Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne

Mülltonne: (2x) bka virus hat die dateien unlesbar gemacht...otl text in der beschreibung

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 05.06.2012, 22:37   #1
hhh
 
(2x) bka virus hat die dateien unlesbar gemacht...otl text in der beschreibung - Standard

(2x) bka virus hat die dateien unlesbar gemacht...otl text in der beschreibung



hallo, ich habe den bka virus eingefangen und suche dringend hilfe. habe otl laufen lassen und malware läuft gerade. alles weiter kommt später.

als studentin mit termindruck und unistress hoffe ich auf hilfe

All processes killed
========== OTL ==========
HKLM\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Program Files\Winload\tbWin0.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{e36df325-3f4b-476f-8f89-123bc5d51a30} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e36df325-3f4b-476f-8f89-123bc5d51a30}\ not found.
File C:\Program Files\ClipGrab\prxtbClip.dll not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Unable to set value : HKU\Christian_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page| /E!
Unable to set value : HKU\Christian_ON_C\Software\Microsoft\Internet Explorer\Main\\StartPageCache| /E!
Registry key HKEY_USERS\Christian_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_USERS\Christian_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Program Files\Winload\tbWin0.dll not found.
Registry key HKEY_USERS\Christian_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e36df325-3f4b-476f-8f89-123bc5d51a30}\ not found.
File C:\Program Files\ClipGrab\prxtbClip.dll not found.
Prefs.js: "hxxp://www.tram-tram.de.vu/" removed from browser.startup.homepage
Prefs.js: toolbar@ask.com:3.12.2.16749 removed from extensions.enabledItems
Prefs.js: sparweltgutscheinewl@sparwelt.de:1.0 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry key HKEY_USERS\Christian_ON_C\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Users\Christian\AppData\Roaming\Qeyl\byuci.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\Christian_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\Christian_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File E:\AUTOMODE not found.
File X:\AUTORUN.INF not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
Unable to delete ADS C:\ProgramData\TEMP:0EE09C55 .
Unable to delete ADS C:\Users\Christian\Documents\Ihre Abobestellung von www_eisenbahnwelt_de.eml:OECustomProperty .
Unable to delete ADS C:\Users\Christian\Documents\Willkommen auf „js-home_org“***.eml:OECustomProperty .
Unable to delete ADS C:\Users\Christian\Documents\Schaden ***.eml:OECustomProperty .
Unable to delete ADS C:\Users\Christian\Documents\Eventim***.eml:OECustomProperty .
Unable to delete ADS C:\Users\Christian\Documents\MOTOR-TALK_***.eml:OECustomProperty .
Unable to delete ADS C:\ProgramData\TEMP:E88BE39E .
========== FILES ==========
File\Folder C:\Users\Christian\AppData\Roaming\Qeyl\byuci.exe not found.
File\Folder C:\Users\Christian\AppData\Roaming\Qeyl not found.
File\Folder C:\Users\Christian\AppData\Roaming\Emaxu not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Blumentapete\Downloads\cmd.bat deleted successfully.
C:\Users\Blumentapete\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Blumentapete
->Temp folder emptied: 1644684594 bytes
->Temporary Internet Files folder emptied: 355883855 bytes
->Java cache emptied: 2002 bytes
->FireFox cache emptied: 1102314960 bytes
->Google Chrome cache emptied: 7328279 bytes
->Opera cache emptied: 2156703 bytes
->Flash cache emptied: 7897881 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 2836 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 297471381 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes
RecycleBin emptied: 43272665591 bytes

Total Files Cleaned = 44.528,00 mb


OTL by OldTimer - Version 3.2.46.1 log created on 06052012_203827

Files\Folders moved on Reboot...
C:\Users\Blumentapete\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...




