Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   polizeitrojaner CH (https://www.trojaner-board.de/124588-polizeitrojaner-ch.html)

boozu 23.09.2012 21:04
polizeitrojaner CH
 
Hallo miteinander,
Hab mir den Polizeitrojaner eingefangen.
Habe wie in andren Posts beschrieben den OTL durchlaufen lassen und Malwarebytes Suchlauf durchgeführt. Malwarebyteshatkeine Probleme gefunden, OTL-Scanmit Minimaloutput ergibt geposteten Bericht.
Hoffe jemand kann mir helfen...

cosinus 24.09.2012 11:57
Zitat:
und Malwarebytes Suchlauf durchgeführt. Malwarebyteshatkeine Probleme gefunden
Trotzdem bitte alle Logs davon posten
Die Logs enthalten ein paar mehr Infos als nur Fund oder kein Fund.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

boozu 24.09.2012 16:40
Hallo,
Okai ich versuchs nochmal. Erst die OTL scan:
OTL Logfile:
Code:
OTL logfile created on: 23.09.2012 21:48:54 - Run 2
OTL by OldTimer - Version 3.2.66.0    Folder = C:\Users\David\Desktop
64bit- Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 4.77 Gb Available Physical Memory | 79.47% Memory free
12.00 Gb Paging File | 9.61 Gb Available in Paging File | 80.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 399.32 Gb Total Space | 304.65 Gb Free Space | 76.29% Space Free | Partition Type: NTFS
Drive D: | 532.10 Gb Total Space | 354.76 Gb Free Space | 66.67% Space Free | Partition Type: NTFS
Drive F: | 3.69 Gb Total Space | 0.91 Gb Free Space | 24.58% Space Free | Partition Type: FAT32
Drive I: | 991.22 Mb Total Space | 552.84 Mb Free Space | 55.77% Space Free | Partition Type: FAT
 
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\David\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\David\dwvotbfdszvfsvldbn.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Windows\SysWOW64\XSrvSetup.exe ()
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.)
PRC - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\David\dwvotbfdszvfsvldbn.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (McAfee SiteAdvisor Service) -- c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (McAfee, Inc.)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (JMB36X) -- C:\Windows\SysWOW64\XSrvSetup.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (BCUService) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2D BB 23 68 8C 54 CD 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0E005789-3ECE-470a-9F09-AB7983EB6611}
IE - HKCU\..\SearchScopes\{0E005789-3ECE-470a-9F09-AB7983EB6611}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
IE - HKCU\..\SearchScopes\{7A9EEB3C-D8BF-4de7-A2B6-F956652FBC84}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "google.ch"
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=0C857130-4234-4183-B532-7A31B69C0A5A&apn_ptnrs=&apn_sauid=F73B3743-FF8D-47ED-B923-0DE07F254E1C&apn_dtid=OSJ000&&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.07.11 17:26:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 10:01:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 10:01:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.06.29 18:25:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Extensions
[2012.06.30 21:41:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\c801s0o2.default\extensions
[2012.06.29 16:57:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.22 10:01:54 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [] C:\Users\David\dwvotbfdszvfsvldbn.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 212.147.10.180 212.147.10.162
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF4FF423-252B-4B72-8E82-E9132DB059D9}: DhcpNameServer = 192.168.1.1 212.147.10.180 212.147.10.162
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8218cff6-c07b-11e1-8d72-1c6f659108c5}\Shell - "" = AutoRun
O33 - MountPoints2\{8218cff6-c07b-11e1-8d72-1c6f659108c5}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.23 21:48:19 | 000,601,600 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2012.09.23 19:51:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.02 16:02:31 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Malwarebytes
[2012.09.02 16:02:14 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.02 16:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.02 16:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.02 16:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.26 20:50:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.08.26 20:39:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012.08.26 20:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.08.26 20:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.08.26 20:39:32 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.08.26 20:39:32 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.08.26 20:39:32 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.26 20:39:27 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.26 20:39:27 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.26 20:39:27 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.08.26 20:39:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.23 21:50:49 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.23 21:50:49 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.23 21:50:49 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.23 21:50:49 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.23 21:50:49 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.23 21:50:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.23 21:44:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.23 21:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.23 20:06:55 | 000,014,864 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 20:06:55 | 000,014,864 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 20:01:18 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2012.09.23 19:59:49 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.23 19:59:33 | 535,633,919 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.23 19:13:49 | 000,136,192 | ---- | M] () -- C:\Users\David\dwvotbfdszvfsvldbn.exe
[2012.09.23 19:13:42 | 000,136,192 | ---- | M] () -- C:\Users\David\seytrcfdchm.exe
[2012.09.23 19:13:36 | 000,136,192 | ---- | M] () -- C:\Users\David\ixorgiolllpgerz.exe
[2012.09.23 19:13:30 | 000,136,192 | ---- | M] () -- C:\Users\David\augbhkwrmnmqto.exe
[2012.09.23 13:20:22 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.09.23 13:20:22 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.09.02 16:02:14 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.26 20:39:19 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.08.26 20:39:17 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.08.26 20:39:17 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.08.26 20:39:17 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.26 20:39:17 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.26 20:39:17 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.25 09:57:24 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
 
