 19:34:16 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Participatory Culture Foundation
[2012/03/10 20:30:47 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\PCF-VLC
[2011/12/01 14:54:51 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Publish Providers
[2012/04/27 15:02:01 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Samsung
[2012/12/17 15:05:22 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Scribus
[2012/04/30 19:25:51 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\SharePod
[2012/10/07 17:32:25 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Snappy Fax
[2012/10/05 12:19:40 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Snappy Fax Archives
[2012/01/01 19:50:09 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Sony
[2012/01/01 22:14:25 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Sony Creative Software Inc
[2013/01/08 16:36:28 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/12/03 18:03:44 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\SuperHideIP
[2012/01/30 03:46:39 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\SystemRequirementsLab
[2012/03/21 14:27:53 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\TeamViewer
[2012/08/22 02:30:25 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Temp
[2012/01/04 17:40:09 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\The Creative Assembly
[2011/11/28 17:57:30 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Tific
[2011/11/28 17:25:39 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Toshiba
[2012/01/11 02:14:53 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Trine2
[2011/12/01 21:11:33 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\TuneUp Software
[2012/11/16 12:42:26 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Vodafone
[2012/01/01 22:41:12 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\Win7codecs
[2011/11/28 16:31:09 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\WinBatch
[2012/02/06 19:22:14 | 000,000,000 | ---D | M] -- C:\Users\Franzo\AppData\Roaming\XLink Kai
[2012/04/03 19:40:47 | 000,000,000 | ---D | M] -- C:\ProgramData\2DBoy
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/11/28 16:52:01 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2012/02/29 15:29:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2012/10/10 09:23:53 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2012/09/02 05:39:15 | 000,000,000 | ---D | M] -- C:\ProgramData\CheckPoint
[2012/01/20 16:00:48 | 000,000,000 | ---D | M] -- C:\ProgramData\CPA_VA
[2012/10/09 21:48:00 | 000,000,000 | ---D | M] -- C:\ProgramData\C__Users_Franzo_AppData_Local_Temp_ir_ext_temp_0_AutoPlay_Docs_Crack_HideIPEasy.exe
[2012/01/06 22:38:55 | 000,000,000 | ---D | M] -- C:\ProgramData\C__Users_Franzo_AppData_Local_Temp_Temp1_Crack.zip_SuperHideIP.exe
[2009/07/14 00:08:56 | 000,000,000 | --SD | M] -- C:\ProgramData\Desktop
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/11/30 00:15:11 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Core
[2011/11/30 00:15:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2012/08/07 09:15:00 | 000,000,000 | ---D | M] -- C:\ProgramData\elsterformular
[2012/11/16 12:58:46 | 000,000,000 | ---D | M] -- C:\ProgramData\EPSON
[2012/01/01 20:02:47 | 000,000,000 | ---D | M] -- C:\ProgramData\eSellerate
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/02/02 16:26:42 | 000,000,000 | ---D | M] -- C:\ProgramData\FlashFXP
[2012/10/09 21:49:26 | 000,000,000 | ---D | M] -- C:\ProgramData\HideIPEasy
[2013/01/24 08:07:30 | 000,000,000 | ---D | M] -- C:\ProgramData\iolo
[2011/11/30 00:15:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Origin
[2012/03/15 00:13:52 | 000,000,000 | ---D | M] -- C:\ProgramData\RapidSolution
[2013/01/10 10:15:51 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/11/16 06:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Roland DG Corporation
[2013/01/08 22:04:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Rosetta Stone
[2012/04/27 15:03:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Samsung
[2012/01/10 23:34:59 | 000,000,000 | ---D | M] -- C:\ProgramData\SlySoft
[2012/10/07 14:02:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Snappy Fax Server
[2012/01/01 19:50:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Sony
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/12/03 18:03:44 | 000,000,000 | ---D | M] -- C:\ProgramData\SuperHideIP
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/01/13 00:38:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Toshiba
[2011/11/28 16:44:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Toshiba Book Place
[2011/11/28 17:32:10 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2012/11/16 12:41:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Vodafone
[2011/11/28 17:06:07 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2012/01/01 22:41:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Win7codecs
[2011/11/28 17:26:36 | 000,000,000 | -HSD | M] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2013/01/22 05:57:00 | 000,000,910 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3710767384-924277198-688078733-1000Core.job
[2013/01/24 11:57:01 | 000,000,932 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3710767384-924277198-688078733-1000UA.job
[2013/01/25 04:45:52 | 000,032,572 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
         
--- --- ---

Geändert von faktorisator (25.01.2013 um 17:02 Uhr)

Alt 25.01.2013, 17:15   #2
ryder
/// TB-Ausbilder
 
GVU Trojaner, OTL.txt, OTL Auswertung - Standard

GVU Trojaner, OTL.txt, OTL Auswertung



Du arbeitest mit geklauter Software?
Sowas hier ...
Zitat:

O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 Registration wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com Adobe wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET
... macht nur dann Sinn, wenn man eine illegale Kopie betreiben will.