...................................................................................................................................................... ...................................................................................................................................................... ....................................................................................................





die ergebnisse von malware:

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.05.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Blumentapete :: BLUMENTAPETE-PC [Administrator]

Schutz: Aktiviert

05.06.2012 21:15:49
mbam-log-2012-06-05 (21-15-49).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 409422
Laufzeit: 1 Stunde(n), 20 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Blumentapete\Downloads\SoftonicDownloader_fuer_euchler-haushaltsbuch.exe (PUP.BundleOffer.Downloader.S) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)



...................................................................................................................................................... .................................................



die cc cleaner file:


Acer 3G Connection Manager Huawei Technologies Co.,Ltd 23.05.2012 13.001.07.04.470
Acer Arcade Deluxe CyberLink Corp. 16.09.2009 96,4MB 3.0.6821
Acer Backup Manager NewTech Infosystems 21.08.2009 23,1MB 2.0.0.22
Acer Crystal Eye Webcam Suyin Optronics Corp 16.09.2009 5.2.7.1
Acer ePower Management Acer Incorporated 16.09.2009 4.05.3002
Acer eRecovery Management Acer Incorporated 16.09.2009 4.05.3003
Acer GameZone Console Oberon Media, Inc. 21.08.2009 5.1.0.2
Acer GridVista Acer Inc. 16.09.2009 3.01.0730
Acer Registration Acer Incorporated 16.09.2009 1.02.3004
Acer ScreenSaver Acer Incorporated 16.09.2009 1.5.0715
Acer Updater Acer Incorporated 20.08.2009 1.01.3014
Acrobat.com Adobe Systems Incorporated 20.08.2009 1,61MB 1.6.65
Adobe AIR Adobe Systems Inc. 21.08.2009 1.5.0.7220
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 16.09.2009 10.0.22.87
Adobe Flash Player 11 Plugin 64-bit Adobe Systems Incorporated 05.05.2012 6,00MB 11.2.202.235
Adobe Reader 9.4.5 - Deutsch Adobe Systems Incorporated 18.06.2011 168,0MB 9.4.5
Age of Mythology Gold Microsoft 10.07.2010 1.0
ANNO 1404 Ubisoft 23.12.2009 1.00.0000
ArtMoney SE v7.33 System SoftLab 10.08.2010 7.33
Ask Toolbar Ask.com 19.05.2012 3,75MB 1.13.2.0
ATI Catalyst Install Manager ATI Technologies, Inc. 16.09.2009 18,2MB 3.0.732.0
Avira AntiVir Premium Avira GmbH 14.02.2012 83,6MB 10.2.0.735
BlueShot 1.1.0 14.02.2010
Broadcom Gigabit NetLink Controller Broadcom Corporation 20.08.2009 0,45MB 12.26.02
Brother HL-2035 Brother 08.12.2010 1.00
Canon RAW Codec Canon Inc. 03.08.2011 1.8.0.68
Carambis Driver Updater MEDIA FOG LTD 19.05.2012 2.0.0.4701
CCleaner Piriform 22.05.2012 3.19
CDex extraction audio 01.08.2010
Cinergy T Stick RC V9.06.3.01 22.11.2011 9.06.3.01
Compatibility Pack für 2007 Office System Microsoft Corporation 09.05.2012 205MB 12.0.6612.1000
DivX Player DivX, Inc. 19.12.2009 7.2.0
DivX Plus DirectShow Filters DivX, Inc. 05.05.2010
DivX-Setup DivX, LLC 12.05.2011 2.5.0.8
Dropbox Dropbox, Inc. 25.05.2012 1.4.7
Free_Lunch_Design Toolbar 11.06.2010
FRITZ!DSL64 04.03.2011 7,64MB
GNU Backgammon (MAIN branch, 20110117 code) Free Software Foundation 20.01.2011
Google Chrome Google Inc. 03.04.2012 19.0.1084.52
Google Earth Plug-in Google 17.11.2011 40,9MB 6.1.0.5001
Identity Card Acer Incorporated 16.09.2009 1.00.3001
Intel® Matrix Storage Manager Intel Corporation 16.09.2009
Java(TM) 6 Update 29 Oracle 03.02.2011 97,1MB 6.0.290
Launch Manager Acer Inc. 16.09.2009 3.0.03
LSI HDA Modem LSI Corporation 16.09.2009 16,00KB 2.1.94
Malwarebytes Anti-Malware Version 1.61.0.1400 Malwarebytes Corporation 04.06.2012 18,0MB 1.61.0.1400
