Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
www.searchqu.com/410 als Startseite trotz Kaspersky

www.searchqu.com/410 als Startseite trotz Kaspersky


Log-Analyse und Auswertung: www.searchqu.com/410 als Startseite trotz Kaspersky

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 03.08.2011, 23:29   #1
Clarissa
 
www.searchqu.com/410 als Startseite trotz Kaspersky - Standard

www.searchqu.com/410 als Startseite trotz Kaspersky


Hallo,
bei mir hat sich als Internet Startseite www.searchqu.com/410 eingenistet. Der PC konnte auch nicht mehr herunterfahren oder zeigte einen blauen Monitor. Kaspersky findet nichts auffälliges. HighJackThis hat was gefunden, wir konnten es aber nicht vom Computer eliminieren.
Beim googeln habe ich nur Hinweise auf searchqu.com/406 gefunden, weiß aber nicht, ob die Ratschläge auch für 410 gelten.
Ich habe jetzt Gmer, OTL und defogger ausgeführt.
OTL ist so:
OTL logfile created on: 03.08.2011 15:59:55 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Aspire\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,99 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 52,58% Memory free
4,21 Gb Paging File | 2,55 Gb Available in Paging File | 60,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51,14 Gb Total Space | 13,25 Gb Free Space | 25,90% Space Free | Partition Type: NTFS
Drive D: | 50,89 Gb Total Space | 35,04 Gb Free Space | 68,86% Space Free | Partition Type: NTFS

Computer Name: ASPIRE-PC | User Name: Aspire | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.08.03 15:57:34 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Aspire\Desktop\OTL.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.13 15:39:50 | 000,387,696 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe
PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.12.14 16:49:23 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
PRC - [2009.12.07 13:23:08 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.09.02 10:44:22 | 000,315,478 | ---- | M] (IVT Corporation) -- C:\Programme\IVT Corporation\BlueSoleil\BtTray.exe
PRC - [2009.09.02 10:41:24 | 001,466,476 | ---- | M] (IVT Corporation) -- C:\Programme\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2009.09.02 10:41:06 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Programme\IVT Corporation\BlueSoleil\BsHelpCS.exe
PRC - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.12.10 15:43:05 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008.08.03 14:42:03 | 002,641,920 | ---- | M] (pdfforge hxxp://www.pdfforge.org/) -- C:\Programme\PDFCreator\PDFCreator.exe
PRC - [2008.06.02 18:58:45 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Aspire\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2008.03.17 18:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.07.16 07:51:44 | 000,768,520 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
PRC - [2007.07.06 05:06:00 | 004,669,440 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.06.21 18:25:46 | 000,118,464 | ---- | M] () -- C:\Programme\Acer\Acer Arcade\Kernel\TV\CLSched.exe
PRC - [2007.06.21 18:25:44 | 000,257,736 | ---- | M] () -- C:\Programme\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
PRC - [2007.06.21 18:25:22 | 000,155,648 | ---- | M] (CyberLink Corp.) -- C:\Programme\Acer\Acer Arcade\PCMService.exe
PRC - [2007.06.21 18:24:12 | 001,076,832 | ---- | M] (Cyberlink) -- C:\Programme\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
PRC - [2007.05.16 22:15:22 | 000,163,840 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007.05.16 18:37:26 | 000,528,384 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007.05.10 23:46:20 | 000,624,248 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2007.05.10 14:05:36 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007.04.25 16:34:30 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007.04.25 16:33:36 | 000,457,216 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
PRC - [2007.04.25 11:35:56 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2007.03.14 10:52:30 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007.02.13 07:26:50 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007.02.10 15:29:54 | 029,178,224 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2007.02.10 05:29:56 | 000,089,968 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2007.02.09 07:35:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007.02.08 01:13:48 | 000,774,168 | ---- | M] () -- C:\Programme\Logitech\QuickCam10\QuickCam10.exe
PRC - [2007.02.08 01:12:48 | 000,488,984 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007.02.08 01:12:20 | 000,230,936 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2007.02.06 17:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) -- c:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007.02.06 17:43:26 | 000,252,704 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\LogiShrd\LComMgr\LVComSX.exe
PRC - [2007.01.26 14:24:42 | 000,050,688 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2006.11.24 12:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2006.10.05 06:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe


========== Modules (SafeList) ==========

MOD - [2011.08.03 15:57:34 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Aspire\Desktop\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2007.02.06 17:45:14 | 000,092,960 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.13 15:39:50 | 000,387,696 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe -- (AVP)
SRV - [2009.09.02 10:41:24 | 001,466,476 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2009.09.02 10:41:06 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.12.10 15:43:05 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.06.21 18:25:46 | 000,118,464 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007.06.21 18:25:44 | 000,257,736 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2007.06.21 18:24:12 | 001,076,832 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2007.05.16 22:15:22 | 000,163,840 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007.05.10 14:05:36 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007.04.25 16:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007.03.20 17:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2007.03.14 10:52:30 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007.02.13 07:26:50 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007.02.06 17:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Programme\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007.02.06 17:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007.01.26 14:24:42 | 000,050,688 | ---- | M] () [Auto | Running] -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService)
SRV - [2006.11.24 12:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2006.10.05 06:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)


========== Driver Services (SafeList) ==========

DRV - [2011.05.18 11:26:04 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010.06.09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010.06.09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010.04.22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009.11.02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.07.08 11:17:36 | 000,039,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2009.06.17 15:02:46 | 000,029,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2009.06.17 15:02:40 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2009.06.17 15:01:42 | 000,025,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2009.06.17 15:01:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009.06.17 15:01:10 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2009.06.17 15:01:04 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2007.06.18 12:03:32 | 000,737,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.06.14 04:33:26 | 000,154,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007.03.09 08:56:04 | 001,163,616 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007.02.06 17:45:04 | 000,025,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007.02.06 17:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007.02.06 17:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007.02.03 20:32:45 | 001,939,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) QuickCam for Notebooks Deluxe(UVC)
DRV - [2007.02.03 20:32:34 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.02.03 20:30:57 | 001,507,232 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007.01.30 07:23:30 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006.12.07 19:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006.11.02 15:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Programme\Launch Manager\DPortIO.sys -- (DritekPortIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/410"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.04.25 20:57:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.04.25 20:57:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.25 22:47:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.20 09:56:07 | 000,000,000 | ---D | M]