Supportstopp: Cracks oder Keygens

Lesestoff:
Cracks und Keygens
Den Kopierschutz von Software zu umgehen ist nach geltendem Recht illegal. Die Logfiles deuten stark darauf hin, dass du Cracks oder Keygeneratoren einsetzt oder den Kopierschutz von installierten Programmen umgehst. Bitte habe Verständnis dafür, dass wir dies nicht unterstützen können und dürfen. Zudem ist diese Art Software sehr oft mit Schädlingen infiziert.

Unsere Hilfe beschränkt sich daher nur auf das Neuaufsetzen deines Systems. Fragen dazu beantworten wir dir aber weiterhin gerne und zwar in unserem Forum.


Damit ist das Thema beendet.
__________________

__________________

Alt 25.01.2013, 17:27   #3
faktorisator
 
GVU Trojaner, OTL.txt, OTL Auswertung - Standard

GVU Trojaner, OTL.txt, OTL Auswertung



Vielen Dank ...trotzdem. Habe den Computer geschenkt bekommen. würde jetzt leibend gerne die software deinstallieren die illegal ist...kann ich das denn jetzt noch machen?
__________________

Antwort

Themen zu GVU Trojaner, OTL.txt, OTL Auswertung
anfänger, anwalt, appdata, auswertung, babylontoolbar, booten, brauche, device driver, dringend, entfernt, file, files, folge, forum, found, gvu trojaner, hotspot, install.exe, java, laptop, launch, limited.com/facebook, meldung, microsoft, neu, not, otl auswertung, otl.txt, roaming, start, start von windows, trojaner, updater.exe, warnmeldung, windows, windows 7



Ähnliche Themen: GVU Trojaner, OTL.txt, OTL Auswertung


  1. GVU Trojaner, OTL.txt, OTL Auswertung
    Log-Analyse und Auswertung - 24.02.2013 (2)
  2. Trojaner LOG - Auswertung
    Log-Analyse und Auswertung - 03.11.2012 (1)
  3. GVU-Trojaner Logfiles Auswertung
    Log-Analyse und Auswertung - 30.07.2012 (4)
  4. BKA Trojaner,Auswertung von Log OTL
    Log-Analyse und Auswertung - 30.07.2012 (25)
  5. GVU/BKA Trojaner OTL.log zur Auswertung
    Log-Analyse und Auswertung - 04.07.2012 (3)
  6. OTL Auswertung nach Hijackthis Online-Auswertung
    Log-Analyse und Auswertung - 11.11.2011 (3)
  7. BKA-Trojaner - Auswertung
    Plagegeister aller Art und deren Bekämpfung - 07.09.2011 (42)
  8. BKA Trojaner brauche LOG Auswertung
    Log-Analyse und Auswertung - 29.08.2011 (17)
  9. BKA-Trojaner Log-Auswertung
    Log-Analyse und Auswertung - 19.08.2011 (1)
  10. BKA-Trojaner LOG-AUswertung
    Log-Analyse und Auswertung - 11.08.2011 (11)
  11. BKA Trojaner - Auswertung der Logdatei
    Log-Analyse und Auswertung - 27.07.2011 (1)
  12. Auswertung BKA/Trojaner
    Log-Analyse und Auswertung - 19.06.2011 (8)
  13. BKA-Trojaner otl.txt auswertung
    Log-Analyse und Auswertung - 24.05.2011 (4)
  14. Auswertung Trojaner ?!
    Log-Analyse und Auswertung - 24.08.2008 (3)
  15. Trojaner auswertung gebeten !??
    Log-Analyse und Auswertung - 29.12.2007 (0)
  16. Trojaner? Bitte um auswertung
    Log-Analyse und Auswertung - 28.12.2007 (0)
  17. Log 'Auswertung, Trojaner? Problem
    Log-Analyse und Auswertung - 25.08.2006 (4)

Zum Thema GVU Trojaner, OTL.txt, OTL Auswertung - Hallo! Bin Anfänger aber habe mich mit viel Kaffee und mit euerem Forum mich die ganze letzte nacht und den ganzen Tag vorgearbeitet. Ich brauche meinen LAptop dringend für die - GVU Trojaner, OTL.txt, OTL Auswertung...
Archiv
Du betrachtest: GVU Trojaner, OTL.txt, OTL Auswertung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.