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 12.12.2010 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 12.12.2010 2,94MB 4.0.30319
Microsoft Office Enterprise 2007 Microsoft Corporation 08.03.2012 12.0.6612.1000
Microsoft Office File Validation Add-In Microsoft Corporation 05.10.2011 7,95MB 14.0.5130.5003
Microsoft Office Live Add-in 1.5 Microsoft Corporation 19.04.2012 0,50MB 2.0.4024.1
Microsoft Office Suite Activation Assistant Microsoft Corporation 21.08.2009 8,37MB 2.9
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs Microsoft Corporation 16.08.2010 0,13MB 12.0.4518.1014
Microsoft Silverlight Microsoft Corporation 09.05.2012 186,3MB 4.1.10329.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 16.09.2009 1,72MB 3.1.0000
Microsoft SQL Server Compact 3.5 SP1 English Microsoft Corporation 05.06.2010 2,59MB 3.5.5692.0
Microsoft SQL Server Compact 3.5 SP1 x64 English Microsoft Corporation 05.06.2010 3,69MB 3.5.5692.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 16.12.2009 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 16.12.2009 0,24MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.06.2011 0,29MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 16.09.2009 0,68MB 8.0.61000
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 13.04.2011 0,57MB 8.0.51011
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Corporation 06.03.2011 0,21MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 13.04.2011 0,77MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 13.04.2011 0,58MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 04.03.2011 0,77MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 15.06.2011 0,77MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 04.03.2011 0,23MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 15.12.2009 0,58MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 02.10.2010 0,58MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.06.2011 0,59MB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 19.05.2012 11,0MB 10.0.30319
Microsoft Works Microsoft Corporation 11.04.2012 1.210MB 9.7.0621
Mozilla Firefox 12.0 (x86 de) Mozilla 24.04.2012 37,4MB 12.0
Mozilla Maintenance Service Mozilla 24.04.2012 0,21MB 12.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 16.12.2009 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 16.12.2009 1,33MB 4.20.9876.0
MSXML4 Parser Microsoft Game Studios 10.07.2010 78,00KB 1.0.0
MyWinLocker Egis Technology Inc. 21.08.2009 47,9MB 3.1.72.0
NTI Media Maker 8 NewTech Infosystems 20.08.2009 769MB 8.0.12.6619
OpenAL 13.06.2010
Option WWAN Driver Installer Option NV 18.05.2012 3.5.0.1138
PDF-XChange Viewer Tracker Software Products Ltd. 03.02.2011 43,8MB 2.5.191.0
Photo Transport CASIO COMPUTER CO., LTD. 06.12.2010 0,98MB 1.0.1
Picasa 3 Google, Inc. 15.08.2011 3.8
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 20.08.2009 6.1.7100.30093
softonic-de3 Toolbar softonic-de3 04.09.2010 5.7.1.1
Synaptics Pointing Device Driver Synaptics Incorporated 16.09.2009 13.2.2.0
System Architect 2.15 Harman Pro 05.06.2010 175,3MB 02.15.0006
TerraTec Home Cinema 22.11.2011 6.22.0
VLC media player 1.0.3 VideoLAN Team 16.12.2009 1.0.3
Welcome Center Acer Incorporated 16.09.2009 1.00.3005
Winamp Nullsoft, Inc 16.12.2009 5.56
Windows Live Anmelde-Assistent Microsoft Corporation 16.09.2009 1,94MB 5.000.818.5
Windows Live Essentials Microsoft Corporation 16.09.2009 14.0.8064.0206
Windows Live Sync Microsoft Corporation 16.09.2009 2,80MB 14.0.8064.206
Windows Live-Uploadtool Microsoft Corporation 16.09.2009 0,22MB 14.0.8014.1029
Windows Media Player Firefox Plugin Microsoft Corp 28.09.2010 0,29MB 1.0.0.8
WinRAR 4.11 (64-Bit) win.rar GmbH 03.05.2012 4.11.0
xp-AntiSpy 3.97-6 Christian Taubenheim 16.12.2009