========== Files Created - No Company Name ==========
 
[2012.09.23 19:13:44 | 000,136,192 | ---- | C] () -- C:\Users\David\dwvotbfdszvfsvldbn.exe
[2012.09.23 19:13:38 | 000,136,192 | ---- | C] () -- C:\Users\David\seytrcfdchm.exe
[2012.09.23 19:13:32 | 000,136,192 | ---- | C] () -- C:\Users\David\ixorgiolllpgerz.exe
[2012.09.23 19:13:27 | 000,136,192 | ---- | C] () -- C:\Users\David\augbhkwrmnmqto.exe
[2012.09.02 16:02:14 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.09 22:16:04 | 001,841,700 | ---- | C] () -- C:\Windows\MapCreator 2 Uninstaller.exe
[2012.06.27 19:14:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.06.27 19:03:07 | 000,072,304 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2012.06.27 18:59:40 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
--- --- ---


Anbei die OTL Extras:
OTL Logfile:
Code:
OTL Extras logfile created on: 23.09.2012 19:51:29 - Run 1
OTL by OldTimer - Version 3.2.59.1    Folder = C:\Users\David\Desktop
64bit- Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 4.62 Gb Available Physical Memory | 77.00% Memory free
12.00 Gb Paging File | 10.28 Gb Available in Paging File | 85.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 399.32 Gb Total Space | 304.63 Gb Free Space | 76.29% Space Free | Partition Type: NTFS
Drive D: | 532.10 Gb Total Space | 354.76 Gb Free Space | 66.67% Space Free | Partition Type: NTFS
Drive F: | 3.69 Gb Total Space | 0.91 Gb Free Space | 24.58% Space Free | Partition Type: FAT32
Drive I: | 991.22 Mb Total Space | 552.88 Mb Free Space | 55.78% Space Free | Partition Type: FAT
 