[2011.07.28 00:49:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aspire\AppData\Roaming\mozilla\Extensions
[2011.07.22 01:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aspire\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2011.08.02 07:29:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aspire\AppData\Roaming\mozilla\Firefox\Profiles\ap5662b6.default\extensions
[2010.04.27 21:54:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Aspire\AppData\Roaming\mozilla\Firefox\Profiles\ap5662b6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.08.02 07:29:38 | 000,000,000 | ---D | M] (Softonic Deutsch Community Toolbar) -- C:\Users\Aspire\AppData\Roaming\mozilla\Firefox\Profiles\ap5662b6.default\extensions\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}
[2009.10.14 12:40:37 | 000,000,000 | ---D | M] (CLEO) -- C:\Users\Aspire\AppData\Roaming\mozilla\Firefox\Profiles\ap5662b6.default\extensions\CLEO@guid.customsoftwareconsult.com
[2011.04.02 09:54:45 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Aspire\AppData\Roaming\mozilla\Firefox\Profiles\ap5662b6.default\extensions\engine@conduit.com
[2010.06.12 12:42:29 | 000,001,595 | ---- | M] () -- C:\Users\Aspire\AppData\Roaming\Mozilla\Firefox\Profiles\ap5662b6.default\searchplugins\ixquick---deutsch.xml
[2011.07.22 00:00:44 | 000,002,497 | ---- | M] () -- C:\Users\Aspire\AppData\Roaming\Mozilla\Firefox\Profiles\ap5662b6.default\searchplugins\SearchResults.xml
[2011.07.28 00:49:55 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.01.14 11:25:29 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.04.29 13:43:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.27 17:37:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.27 00:32:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.26 19:02:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.26 20:01:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.26 12:54:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.05.18 11:29:17 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2011.05.18 11:29:06 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) --
[2008.10.23 12:11:09 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
[2008.10.23 11:56:33 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008.11.09 17:27:56 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2008.12.03 16:13:39 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.05.12 17:56:59 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.08.08 15:01:28 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.10.20 23:04:29 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009.11.09 18:10:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.04.05 13:59:03 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2010.04.29 13:43:19 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.27 17:37:50 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.27 00:32:40 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.26 19:02:59 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.26 20:01:10 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.26 12:54:47 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.06.25 22:47:51 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.05.09 20:43:38 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.09 20:43:38 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.05.09 20:43:38 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.09 20:43:38 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.07.22 00:00:44 | 000,002,497 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2011.05.09 20:43:38 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.09 20:43:38 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Programme\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BtTray] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Acer\Acer Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\ie_banner_deny.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 11\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: D:\Eigene Dateien\Neuer Ordner\Dojo\2011_2_11 Dojo am Samstag (2).JPG
O24 - Desktop BackupWallPaper: D:\Eigene Dateien\Neuer Ordner\Dojo\2011_2_11 Dojo am Samstag (2).JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{202eb9d8-34f8-11e0-b5ef-001b38c87f56}\Shell - "" = AutoRun
O33 - MountPoints2\{202eb9d8-34f8-11e0-b5ef-001b38c87f56}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{8fcdae59-ad4a-11e0-b56c-001583430b58}\Shell - "" = AutoRun
O33 - MountPoints2\{8fcdae59-ad4a-11e0-b56c-001583430b58}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{a40c519c-126c-11de-8ded-001b38c87f56}\Shell\AutoRun\command - "" = F:\Menu.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} -
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E35EB9E4-704E-26B0-3B2C-A3F7E0E90858} - LightScribe Control Panel
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.08.03 15:57:24 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Aspire\Desktop\OTL.exe
[2011.08.03 12:13:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.07.22 15:18:30 | 000,000,000 | ---D | C] -- C:\Users\Aspire\AppData\Roaming\Philips
[2011.07.22 01:53:39 | 000,000,000 | ---D | C] -- C:\Users\Aspire\AppData\Roaming\Philips-Songbird
[2011.07.22 01:53:39 | 000,000,000 | ---D | C] -- C:\Users\Aspire\AppData\Local\Philips-Songbird
[2011.07.22 01:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\{F0489EF2-D393-4114-85BA-A94D71D89543}
[2011.07.22 01:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Philips
[2011.07.22 00:00:23 | 000,000,000 | ---D | C] -- C:\Program Files\Free mp3 Wma Converter
[2010.03.09 00:04:05 | 013,277,728 | ---- | C] (LightScribe ) -- C:\Program Files\LS_Update_1.18.11.1_.exe
[2009.05.12 00:06:51 | 006,757,033 | ---- | C] (AliveMedia, Inc. ) -- C:\Program Files\AliveVideoConverter.exe
[2007.12.25 03:01:44 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2007.08.24 17:44:16 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