...................................................................................................................................................... ...............................................




der neue otl-file


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 05.06.2012 22:57:54 - Run 1
OTL by OldTimer - Version 3.2.46.1     Folder = C:\Users\Blumentapete\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 64,80% Memory free
7,99 Gb Paging File | 6,26 Gb Available in Paging File | 78,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,97 Gb Total Space | 279,31 Gb Free Space | 61,66% Space Free | Partition Type: NTFS
Drive E: | 1397,26 Gb Total Space | 219,07 Gb Free Space | 15,68% Space Free | Partition Type: NTFS
 
Computer Name: BLUMENTAPETE-PC | User Name: Blumentapete | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.05 20:34:50 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Blumentapete\Downloads\OTL.exe
PRC - [2012.04.25 12:59:37 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.03.11 10:50:54 | 004,720,176 | ---- | M] (MEDIA FOG LTD.) -- C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe
PRC - [2011.11.17 19:29:26 | 000,901,800 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011.07.03 10:34:11 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.07.03 10:34:11 | 000,340,136 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2011.07.03 10:34:11 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.29 09:42:16 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.12.13 09:45:50 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009.08.27 22:48:32 | 001,194,504 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009.08.21 02:25:56 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009.08.21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009.08.07 11:18:54 | 000,311,592 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2009.08.07 11:18:42 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009.08.04 23:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009.08.04 21:45:00 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009.07.31 17:29:12 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2009.07.01 18:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2009.06.05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.06.04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2008.07.29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.06 09:03:42 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012.04.25 12:59:37 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.09.27 09:13:00 | 008,421,376 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\QtGui4.dll
MOD - [2011.09.27 09:13:00 | 002,334,720 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\QtCore4.dll
MOD - [2011.09.27 09:13:00 | 000,802,304 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\QtNetwork4.dll
MOD - [2011.09.27 09:13:00 | 000,357,888 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\QtXml4.dll
MOD - [2011.09.27 09:13:00 | 000,223,232 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\sqlite3.dll
MOD - [2011.09.27 09:13:00 | 000,060,416 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\CrashRpt.dll
MOD - [2011.09.27 09:13:00 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\imageformats\qico4.dll
MOD - [2011.03.21 20:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009.07.01 18:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
MOD - [2009.02.03 02:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2008.07.29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.11.20 15:26:50 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2009.07.14 03:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2009.07.14 03:41:56 | 000,381,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:64bit: - [2009.07.14 03:41:56 | 000,353,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:64bit: - [2009.07.14 03:41:56 | 000,076,800 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2009.07.02 23:16:06 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.04.25 12:59:37 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.03 10:34:11 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2011.07.03 10:34:11 | 000,340,136 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011.07.03 10:34:11 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.29 09:42:16 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.08.07 11:18:54 | 000,311,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.08.05 21:30:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.07.28 17:10:48 | 000,088,888 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.14 03:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009.06.04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.03.28 04:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Programme\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.03 10:34:12 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.07.03 10:34:12 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.25 12:18:18 | 000,513,656 | ---- | M] (ITETech                  ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF9035BDA)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2009.12.24 13:02:42 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009.12.24 13:02:42 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.12.24 12:47:09 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.10.05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009.07.02 23:51:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.20 13:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.06.20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009.06.19 06:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.06.05 02:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.06.03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009.04.07 03:31:08 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=273612099236l0398z125t4771w19r
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=273612099236l0398z125t4771w19r
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=273612099236l0398z125t4771w19r
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5738&r=273612099236l0398z125t4771w19r
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=110819&babsrc=HP_ss&mntrId=cc6e154c00000000000006265ca57ed9
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&babsrc=SP_ss&mntrId=cc6e154c00000000000006265ca57ed9
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE358DE358
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{A6FCD7BD-6F45-4C86-910F-9BC85D9E4E4A}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=kw&q={searchTerms}&locale=&apn_ptnrs=NY&apn_dtid=YYYYYYYYDE&apn_uid=4B1FCB06-70D1-4F66-95C7-ECDF649965CB&apn_sauid=802D244F-35E0-4A41-984A-BEA3D522E423&
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.ask.com/?l=dis&o=15768"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: autopager@mozilla.org:0.6.2.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=NDV&o=15765&locale=de_DE&apn_uid=4B1FCB06-70D1-4F66-95C7-ECDF649965CB&apn_ptnrs=NY&apn_sauid=802D244F-35E0-4A41-984A-BEA3D522E423&apn_dtid=YYYYYYYYDE&&q="
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Blumentapete\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Blumentapete\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.05.07 11:07:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 12:59:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.06.19 09:36:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 12:59:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.06.19 09:36:50 | 000,000,000 | ---D | M]
 