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\bookfactory.ch\Designer 2.0\Designer.exe" = C:\Program Files (x86)\bookfactory.ch\Designer 2.0\Designer.exe:*:Designer.exe -- ()
"C:\Program Files (x86)\bookfactory.ch\Designer 2.0\Designer.exe" = C:\Program Files (x86)\bookfactory.ch\Designer 2.0\Designer.exe:*:Designer.exe -- ()
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4B4AFEA8-A0E6-4E41-BD50-EA7FFB48A098}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16967511-51B1-46AA-B174-0FAA3D5ACA26}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{4D55DE0E-C87E-4E4D-9439-D7DDCC727643}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{70FC8FFE-6E6B-4C8E-B9F1-CEA63D9F86A5}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{87826AA5-9E10-46FA-8BD4-995320D3FCC8}" = protocol=6 | dir=in | app=c:\program files (x86)\square enix\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
"{8E0C5060-1AAA-460E-9AE1-3DE2BEBD3731}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8E540088-88F1-4AFA-BECE-6CD107F52CBC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9506462F-A4B3-4F90-A136-E715E22FAC03}" = protocol=17 | dir=in | app=c:\program files (x86)\square enix\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
"{DFCB3115-96DF-4D97-AD55-C8FC66D33551}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{F59354C6-E9B7-4295-BAA7-832E5747BF46}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers
"{120F2308-86AE-E1BB-E0AE-F598807DFCE5}" = ATI AVIVO64 Codecs
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{3973DD74-2444-1CD4-278A-E7A77E4E53EE}" = ccc-utility64
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AEF6C676-D7A2-4487-BD4B-1BED17B229B5}" = Microsoft-Maus- und Tastatur-Center
"{BCF07271-A853-4D3A-B668-4B752174CAA8}" = iTunes
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{E81A0194-0334-07A8-9757-2D0C65BF2F09}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{086A7D8C-0A38-4C7F-819A-620275550D5C}" = Nero Burning ROM Help
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{23887221-512C-8DE0-8FCD-15AFBA0D105C}" = Catalyst Control Center Core Implementation
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0422.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E39BA76-09F8-FBA6-25BA-E9A1D9D87547}" = Catalyst Control Center Graphics Previews Vista
"{558DD876-6EA3-03FF-7BCA-D5F6F0BD504F}" = Catalyst Control Center Graphics Full Existing
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73CDCA64-491D-4EA8-CD8B-AE69CE1373F8}" = Catalyst Control Center Localization All
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A86409C5-ABB1-901D-7059-889D11F67F2D}" = Catalyst Control Center Graphics Full New
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A961C6FD-C583-45F6-A0A4-5E4376C29E41}" = Catalyst Control Center - Branding
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C3DF6B7D-BDF3-AC88-F2D2-05FCFC1A66DC}" = ccc-core-static
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CCDDAA87-1C54-B1FB-BD7E-CC910EA7DDB9}" = Catalyst Control Center Graphics Light
"{ce0d5ce7-cc2b-46b1-a779-0cf6c83cd277}" = Nero 9
"{CFABC775-5386-4BA5-86B4-505BBD36E812}" = Batman: Arkham Asylum Game of the Year Edition
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EEBABD91-2B8C-DB09-17C1-D7B661A040C9}" = Catalyst Control Center InstallProxy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FB280574-F82B-FD8F-B338-756749A94B74}" = CCC Help German
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"bookfactory.ch Designer 2.0_is1" = Designer 2.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"Fotopick FotoFun-Designer" = Fotopick FotoFun-Designer
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.19.412
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"MapCreator 2" = MapCreator 2
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PhotomatixPro3Betax32_is1" = Photomatix Pro version 3.2
"PTGui" = PTGui 9.1.3
"VSTax 2011" = VSTax 2011
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"2580277838.client.my-silverx.com" = Fotopick FotoFun-Designer
"Tropico 4" = Tropico 4 1.00
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.09.2012 13:20:52 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: designer.exe, Version: 0.0.0.0, Zeitstempel:
 0x4e6a1d2f  Name des fehlerhaften Moduls: QtGui4.dll, Version: 4.3.3.0, Zeitstempel:
 0x47559e07  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002ccf7  ID des fehlerhaften Prozesses:
 0xeb8  Startzeit der fehlerhaften Anwendung: 0x01cd892d54ba836f  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\bookfactory.ch\Designer 2.0\designer.exe  Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\bookfactory.ch\Designer 2.0\QtGui4.dll
Berichtskennung:
 8ba8e4e5-f522-11e1-b501-1c6f659108c5
 
