Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
windows secirity sperrt computer

windows secirity sperrt computer


Plagegeister aller Art und deren Bekämpfung: windows secirity sperrt computer

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.04.2012, 15:42   #1
kolenda92
 
windows secirity sperrt computer - Standard

windows secirity sperrt computer


hier meine orl bin absoluter laie zu dem thema weis nur das ihr experten diesen orl scan braucht

ich hoffe ihr helft mir weiter !!!

ORL:
OTL logfile created on: 02.04.2012 16:05:42 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Gast\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 56,21% Memory free
6,21 Gb Paging File | 4,93 Gb Available in Paging File | 79,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 153,63 Gb Total Space | 45,66 Gb Free Space | 29,72% Space Free | Partition Type: NTFS
Drive D: | 303,34 Gb Total Space | 296,08 Gb Free Space | 97,61% Space Free | Partition Type: NTFS
Drive E: | 260,55 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MARCUS-PC | User Name: Marcus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.04.02 16:05:13 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Gast\Downloads\OTL.exe
PRC - [2012.04.01 03:15:47 | 000,353,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_228_ActiveX.exe
PRC - [2012.03.09 15:18:06 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010.09.19 22:24:52 | 000,070,144 | ---- | M] (AlcaTech) -- C:\Windows\System32\mmrtkrnl.exe
PRC - [2010.09.08 08:02:42 | 000,638,232 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2010.09.01 08:39:18 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2009.11.20 20:17:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.10.20 14:59:18 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\SweetIM.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.08.27 17:55:20 | 006,281,760 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.06.10 19:26:28 | 000,222,456 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.05.28 13:40:28 | 000,020,480 | ---- | M] ( ) -- C:\Programme\Google\Google EULA\GoogleEULALauncher.exe
PRC - [2008.04.25 15:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) -- C:\Programme\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2007.12.04 15:34:10 | 000,603,720 | ---- | M] (G DATA Software AG) -- C:\Programme\G DATA InternetSecurity\AVKTray\AVKTray.exe
PRC - [2007.12.04 12:47:12 | 001,095,240 | ---- | M] (G DATA Software AG) -- C:\Programme\G DATA InternetSecurity\AVK\AVKWCtl.exe
PRC - [2007.12.04 05:25:52 | 000,427,592 | ---- | M] (G DATA Software AG) -- C:\Programme\G DATA InternetSecurity\AVK\AVKService.exe
PRC - [2007.12.04 05:23:42 | 000,722,504 | ---- | M] (G DATA Software AG) -- C:\Programme\Common Files\G DATA\AVKProxy\AVKProxy.exe
PRC - [2007.10.25 12:09:54 | 001,189,552 | ---- | M] (G DATA Software AG) -- C:\Programme\G DATA InternetSecurity\Firewall\GDFirewallTray.exe
PRC - [2007.10.24 15:26:38 | 001,496,648 | ---- | M] (G DATA Software AG) -- C:\Programme\G DATA InternetSecurity\Firewall\GDFwSvc.exe


========== Modules (No Company Name) ==========

MOD - [2011.08.29 12:28:06 | 000,140,848 | ---- | M] () -- C:\Programme\vShare.tv plugin\IEhelperActiveX.dll
MOD - [2010.11.17 14:16:56 | 000,067,872 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010.10.26 17:39:51 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_c5046210\mscorlib.dll
MOD - [2010.10.26 17:39:49 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_64e92d72\system.drawing.dll
MOD - [2010.10.26 17:39:40 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_3d07ba62\system.windows.forms.dll
MOD - [2010.10.26 17:39:34 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_319a5d78\system.dll
MOD - [2010.10.26 17:39:29 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2010.09.01 08:39:28 | 000,095,528 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010.09.01 08:39:18 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2008.12.27 14:10:48 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.12.27 14:10:40 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2008.12.27 14:10:40 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2008.12.27 14:10:38 | 000,299,008 | ---- | M] () -- c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll
MOD - [2008.10.16 18:26:40 | 000,189,744 | ---- | M] () -- C:\Programme\HP\Digital Imaging\Smart Web Printing\NeoLoggingLib.dll
MOD - [2008.01.21 04:24:02 | 000,223,232 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll


========== Win32 Services (SafeList) ==========

SRV - [2012.04.01 03:15:47 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2009.11.20 20:17:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2008.06.10 19:26:28 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.04.25 15:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Programme\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:43 | 000,005,632 | ---- | M] (Oak Technology Inc.) [Auto | Running] -- C:\Windows\System32\RTSTOR.dll -- (Ndisipo)
SRV - [2007.12.04 12:47:12 | 001,095,240 | ---- | M] (G DATA Software AG) [Auto | Running] -- C:\Programme\G DATA InternetSecurity\AVK\AVKWCtl.exe -- (AVKWCtl)
SRV - [2007.12.04 05:25:52 | 000,427,592 | ---- | M] (G DATA Software AG) [Auto | Running] -- C:\Programme\G DATA InternetSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2007.12.04 05:23:42 | 000,722,504 | ---- | M] (G DATA Software AG) [Auto | Running] -- C:\Programme\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2007.10.25 16:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007.10.24 15:26:38 | 001,496,648 | ---- | M] (G DATA Software AG) [On_Demand | Running] -- C:\Programme\G DATA InternetSecurity\Firewall\GDFwSvc.exe -- (GDFwSvc)
SRV - [2007.10.18 12:31:54 | 000,098,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006.12.14 18:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2005.11.17 16:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010.09.19 22:24:56 | 000,094,560 | ---- | M] (AlcaTech) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mmrtkrnl.sys -- (MMRTKRNL)
DRV - [2010.04.19 21:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2009.11.21 04:34:54 | 011,515,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.07.15 13:29:15 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.07.15 13:29:14 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.01.19 20:31:56 | 000,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008.10.28 12:20:58 | 000,042,952 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV - [2008.10.28 12:13:38 | 000,046,024 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV - [2008.10.28 12:13:37 | 000,032,200 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HookCentre.sys -- (HookCentre)
DRV - [2008.10.28 12:13:25 | 000,041,928 | ---- | M] (G DATA Software AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor)
DRV - [2008.07.22 10:21:08 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.07.08 03:32:52 | 001,050,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008.05.27 13:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008.04.03 14:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2007.10.04 03:15:56 | 000,039,880 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\gdwfpcd32.sys -- (gdwfpcd)
DRV - [2007.07.11 15:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007.07.11 10:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007.07.11 10:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2006.10.09 15:46:44 | 000,017,536 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://startsear.ch/?aff=1
IE - HKLM\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWise.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{72483C43-6BF7-434D-84DC-8479F996520A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\.DEFAULT\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJE
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-18\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJE
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3196716
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWise.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=884be0550000000000000021859f9780
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_de
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\SearchScopes\{72483C43-6BF7-434D-84DC-8479F996520A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_de
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb106/?search={searchTerms}&loc=IB_DS&a=6R8hmmJ938&i=26
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 57 C4 FB 06 E5 CC 01 [binary data]
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWise.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\..\SearchScopes\{72483C43-6BF7-434D-84DC-8479F996520A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_de
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-501\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-501\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-501\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B 80 2A 30 1B 16 CB 01 [binary data]
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-501\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-501\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-501\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_de
IE - HKU\S-1-5-21-2299159943-1454589314-3894887082-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb106?a=6R8hmmJ938&i=26"
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {27E679CC-6AAB-4B2A-BB87-096FE4178464}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.497.0
FF - prefs.js..extensions.enabledItems: HBLite@HBLite.com:11.0.0.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.2.0
FF - prefs.js..extensions.enabledItems: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..extensions.enabledItems: ffxtlbr@incredibar.com:1.5.0
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb106/?loc=IB_DS&a=6R8hmmJ938&&i=26&search="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.16: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.16: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Marcus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010.07.29 12:29:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.0.497.0\firefox\firefoxtoolbar\extensions [2010.10.12 15:01:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\HBLite@HBLite.com: C:\Program Files\HBLite\bin\11.0.267.0\firefox\extensions [2010.10.12 15:02:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.10.19 18:24:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.16 02:53:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.16 02:53:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010.07.29 12:29:43 | 000,000,000 | ---D | M]