[2009.12.20 19:34:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blumentapete\AppData\Roaming\mozilla\Extensions
[2012.05.27 08:36:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blumentapete\AppData\Roaming\mozilla\Firefox\Profiles\0xg96o22.default\extensions
[2012.01.19 10:28:22 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Blumentapete\AppData\Roaming\mozilla\Firefox\Profiles\0xg96o22.default\extensions\ffxtlbr@babylon.com
[2012.06.05 19:12:04 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Blumentapete\AppData\Roaming\mozilla\Firefox\Profiles\0xg96o22.default\extensions\toolbar@ask.com
[2011.11.17 19:25:44 | 000,002,333 | ---- | M] () -- C:\Users\Blumentapete\AppData\Roaming\Mozilla\Firefox\Profiles\0xg96o22.default\searchplugins\OdyTGVOAsvroGr
[2009.12.24 12:47:34 | 000,002,055 | ---- | M] () -- C:\Users\Blumentapete\AppData\Roaming\Mozilla\Firefox\Profiles\0xg96o22.default\searchplugins\TgqxpsjXyluTVsUnevfOD
[2010.06.08 11:29:10 | 000,000,927 | ---- | M] () -- C:\Users\Blumentapete\AppData\Roaming\Mozilla\Firefox\Profiles\0xg96o22.default\searchplugins\TGyxNtJXUDQjfQUNeJ
[2012.06.04 10:17:24 | 000,000,947 | ---- | M] () -- C:\Users\Blumentapete\AppData\Roaming\Mozilla\Firefox\Profiles\0xg96o22.default\searchplugins\ysxfQjpevETftOndJ
[2012.01.18 11:04:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.04.25 12:59:37 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.01.11 13:22:42 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012.02.20 16:11:30 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.05.27 08:34:23 | 000,002,313 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.02.20 16:11:30 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.20 16:11:30 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.20 16:11:30 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.20 16:11:30 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.20 16:11:30 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" File not found
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files (x86)\Common Files\Adobe\Updater\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Driver Updater] C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe (MEDIA FOG LTD.)
O4 - HKCU..\Run: [SparVoip] "C:\Program Files (x86)\SparVoip.de\SparVoip\SparVoip.exe" -nosplash -minimized File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll (DivX, Inc.)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll (DivX, Inc.)
O4 - Startup: C:\Users\Blumentapete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Blumentapete\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1272A440-7811-44D2-8A4C-4134A9FEB67C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2644D09-F3FA-4E4A-9F4E-0CFA15777755}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.06.05 18:15:38 | 000,000,000 | RH-D | M] - E:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk E:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.05 22:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.06.05 22:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.06.05 21:09:23 | 000,000,000 | ---D | C] -- C:\Users\Blumentapete\AppData\Roaming\Malwarebytes
[2012.06.05 21:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.05 21:08:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.05 21:08:24 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.05 21:08:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.05 20:38:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.06.05 17:52:05 | 000,000,000 | ---D | C] -- C:\Users\Blumentapete\Desktop\Vertrag 2012
[2012.05.26 16:57:00 | 000,000,000 | ---D | C] -- C:\Users\Blumentapete\Desktop\Wisdom_In_Chains-The_Missing_Links-2012-k4
[2012.05.24 16:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 3G Connection Manager
[2012.05.24 16:57:50 | 000,216,576 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2012.05.24 16:57:50 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012.05.24 16:57:50 | 000,114,560 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbdev.sys
[2012.05.24 16:57:50 | 000,029,696 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2012.05.20 09:21:13 | 000,000,000 | ---D | C] -- C:\dell
[2012.05.20 09:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis
[2012.05.20 09:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.05.20 09:17:22 | 000,000,000 | ---D | C] -- C:\Users\Blumentapete\AppData\Roaming\Carambis
[2012.05.20 09:17:22 | 000,000,000 | ---D | C] -- C:\Users\Blumentapete\AppData\Local\APN
[2012.05.20 09:17:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Carambis
[2012.05.20 09:16:52 | 000,000,000 | ---D | C] -- C:\Users\Blumentapete\AppData\Local\TempDIR
[2012.05.20 09:15:47 | 000,000,000 | ---D | C] -- C:\Users\Blumentapete\Desktop\Wireless LAN_Intel_12.4.1.11_W7x64_A
[2012.05.18 14:24:07 | 000,000,000 | ---D | C] -- C:\Users\Blumentapete\Documents\CyberLink
[2012.05.18 14:22:48 | 000,000,000 | ---D | C] -- C:\Users\Blumentapete\AppData\Local\MediaServer