Error - 02.09.2012 13:27:56 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: designer.exe, Version: 0.0.0.0, Zeitstempel:
 0x4e6a1d2f  Name des fehlerhaften Moduls: QtGui4.dll, Version: 4.3.3.0, Zeitstempel:
 0x47559e07  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002ccf4  ID des fehlerhaften Prozesses:
 0x1318  Startzeit der fehlerhaften Anwendung: 0x01cd892f55402358  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\bookfactory.ch\Designer 2.0\designer.exe  Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\bookfactory.ch\Designer 2.0\QtGui4.dll
Berichtskennung:
 885b54ce-f523-11e1-b501-1c6f659108c5
 
Error - 02.09.2012 13:53:08 | Computer Name = David-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 03.09.2012 12:16:32 | Computer Name = David-PC | Source = EventSystem | ID = 4621
Description =
 
Error - 03.09.2012 12:16:50 | Computer Name = David-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
 
Error - 04.09.2012 13:55:31 | Computer Name = David-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
 
Error - 05.09.2012 12:00:00 | Computer Name = David-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
 
Error - 05.09.2012 14:12:01 | Computer Name = David-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
 
Error - 23.09.2012 12:35:16 | Computer Name = David-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 23.09.2012 13:13:35 | Computer Name = David-PC | Source = EventSystem | ID = 4621
Description =
 
[ System Events ]
Error - 02.09.2012 09:05:55 | Computer Name = David-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?02.?09.?2012 um 15:04:10 unerwartet heruntergefahren.
 
Error - 02.09.2012 12:45:29 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
 
Error - 03.09.2012 23:29:52 | Computer Name = David-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%109
 
Error - 03.09.2012 23:29:53 | Computer Name = David-PC | Source = DCOM | ID = 10005
Description =
 
Error - 03.09.2012 23:38:21 | Computer Name = David-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \...\DR11 gefunden.
 
Error - 04.09.2012 16:39:41 | Computer Name = David-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
 
Error - 04.09.2012 16:39:41 | Computer Name = David-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
 
Error - 04.09.2012 16:39:42 | Computer Name = David-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
 
Error - 23.09.2012 13:17:03 | Computer Name = David-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?23.?09.?2012 um 19:15:28 unerwartet heruntergefahren.
 
Error - 23.09.2012 13:23:11 | Computer Name = David-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?23.?09.?2012 um 19:20:54 unerwartet heruntergefahren.
 
 
< End of report >
--- --- ---


Und noch die Maleware-Scan

Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.09.08.02

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
David :: DAVID-PC [Administrator]

Schutz: Aktiviert

23.09.2012 20:07:58
mbam-log-2012-09-23 (20-07-58).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 510661
Laufzeit: 1 Stunde(n), 5 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Bereits vielen Dank für die Antwort

cosinus 24.09.2012 20:15
Code:
Datenbank Version: v2012.09.08.02
Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und einen neuen Vollscan machen.

boozu 25.09.2012 18:44
Okai, Hab Malewarebyte aktualisiert und 2 scans durchgeführt.
Erster Scan:
Code:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.24.08

Windows 7 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
David :: DAVID-PC [Administrator]

24.09.2012 18:56:32
mbam-log-2012-09-24 (18-56-32).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 512822
Laufzeit: 1 Stunde(n), 10 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run| (Trojan.Zbot) -> Daten: C:\Users\David\dwvotbfdszvfsvldbn.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Users\David\dwvotbfdszvfsvldbn.exe (Trojan.Zbot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\David\augbhkwrmnmqto.exe (Trojan.Zbot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\David\ixorgiolllpgerz.exe (Trojan.Zbot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\David\seytrcfdchm.exe (Trojan.Zbot) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Zweiter scan heute:

Code:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.25.09

Windows 7 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
David :: DAVID-PC [Administrator]