========== Files - Modified Within 30 Days ==========

[2011.08.03 15:57:34 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Aspire\Desktop\OTL.exe
[2011.08.03 15:54:44 | 000,000,000 | ---- | M] () -- C:\Users\Aspire\defogger_reenable
[2011.08.03 15:53:52 | 000,050,477 | ---- | M] () -- C:\Users\Aspire\Desktop\Defogger.exe
[2011.08.03 15:31:59 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.03 15:31:59 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.03 15:31:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.03 12:45:21 | 000,685,712 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.08.03 12:45:21 | 000,638,454 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.08.03 12:45:21 | 000,149,906 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.08.03 12:45:21 | 000,117,462 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.08.03 12:38:55 | 000,000,931 | ---- | M] () -- C:\Windows\System32\bscs.ini
[2011.08.03 12:38:40 | 2137,071,616 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.03 12:13:29 | 197,728,943 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.08.02 11:55:52 | 000,072,192 | ---- | M] () -- C:\Users\Aspire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.31 12:11:11 | 000,183,203 | ---- | M] () -- C:\Users\Aspire\Desktop\bahnticket.pdf
[2011.07.28 10:44:10 | 000,006,780 | ---- | M] () -- D:\Eigene Dateien\Neuer Ordner (2)\cc_20110728_104302.reg
[2011.07.25 21:06:51 | 000,465,350 | ---- | M] () -- C:\Users\Aspire\Desktop\Ankündigung_24-25-Sept-2011_Flyer.pdf
[2011.07.24 11:30:30 | 000,009,394 | ---- | M] () -- C:\Users\Aspire\Desktop\RS-20110714862.pdf
[2011.07.20 22:22:20 | 000,005,063 | ---- | M] () -- C:\Windows\System32\LOCALSERVICE.INI
[2011.07.15 17:34:17 | 000,000,129 | ---- | M] () -- C:\Windows\System32\REMOTEDEVICE.INI
[2011.07.15 17:32:52 | 000,000,101 | ---- | M] () -- C:\Windows\System32\LOCALDEVICE.INI
[2011.07.13 14:22:45 | 001,673,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011.08.03 15:54:44 | 000,000,000 | ---- | C] () -- C:\Users\Aspire\defogger_reenable
[2011.08.03 15:53:47 | 000,050,477 | ---- | C] () -- C:\Users\Aspire\Desktop\Defogger.exe
[2011.08.03 12:13:29 | 197,728,943 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.07.31 12:11:08 | 000,183,203 | ---- | C] () -- C:\Users\Aspire\Desktop\bahnticket.pdf
[2011.07.28 10:43:22 | 000,006,780 | ---- | C] () -- D:\Eigene Dateien\Neuer Ordner (2)\cc_20110728_104302.reg
[2011.07.25 21:06:49 | 000,465,350 | ---- | C] () -- C:\Users\Aspire\Desktop\Ankündigung_24-25-Sept-2011_Flyer.pdf
[2011.07.24 11:30:26 | 000,009,394 | ---- | C] () -- C:\Users\Aspire\Desktop\RS-20110714862.pdf
[2011.05.18 11:28:33 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011.05.18 11:28:33 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011.02.04 23:42:20 | 000,000,788 | ---- | C] () -- C:\Windows\System32\SHORTCUT.INI
[2011.02.04 23:41:35 | 000,000,129 | ---- | C] () -- C:\Windows\System32\REMOTEDEVICE.INI
[2011.02.04 23:41:30 | 000,005,063 | ---- | C] () -- C:\Windows\System32\LOCALSERVICE.INI
[2011.02.04 23:41:27 | 000,000,101 | ---- | C] () -- C:\Windows\System32\LOCALDEVICE.INI
[2011.02.04 23:34:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\BSPRINT.INI
[2011.02.04 23:22:26 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011.01.23 14:16:36 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010.05.17 12:14:59 | 000,050,127 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010.05.05 22:53:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.09.09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009.09.07 16:42:42 | 000,000,931 | ---- | C] () -- C:\Windows\System32\bscs.ini
[2009.09.02 10:39:46 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BsMobileCSps.dll
[2009.06.21 15:15:43 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2009.06.17 15:02:46 | 000,029,192 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2009.06.15 22:39:32 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.06.15 22:39:29 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.05.29 15:02:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.29 15:02:47 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.04.22 14:24:19 | 000,000,199 | ---- | C] () -- C:\Windows\QTW.INI
[2009.04.22 14:22:38 | 000,000,013 | ---- | C] () -- C:\Windows\inform.ini
[2008.12.10 16:19:14 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008.09.19 21:01:34 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.22 22:14:17 | 000,038,979 | ---- | C] () -- C:\Users\Aspire\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2008.06.29 16:29:40 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini
[2008.06.25 15:03:54 | 000,000,680 | ---- | C] () -- C:\Users\Aspire\AppData\Local\d3d9caps.dat