[2012.05.18 14:22:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2012.05.18 14:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\PDVD
[2012.05.18 14:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2012.05.18 13:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Option
[2012.05.18 13:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\3G_Option_5.1.30.0_W7x64W7x86_A
[2012.05.18 13:11:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer 3G Connection Manager
[2012.05.18 13:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\3G_Huawei_2.0.3.827_W7x86W7x64_A
[2012.05.18 13:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Chipset_Intel_9.1.1.1015_W7x64_A
[2012.05.14 20:54:27 | 000,000,000 | ---D | C] -- C:\Users\Blumentapete\Desktop\Musik
[2012.05.10 08:26:29 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.05.10 08:26:26 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.05.10 08:26:23 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.05.10 08:26:23 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.05.09 18:20:28 | 000,000,000 | ---D | C] -- C:\Users\Blumentapete\Documents\Gitarre
[2010.09.05 15:08:59 | 002,568,656 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files\install_flash_player-10-1.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.05 22:53:19 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.06.05 22:52:04 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.05 22:52:04 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.05 22:44:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.05 22:44:25 | 3217,231,872 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.05 22:37:03 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1145357897-1795114449-4082191497-1000Core.job
[2012.06.05 22:37:02 | 000,001,148 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1145357897-1795114449-4082191497-1000UA.job
[2012.06.05 21:36:19 | 000,000,246 | ---- | M] () -- C:\Windows\Brownie.ini
[2012.06.05 21:08:26 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.05 19:04:38 | 000,004,140 | ---- | M] () -- C:\ProgramData\mtbjfghn.xbe
[2012.05.29 12:49:16 | 000,014,563 | ---- | M] () -- C:\Users\Blumentapete\Documents\AQyOTnDExoNnuejVJdqJA
[2012.05.27 08:34:11 | 000,022,440 | ---- | M] () -- C:\Users\Blumentapete\AppData\Local\XDjofxspynQNlTLjvgfG
[2012.05.26 14:27:15 | 000,000,586 | ---- | M] () -- C:\Windows\wininit.ini
[2012.05.26 14:27:13 | 000,001,022 | ---- | M] () -- C:\Users\Blumentapete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.05.24 16:57:52 | 000,001,191 | ---- | M] () -- C:\Users\Public\Desktop\Acer 3G Connection Manager.lnk
[2012.05.20 09:17:41 | 000,004,140 | ---- | M] () -- C:\ProgramData\TgDqXLdpxoJTLljtEQqgs
[2012.05.20 09:17:37 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Driver Updater.lnk
[2012.05.16 01:49:03 | 000,049,272 | ---- | M] () -- C:\Users\Blumentapete\Documents\sGuLVtrolXUqexfvqarQ
[2012.05.10 11:24:28 | 000,381,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.05.10 11:11:13 | 001,520,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.10 11:11:13 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.05.10 11:11:13 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.10 11:11:13 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.05.10 11:11:13 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.05 22:53:19 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.06.05 21:08:26 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.05 19:04:38 | 000,004,140 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2012.05.24 16:57:52 | 000,001,191 | ---- | C] () -- C:\Users\Public\Desktop\Acer 3G Connection Manager.lnk
[2012.05.20 09:17:37 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Driver Updater.lnk
[2011.01.21 22:33:26 | 000,000,995 | ---- | C] () -- C:\Program Files\GNU Backgammon CLI.lnk
[2010.12.16 23:48:48 | 000,007,168 | ---- | C] () -- C:\Users\Blumentapete\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.09 12:42:36 | 000,000,151 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2010.12.09 12:42:36 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2010.12.09 12:42:30 | 000,009,030 | ---- | C] () -- C:\Windows\HL-2030.INI
[2010.12.09 12:42:30 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\brlmw03a.ini
[2010.12.09 12:42:14 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.12.09 12:41:44 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\bd2030.dat
[2010.12.09 12:41:30 | 000,000,246 | ---- | C] () -- C:\Windows\Brownie.ini
[2010.12.07 10:36:01 | 000,001,919 | ---- | C] () -- C:\Program Files\Photo Transport.lnk
[2010.10.25 15:37:23 | 000,002,018 | ---- | C] () -- C:\Program Files\Adobe Reader 9.lnk
[2010.10.04 19:17:40 | 000,001,958 | ---- | C] () -- C:\Program Files\DAEMON Tools Lite.lnk
[2010.09.05 15:08:59 | 002,696,192 | ---- | C] () -- C:\Program Files\softonic-Deutsch.exe
[2010.06.12 16:49:08 | 000,000,586 | ---- | C] () -- C:\Windows\wininit.ini
 