25.09.2012 17:29:20
mbam-log-2012-09-25 (17-29-20).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 514923
Laufzeit: 1 Stunde(n), 11 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Ausserdem hab ich bereits eset durchgeführt:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e9a0093e0d032741bb088f1f9138a246
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-24 06:44:48
# local_time=2012-09-24 08:44:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 7688719 7688719 0 0
# compatibility_mode=5893 16776574 66 85 100911807 100911807 0 0
# compatibility_mode=8192 67108863 100 0 137 137 0 0
# scanned=302894
# found=7
# cleaned=0
# scan_time=6151
C:\Users\David\augbhkwrmnmqto.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\David\dwvotbfdszvfsvldbn.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\David\ixorgiolllpgerz.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\David\seytrcfdchm.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Batman.Arkham.Asylum.GOTY.Edition. MULTI5-TRiViUM\TVM_BAAGOTY.iso        a variant of Win32/Packed.VMProtect.AAH trojan (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Microsoft.Office.Professional.Plus.2010.x64.SP1-Mad\Microsoft.Office.Professional.Plus.2010.x64.SP1.VL.German-Madmax\MadmaxO1064SP1.iso        Win32/HackKMS.C application (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Nero.9.Reloaded.v9.4.17.0.MULTiLANGUAGE.DVD-RESTORE\nero94170rld.iso        Win32/Toolbar.AskSBar application (unable to clean)        00000000000000000000000000000000        I
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e9a0093e0d032741bb088f1f9138a246
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-25 05:19:45
# local_time=2012-09-25 07:19:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 7769994 7769994 0 0
# compatibility_mode=5893 16776574 66 85 100993082 100993082 0 0
# compatibility_mode=8192 67108863 100 0 81412 81412 0 0
# scanned=304696
# found=3
# cleaned=0
# scan_time=6174
D:\Programme\Batman.Arkham.Asylum.GOTY.Edition. MULTI5-TRiViUM\TVM_BAAGOTY.iso        a variant of Win32/Packed.VMProtect.AAH trojan (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Microsoft.Office.Professional.Plus.2010.x64.SP1-Mad\Microsoft.Office.Professional.Plus.2010.x64.SP1.VL.German-Madmax\MadmaxO1064SP1.iso        Win32/HackKMS.C application (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Nero.9.Reloaded.v9.4.17.0.MULTiLANGUAGE.DVD-RESTORE\nero94170rld.iso        Win32/Toolbar.AskSBar application (unable to clean)        00000000000000000000000000000000        I
Ausserdem hier nochmals ein OTL-post
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e9a0093e0d032741bb088f1f9138a246
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-24 06:44:48
# local_time=2012-09-24 08:44:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 7688719 7688719 0 0
# compatibility_mode=5893 16776574 66 85 100911807 100911807 0 0
# compatibility_mode=8192 67108863 100 0 137 137 0 0
# scanned=302894
# found=7
# cleaned=0
# scan_time=6151
C:\Users\David\augbhkwrmnmqto.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\David\dwvotbfdszvfsvldbn.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\David\ixorgiolllpgerz.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\David\seytrcfdchm.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Batman.Arkham.Asylum.GOTY.Edition. MULTI5-TRiViUM\TVM_BAAGOTY.iso        a variant of Win32/Packed.VMProtect.AAH trojan (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Microsoft.Office.Professional.Plus.2010.x64.SP1-Mad\Microsoft.Office.Professional.Plus.2010.x64.SP1.VL.German-Madmax\MadmaxO1064SP1.iso        Win32/HackKMS.C application (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Nero.9.Reloaded.v9.4.17.0.MULTiLANGUAGE.DVD-RESTORE\nero94170rld.iso        Win32/Toolbar.AskSBar application (unable to clean)        00000000000000000000000000000000        I
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e9a0093e0d032741bb088f1f9138a246
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-25 05:19:45