[2008.12.31 01:18:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcus\AppData\Roaming\mozilla\Extensions
[2012.02.03 01:51:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcus\AppData\Roaming\mozilla\Firefox\Profiles\dazmw0n9.default\extensions
[2010.06.01 19:41:19 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Marcus\AppData\Roaming\mozilla\Firefox\Profiles\dazmw0n9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.01.10 17:49:42 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Marcus\AppData\Roaming\mozilla\Firefox\Profiles\dazmw0n9.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2010.06.01 19:41:19 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Marcus\AppData\Roaming\mozilla\Firefox\Profiles\dazmw0n9.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2012.01.10 17:49:49 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Marcus\AppData\Roaming\mozilla\Firefox\Profiles\dazmw0n9.default\extensions\ffxtlbr@babylon.com
[2012.01.20 01:23:10 | 000,000,000 | ---D | M] (Incredibar Toolbar) -- C:\Users\Marcus\AppData\Roaming\mozilla\Firefox\Profiles\dazmw0n9.default\extensions\ffxtlbr@incredibar.com
[2009.12.09 15:24:33 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Marcus\AppData\Roaming\mozilla\Firefox\Profiles\dazmw0n9.default\extensions\firefox@tvunetworks.com
[2012.01.13 19:19:11 | 000,000,950 | ---- | M] () -- C:\Users\Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\dazmw0n9.default\searchplugins\icqplugin-1.xml
[2009.03.07 23:40:35 | 000,000,950 | ---- | M] () -- C:\Users\Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\dazmw0n9.default\searchplugins\icqplugin-2.xml
[2008.12.15 15:45:18 | 000,000,944 | ---- | M] () -- C:\Users\Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\dazmw0n9.default\searchplugins\icqplugin.xml
[2012.01.20 01:22:39 | 000,002,203 | ---- | M] () -- C:\Users\Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\dazmw0n9.default\searchplugins\MyStart Search.xml
[2009.12.09 15:22:43 | 000,002,385 | ---- | M] () -- C:\Users\Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\dazmw0n9.default\searchplugins\Schnell Sucher.xml
[2011.07.11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\dazmw0n9.default\searchplugins\startsear.xml
[2009.12.07 15:34:50 | 000,003,915 | ---- | M] () -- C:\Users\Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\dazmw0n9.default\searchplugins\sweetim.xml
[2010.10.19 23:47:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.10.12 15:06:29 | 000,000,000 | ---D | M] (QueryExplorer) -- C:\Programme\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}
[2010.02.05 17:44:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.06.19 19:56:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.19 23:47:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.10.12 15:02:52 | 000,000,000 | ---D | M] (Hotbar Component) -- C:\PROGRAM FILES\HBLITE\BIN\11.0.267.0\FIREFOX\EXTENSIONS
[2010.10.12 15:06:29 | 000,000,000 | ---D | M] (QueryExplorer) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{27E679CC-6AAB-4B2A-BB87-096FE4178464}
[2009.01.06 02:16:10 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.03.28 21:53:31 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.08.30 11:54:52 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2010.06.19 19:56:13 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.19 23:47:10 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.10.12 15:01:59 | 000,000,000 | ---D | M] (ShopperReports) -- C:\PROGRAM FILES\SHOPPERREPORTS3\BIN\3.0.497.0\FIREFOX\FIREFOXTOOLBAR\EXTENSIONS
[2010.10.19 18:24:35 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010.09.29 01:31:44 | 000,083,248 | ---- | M] (Pinball Corporation.) -- C:\Program Files\mozilla firefox\plugins\npclntax_HBLiteSA.dll
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2006.11.09 16:20:40 | 002,111,096 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2011.10.03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.10 17:49:11 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: HBLite Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npclntax_HBLiteSA.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.2_0\