[2008.06.15 22:23:20 | 000,072,192 | ---- | C] () -- C:\Users\Aspire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.15 18:09:21 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.12.25 12:24:29 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2007.12.25 12:24:22 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2007.12.25 03:01:44 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2007.08.27 18:53:22 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007.08.25 01:09:41 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007.08.25 01:09:41 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007.08.25 01:09:41 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1280.dll
[2007.08.24 17:51:16 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007.08.24 17:45:21 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007.08.24 17:45:21 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007.08.24 17:44:13 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007.04.25 16:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007.04.25 16:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007.04.25 16:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007.04.25 16:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007.04.25 16:30:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007.04.25 16:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2007.02.06 17:45:04 | 000,025,632 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2007.02.06 17:42:40 | 001,691,808 | ---- | C] () -- C:\Windows\System32\drivers\Lvckap.sys
[2006.12.25 15:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006.11.13 05:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin
[2006.11.02 17:38:05 | 000,685,712 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:38:05 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:38:05 | 000,149,906 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:38:05 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:44:53 | 001,673,144 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,638,454 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,117,462 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2010.05.07 16:04:19 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\AnvSoft
[2009.12.13 14:55:49 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\Any Video Converter
[2011.01.23 13:48:17 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\Audacity
[2009.07.28 00:44:48 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\Canneverbe_Limited
[2008.10.26 15:59:35 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\Canon
[2009.06.29 11:28:53 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\CD Art Display
[2008.10.23 13:08:43 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\DriveHQ
[2009.04.15 15:36:36 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\Engelmann Media
[2008.10.23 14:00:07 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\FileZilla
[2008.10.26 19:43:53 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\Flood Light Games
[2011.01.23 14:16:42 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\FreeAudioPack
[2011.01.25 00:05:57 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\FreeCDRipper
[2008.08.05 00:01:18 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\Gaijin Ent
[2008.06.02 19:17:52 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\gtopala
[2008.10.25 22:37:26 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\Inkscape
[2011.07.22 15:18:30 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\Philips
[2011.07.22 01:53:39 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\Philips-Songbird
[2010.05.30 20:56:48 | 000,000,000 | ---D | M] -- C:\Users\Aspire\AppData\Roaming\Steganos
[2011.08.03 12:28:55 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*. >
[2008.07.23 11:49:30 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2008.06.02 18:58:25 | 000,000,000 | ---D | M] -- C:\Acer
[2008.07.06 18:49:35 | 000,000,000 | ---D | M] -- C:\ACERSW
[2007.08.25 01:09:12 | 000,000,000 | ---D | M] -- C:\Book
[2009.05.29 15:35:00 | 000,000,000 | -HSD | M] -- C:\Boot
[2006.11.02 14:59:44 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2008.06.02 18:53:15 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2007.08.25 01:09:12 | 000,000,000 | ---D | M] -- C:\DRV
[2007.08.24 16:48:45 | 000,000,000 | ---D | M] -- C:\Intel
[2007.08.24 17:54:21 | 000,000,000 | ---D | M] -- C:\MyWorks
[2008.07.07 10:57:03 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.07.28 00:54:23 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.07.22 01:52:04 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2008.06.02 18:53:15 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.08.03 16:05:05 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2007.08.24 17:36:32 | 000,000,000 | ---D | M] -- C:\TEM
[2008.07.29 17:49:05 | 000,000,000 | R--D | M] -- C:\Users
[2011.08.03 12:13:36 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >
[2009.05.12 00:03:50 | 006,757,033 | ---- | M] (AliveMedia, Inc. ) -- C:\Program Files\AliveVideoConverter.exe
[2010.03.09 00:04:08 | 013,277,728 | ---- | M] (LightScribe ) -- C:\Program Files\LS_Update_1.18.11.1_.exe