# local_time=2012-09-25 07:19:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 7769994 7769994 0 0
# compatibility_mode=5893 16776574 66 85 100993082 100993082 0 0
# compatibility_mode=8192 67108863 100 0 81412 81412 0 0
# scanned=304696
# found=3
# cleaned=0
# scan_time=6174
D:\Programme\Batman.Arkham.Asylum.GOTY.Edition. MULTI5-TRiViUM\TVM_BAAGOTY.iso        a variant of Win32/Packed.VMProtect.AAH trojan (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Microsoft.Office.Professional.Plus.2010.x64.SP1-Mad\Microsoft.Office.Professional.Plus.2010.x64.SP1.VL.German-Madmax\MadmaxO1064SP1.iso        Win32/HackKMS.C application (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Nero.9.Reloaded.v9.4.17.0.MULTiLANGUAGE.DVD-RESTORE\nero94170rld.iso        Win32/Toolbar.AskSBar application (unable to clean)        00000000000000000000000000000000        I
und die zugehörigen extras:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e9a0093e0d032741bb088f1f9138a246
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-24 06:44:48
# local_time=2012-09-24 08:44:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 7688719 7688719 0 0
# compatibility_mode=5893 16776574 66 85 100911807 100911807 0 0
# compatibility_mode=8192 67108863 100 0 137 137 0 0
# scanned=302894
# found=7
# cleaned=0
# scan_time=6151
C:\Users\David\augbhkwrmnmqto.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\David\dwvotbfdszvfsvldbn.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\David\ixorgiolllpgerz.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\David\seytrcfdchm.exe        a variant of Win32/Injector.WWM trojan (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Batman.Arkham.Asylum.GOTY.Edition. MULTI5-TRiViUM\TVM_BAAGOTY.iso        a variant of Win32/Packed.VMProtect.AAH trojan (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Microsoft.Office.Professional.Plus.2010.x64.SP1-Mad\Microsoft.Office.Professional.Plus.2010.x64.SP1.VL.German-Madmax\MadmaxO1064SP1.iso        Win32/HackKMS.C application (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Nero.9.Reloaded.v9.4.17.0.MULTiLANGUAGE.DVD-RESTORE\nero94170rld.iso        Win32/Toolbar.AskSBar application (unable to clean)        00000000000000000000000000000000        I
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e9a0093e0d032741bb088f1f9138a246
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-25 05:19:45
# local_time=2012-09-25 07:19:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 7769994 7769994 0 0
# compatibility_mode=5893 16776574 66 85 100993082 100993082 0 0
# compatibility_mode=8192 67108863 100 0 81412 81412 0 0
# scanned=304696
# found=3
# cleaned=0
# scan_time=6174
D:\Programme\Batman.Arkham.Asylum.GOTY.Edition. MULTI5-TRiViUM\TVM_BAAGOTY.iso        a variant of Win32/Packed.VMProtect.AAH trojan (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Microsoft.Office.Professional.Plus.2010.x64.SP1-Mad\Microsoft.Office.Professional.Plus.2010.x64.SP1.VL.German-Madmax\MadmaxO1064SP1.iso        Win32/HackKMS.C application (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Nero.9.Reloaded.v9.4.17.0.MULTiLANGUAGE.DVD-RESTORE\nero94170rld.iso        Win32/Toolbar.AskSBar application (unable to clean)        00000000000000000000000000000000        I
ICh werde noch den adwcleaner runterladen und den mal laufen lassen.

cosinus 25.09.2012 19:54
Code:
D:\Programme\Batman.Arkham.Asylum.GOTY.Edition. MULTI5-TRiViUM\TVM_BAAGOTY.iso        a variant of Win32/Packed.VMProtect.AAH trojan (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Microsoft.Office.Professional.Plus.2010.x64.SP1-Mad\Microsoft.Office.Professional.Plus.2010.x64.SP1.VL.German-Madmax\MadmaxO1064SP1.iso        Win32/HackKMS.C application (unable to clean)        00000000000000000000000000000000        I
D:\Programme\Nero.9.Reloaded.v9.4.17.0.MULTiLANGUAGE.DVD-RESTORE\nero94170rld.iso        Win32/Toolbar.AskSBar application (unable to clean)        00000000000000000000000000000000        I
Und du wunderst dich über Schädlinge? :wtf:

:pfui:

Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!


In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:00 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132