Hosts file not found
O2 - BHO: (G DATA WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G DATA InternetSecurity\Webfilter\AvkWebIE.dll (G DATA Software AG)
O2 - BHO: (ShopperReports) - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Programme\ShopperReports3\bin\3.0.497.0\ShopperReports.dll (SmartShopper Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Programme\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Programme\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (G DATA WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G DATA InternetSecurity\Webfilter\AvkWebIE.dll (G DATA Software AG)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Programme\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-2299159943-1454589314-3894887082-501\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKU\S-1-5-21-2299159943-1454589314-3894887082-501\..\Toolbar\WebBrowser: (WiseConvert Toolbar) - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - C:\Programme\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2299159943-1454589314-3894887082-501\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [AVKTray] C:\Program Files\G DATA InternetSecurity\AVKTray\AVKTray.exe (G DATA Software AG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EnergySettings] C:\Programme\Fujitsu Siemens Computers\Energy Settings\EnergySettings.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [GDFirewallTray] C:\Programme\G DATA InternetSecurity\Firewall\GDFirewallTray.exe (G DATA Software AG)
O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" File not found
O4 - HKLM..\Run: [Realtime Audio Engine] C:\Windows\System32\mmrtkrnl.exe (AlcaTech)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (Fujitsu Siemens)
O4 - HKU\.DEFAULT..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\S-1-5-18..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (Fujitsu Siemens)
O4 - HKU\S-1-5-18..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\S-1-5-19..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000..\Run: [fsc-reg] C:\fsc-reg\fscreg.exe (Fujitsu Siemens)
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000..\Run: [MediaGet2] C:\Users\Marcus\AppData\Local\MediaGet2\mediaget.exe --minimized File not found
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000..\Run: [Personal ID] C:\Programme\coolspot AG\Personal ID\pid.exe (coolspot AG, Düsseldorf)
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000..\Run: [WindowsUpdateService] C:\Users\Public\winsvcn.exe File not found
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004..\Run: [vasja] C:\Users\marcus2\AppData\Local\Temp\mor.exe ()
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-501..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 32
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRunUSB = 32
O7 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Programme\ShopperReports3\bin\3.0.497.0\ShopperReports.dll (SmartShopper Inc.)
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Programme\ShopperReports3\bin\3.0.497.0\ShopperReports.dll (SmartShopper Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000\..Trusted Ranges: GD ([http] in Lokales Intranet)
O15 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-2299159943-1454589314-3894887082-501\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A059C296-9C6F-40BD-BC20-2E2F2463FEE5}: DhcpNameServer = 10.129.32.1 10.111.81.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6C9CDA8-C6B7-477D-9E42-8375C52BB421}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\program files\g data internetsecurity\avkkid\avkcks.exe) - c:\Programme\G DATA InternetSecurity\AVKKid\AvkCKS.exe ()
O20 - Winlogon\Notify\axcifda: DllName - (C:\Windows\system32\config\systemprofile\AppData\Local\axcifda.dll) - C:\Windows\System32\config\systemprofile\AppData\Local\axcifda.dll ()
O24 - Desktop WallPaper: C:\Users\Marcus\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Marcus\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.09.16 16:02:50 | 000,000,000 | -H-D | M] - E:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2009.07.24 09:49:08 | 000,000,056 | RH-- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{175d528d-afdd-11dd-9cab-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{175d528d-afdd-11dd-9cab-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CD_menu.exe -- [2011.09.13 19:55:28 | 001,019,904 | R--- | M] (Pioneer Corporation.)
O33 - MountPoints2\{53b9cad2-33a9-11e1-8b73-0021859f9780}\Shell - "" = AutoRun
O33 - MountPoints2\{53b9cad2-33a9-11e1-8b73-0021859f9780}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1000..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.04.02 15:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012.04.02 15:56:10 | 000,000,000 | ---D | C] -- C:\Users\Marcus\AppData\Local\Conduit
[2012.04.02 15:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\WiseConvert
[2012.04.01 10:58:01 | 000,130,560 | ---- | C] (Eugene Roshal & FAR Group) -- C:\ProgramData\uG0NdIB4.exe
[2012.04.01 03:15:47 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.04.02 16:27:49 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.02 15:54:46 | 000,664,044 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.02 15:54:46 | 000,625,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.02 15:54:46 | 000,142,416 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.02 15:54:46 | 000,116,946 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.02 15:51:36 | 000,106,413 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.04.02 15:51:36 | 000,106,320 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.04.02 15:51:25 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.02 15:49:33 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.02 15:49:33 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.02 15:49:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.02 15:49:29 | 3220,373,504 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.02 13:26:32 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_trash_log.cmd
[2012.04.01 10:46:16 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At21.job
[2012.04.01 10:46:14 | 000,130,560 | ---- | M] (Eugene Roshal & FAR Group) -- C:\ProgramData\uG0NdIB4.exe
[2012.04.01 10:46:14 | 000,000,112 | ---- | M] () -- C:\ProgramData\26cUQrFEp.dat
[2012.04.01 10:45:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At22.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At8.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At6.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At48.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At46.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At44.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At42.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At40.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At4.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At38.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At36.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At34.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At32.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At30.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At28.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At26.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At24.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At20.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At2.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At18.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At16.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At14.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At12.job