========== LOP Check ==========
 
[2009.12.16 21:25:38 | 000,000,000 | -HSD | M] -- C:\Users\Blumentapete\AppData\Roaming\.#
[2011.12.22 18:23:14 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\.minecraft
[2012.06.05 18:18:45 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\Babylon
[2010.02.15 12:16:13 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\BlueShot
[2012.05.20 09:17:22 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\Carambis
[2009.12.20 09:55:38 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\CheckPoint
[2011.07.30 16:56:02 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.06.05 18:18:46 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\DAEMON Tools Lite
[2012.06.05 22:45:25 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\Dropbox
[2012.06.05 18:18:51 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\FRITZ!
[2012.06.05 18:18:51 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\GameConsole
[2011.02.19 18:06:49 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\gtk-2.0
[2009.12.16 20:46:01 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\Opera
[2009.12.18 10:57:56 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\PlayFirst
[2009.12.20 22:24:22 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\PowerCinema
[2010.04.09 09:19:33 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\SoftDMA
[2012.06.05 18:19:47 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\SparVoip
[2011.11.23 23:19:56 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\TerraTec
[2009.12.24 13:05:06 | 000,000,000 | ---D | M] -- C:\Users\Blumentapete\AppData\Roaming\Ubisoft
[2012.04.18 08:33:06 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:1D32EC29
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4CF61E54