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >


< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.06.15 21:25:38 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.06.15 21:25:37 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: REGEDIT.EXE >
[2008.01.19 09:33:24 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.19 09:33:24 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
[2006.11.02 11:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe

< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WININIT.EXE >
[2008.01.19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-02 05:40:33

========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:FB1B13D8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:1198CD34
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:05113FB9
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:A6116FBB
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:211ED887

< End of report >

Gmer und Extras sind angefügt. Ich hoffe, dass alles vollständig ist.
Bitte um Hilfe.
Gruß
Clarissa

 

Themen zu www.searchqu.com/410 als Startseite trotz Kaspersky
0x00000001, als startseite, alternate, autorun, bho, bonjour, c:\windows\system32\rundll32.exe, canon, cdburnerxp, computer, conduit, defender, error, excel, excel.exe, firefox, format, highjackthis, home, internet, kaspersky, launch, logfile, mp3, plug-in, popup, realtek, registry, rundll, scan, searchqu.com/410 als internetstartseite, security, softonic, softonic deutsch toolbar, software, tastatur, trojaner, vista, wma


« Windows 7 hängt sich bei Herunterfahren auf | BKA Trojaner , OTLfix »


Ähnliche Themen: www.searchqu.com/410 als Startseite trotz Kaspersky


  1. Vista - Malwarebytes findet http://www.searchqu.com/406 und PUP.Optional.Searchqu.A
    Log-Analyse und Auswertung - 16.09.2013 (5)
  2. searchqu.com als Startseite in Mozilla Firefox und IE
    Log-Analyse und Auswertung - 06.10.2012 (11)
  3. http://searchqu.com/410 als Startseite – gut oder bösartig? Logs anbei.
    Log-Analyse und Auswertung - 15.07.2012 (11)
  4. ungewollte startseite "http://www.searchqu.com/410"
    Plagegeister aller Art und deren Bekämpfung - 10.01.2012 (11)
  5. als startseite erscheint "http://www.searchqu.com/410"
    Plagegeister aller Art und deren Bekämpfung - 09.01.2012 (10)
  6. Searchqu Startseite im Mozilla lässt sich nicht löschen
    Log-Analyse und Auswertung - 20.12.2011 (18)
  7. http://www.searchqu.com/410 als Startseite - Frust!
    Log-Analyse und Auswertung - 13.12.2011 (10)
  8. Startseite www.searchqu.com/406
    Plagegeister aller Art und deren Bekämpfung - 02.12.2011 (5)
  9. www.searchqu.com/410 als Startseite trotz Antivir "Trojaner verdacht"
    Log-Analyse und Auswertung - 27.09.2011 (42)
  10. Startseite der Browser wird immer mit http://www.searchqu.com/406 gestartet
    Log-Analyse und Auswertung - 26.07.2011 (24)
  11. www.searchqu.com/406 = unveränderbare startseite im firefox
    Log-Analyse und Auswertung - 21.07.2011 (10)
  12. http://www.searchqu.com/406 als Startseite bekomme es nicht weg
    Plagegeister aller Art und deren Bekämpfung - 07.07.2011 (1)
  13. <www.searchqu.com/406> als Startseite - nicht wegzukriegen!
    Log-Analyse und Auswertung - 05.07.2011 (31)
  14. Startseite wird immer mit http://www.searchqu.com/406 gestartet
    Plagegeister aller Art und deren Bekämpfung - 18.06.2011 (5)
  15. http://www.searchqu.com - ändert die Startseite .
    Log-Analyse und Auswertung - 04.05.2011 (1)
  16. searchqu startseite
    Mülltonne - 27.04.2011 (0)
  17. w*w.searchqu.com/403 ungewollte "Startseite" in Firefox
    Plagegeister aller Art und deren Bekämpfung - 27.01.2011 (17)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema www.searchqu.com/410 als Startseite trotz Kaspersky - Hallo, bei mir hat sich als Internet Startseite www.searchqu.com/410 eingenistet. Der PC konnte auch nicht mehr herunterfahren oder zeigte einen blauen Monitor. Kaspersky findet nichts auffälliges. HighJackThis hat was gefunden, - www.searchqu.com/410 als Startseite trotz Kaspersky...
Archiv
Du betrachtest: www.searchqu.com/410 als Startseite trotz Kaspersky auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131