[2012.04.01 10:28:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At10.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At9.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At7.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At5.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At47.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At45.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At43.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At41.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At39.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At37.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At35.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At33.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At31.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At3.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At29.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At27.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At25.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At23.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At19.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At17.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At15.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At13.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At11.job
[2012.04.01 10:28:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1.job
[2012.04.01 03:51:12 | 000,327,680 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012.04.01 03:37:15 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.01 03:15:47 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.04.01 03:15:47 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.03.25 12:53:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.03.09 15:16:51 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.04.02 13:19:37 | 3220,373,504 | -HS- | C] () -- C:\hiberfil.sys
[2012.04.01 10:45:00 | 000,000,112 | ---- | C] () -- C:\ProgramData\26cUQrFEp.dat
[2012.04.01 10:24:21 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At48.job
[2012.04.01 10:24:20 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At46.job
[2012.04.01 10:24:20 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At47.job
[2012.04.01 10:24:20 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At45.job
[2012.04.01 10:24:19 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At44.job
[2012.04.01 10:24:19 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At43.job
[2012.04.01 10:24:18 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At42.job
[2012.04.01 10:24:18 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At40.job
[2012.04.01 10:24:18 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At41.job
[2012.04.01 10:24:17 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At38.job
[2012.04.01 10:24:17 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At39.job
[2012.04.01 10:24:16 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At36.job
[2012.04.01 10:24:16 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At37.job
[2012.04.01 10:24:16 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At35.job
[2012.04.01 10:24:15 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At34.job
[2012.04.01 10:24:15 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At33.job
[2012.04.01 10:24:14 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At32.job
[2012.04.01 10:24:14 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At31.job
[2012.04.01 10:24:13 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At30.job
[2012.04.01 10:24:13 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At28.job
[2012.04.01 10:24:13 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At29.job
[2012.04.01 10:24:12 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At26.job
[2012.04.01 10:24:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At27.job
[2012.04.01 10:24:11 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At24.job
[2012.04.01 10:24:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At25.job
[2012.04.01 10:24:10 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At22.job
[2012.04.01 10:24:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At23.job
[2012.04.01 10:24:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At21.job
[2012.04.01 10:24:09 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At20.job
[2012.04.01 10:24:09 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At19.job
[2012.04.01 10:24:08 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At18.job
[2012.04.01 10:24:08 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At17.job
[2012.04.01 10:24:07 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At16.job
[2012.04.01 10:24:07 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At14.job
[2012.04.01 10:24:07 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At15.job
[2012.04.01 10:24:06 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At12.job
[2012.04.01 10:24:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At13.job
[2012.04.01 10:24:05 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At10.job
[2012.04.01 10:24:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At9.job
[2012.04.01 10:24:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At11.job
[2012.04.01 10:24:04 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At8.job
[2012.04.01 10:24:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At7.job
[2012.04.01 10:24:03 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At6.job
[2012.04.01 10:24:03 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At5.job
[2012.04.01 10:24:02 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At4.job
[2012.04.01 10:24:02 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At2.job
[2012.04.01 10:24:02 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At3.job
[2012.04.01 10:24:01 | 000,130,560 | ---- | C] () -- C:\Windows\Fonts\A0q88.com_
[2012.04.01 10:24:01 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1.job
[2012.04.01 03:51:18 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_trash_log.cmd
[2012.04.01 03:15:48 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.01.14 22:25:32 | 000,000,163 | ---- | C] () -- C:\Windows\MixVibes3dex.INI
[2011.12.31 14:45:45 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CBNDLL.DLL
[2011.04.04 19:07:16 | 000,012,464 | -HS- | C] () -- C:\Users\Marcus\AppData\Local\7ovc8181l54gae1uqsu15ogro
[2011.04.04 19:07:16 | 000,012,464 | -HS- | C] () -- C:\ProgramData\7ovc8181l54gae1uqsu15ogro
[2010.07.29 12:19:06 | 000,214,265 | ---- | C] () -- C:\Windows\hpwins23.dat