< End of report >
         
--- --- ---


irgendwie kann ich nichts mehr zum thema hinzufügen, darum so die

mbr.log



Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.1.7601

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Das Handle ist ungültig.
kernel: error reading MBR

Geändert von hhh (05.06.2012 um 23:06 Uhr)

 

Themen zu (2x) bka virus hat die dateien unlesbar gemacht...otl text in der beschreibung
.dll, alternate, appdata, application/pdf, application/pdf:, autorun.inf, bka-virus, cdrom, conduit, dateien, dateisystem, dringend, explorer, firefox, heuristiks/extra, heuristiks/shuriken, internet, internet explorer, java, log, malware, microsoft, not, opera, otl auswertung, roaming, searchscopes, services, software, start, suche, system32, update, usb 2.0, virus, windows



Ähnliche Themen: (2x) bka virus hat die dateien unlesbar gemacht...otl text in der beschreibung


  1. AKM-Virus: OTLPE-Scans gemacht, was nun?
    Log-Analyse und Auswertung - 20.10.2013 (17)
  2. Dateien unlesbar nach virus
    Plagegeister aller Art und deren Bekämpfung - 14.10.2013 (7)
  3. neuer gvu virus mit otl.text
    Log-Analyse und Auswertung - 26.01.2013 (6)
  4. Beschreibung eines gefundenen PC-Virus
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (7)
  5. Word Dateien unlesbar, alle mit 13.Februar 1601 versehen
    Log-Analyse und Auswertung - 05.07.2012 (1)
  6. Windows XP - Verschlüsselungs-Trojaner // Malwarebytes + OTL (2x) -Text(log)-Dateien
    Log-Analyse und Auswertung - 14.06.2012 (1)
  7. bka virus hat die dateien unlesbar gemacht...otl text in der beschreibung
    Log-Analyse und Auswertung - 08.06.2012 (1)
  8. Verschlüsselungs-Trojaner...Bilder unlesbar
    Plagegeister aller Art und deren Bekämpfung - 22.05.2012 (3)
  9. Virus schreibt ständig Text in Textfelder
    Plagegeister aller Art und deren Bekämpfung - 07.02.2012 (2)
  10. System blockierung bei Firefox, OTL scan und .txt Dateien bereits gemacht, jetzt?
    Plagegeister aller Art und deren Bekämpfung - 24.12.2011 (14)
  11. Bundespolizei Virus, OTL Scan gemacht. Wie weiter?
    Log-Analyse und Auswertung - 10.10.2011 (24)
  12. Prozesse ohne Beschreibung & Benutzer (csrss.exe aticlxx.exe winlogon.exe) evtl Virus von Facebook
    Plagegeister aller Art und deren Bekämpfung - 22.09.2011 (9)
  13. Facebook-Virus Erpressungs-Text, man verlangt 100 €
    Plagegeister aller Art und deren Bekämpfung - 19.08.2011 (1)
  14. check gemacht mit gmer - welche dateien sind schadhaft?
    Log-Analyse und Auswertung - 03.05.2011 (3)
  15. Key unlesbar
    Alles rund um Windows - 03.12.2008 (2)
  16. [Suche] Text wie ein Virus aus den PC kommt
    Diskussionsforum - 27.09.2008 (2)
  17. hat das ein virus/wurm/trojaner gemacht?
    Plagegeister aller Art und deren Bekämpfung - 03.11.2004 (1)

Zum Thema (2x) bka virus hat die dateien unlesbar gemacht...otl text in der beschreibung - hallo, ich habe den bka virus eingefangen und suche dringend hilfe. habe otl laufen lassen und malware läuft gerade. alles weiter kommt später. als studentin mit termindruck und unistress hoffe - (2x) bka virus hat die dateien unlesbar gemacht...otl text in der beschreibung...
Archiv
Du betrachtest: (2x) bka virus hat die dateien unlesbar gemacht...otl text in der beschreibung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.