< End of report >

Alt 02.04.2012, 16:04   #2
markusg
/// Malware-holic
 
windows secirity sperrt computer - Standard

windows secirity sperrt computer


hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKU\S-1-5-21-2299159943-1454589314-3894887082-1004..\Run: [vasja] C:\Users\marcus2\AppData\Local\Temp\mor.exe ()
O20 - Winlogon\Notify\axcifda: DllName - (C:\Windows\system32\config\systemprofile\AppData\Local\axcifda.dll) - C:\Windows\System32\config\systemprofile\AppData\Local\axcifda.dll
()
[2012.04.01 10:24:21 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At48.job
[2012.04.01 10:24:20 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At46.job
[2012.04.01 10:24:20 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At47.job
[2012.04.01 10:24:20 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At45.job
[2012.04.01 10:24:19 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At44.job
[2012.04.01 10:24:19 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At43.job
[2012.04.01 10:24:18 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At42.job
[2012.04.01 10:24:18 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At40.job
[2012.04.01 10:24:18 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At41.job
[2012.04.01 10:24:17 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At38.job
[2012.04.01 10:24:17 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At39.job
[2012.04.01 10:24:16 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At36.job
[2012.04.01 10:24:16 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At37.job
[2012.04.01 10:24:16 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At35.job
[2012.04.01 10:24:15 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At34.job
[2012.04.01 10:24:15 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At33.job
[2012.04.01 10:24:14 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At32.job
[2012.04.01 10:24:14 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At31.job
[2012.04.01 10:24:13 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At30.job
[2012.04.01 10:24:13 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At28.job
[2012.04.01 10:24:13 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At29.job
[2012.04.01 10:24:12 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At26.job
[2012.04.01 10:24:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At27.job
[2012.04.01 10:24:11 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At24.job
[2012.04.01 10:24:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At25.job
[2012.04.01 10:24:10 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At22.job
[2012.04.01 10:24:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At23.job
[2012.04.01 10:24:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At21.job
[2012.04.01 10:24:09 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At20.job
[2012.04.01 10:24:09 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At19.job
[2012.04.01 10:24:08 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At18.job
[2012.04.01 10:24:08 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At17.job
[2012.04.01 10:24:07 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At16.job
[2012.04.01 10:24:07 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At14.job
[2012.04.01 10:24:07 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At15.job
[2012.04.01 10:24:06 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At12.job
[2012.04.01 10:24:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At13.job
[2012.04.01 10:24:05 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At10.job
[2012.04.01 10:24:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At9.job
[2012.04.01 10:24:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At11.job
[2012.04.01 10:24:04 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At8.job
[2012.04.01 10:24:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At7.job
[2012.04.01 10:24:03 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At6.job
[2012.04.01 10:24:03 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At5.job
[2012.04.01 10:24:02 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At4.job
[2012.04.01 10:24:02 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At2.job
[2012.04.01 10:24:02 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At3.job
[2012.04.01 10:24:01 | 000,130,560 | ---- | C] () -- C:\Windows\Fonts\A0q88.com_
[2012.04.01 10:24:01 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1.job
[2011.04.04 19:07:16 | 000,012,464 | -HS- | C] () -- C:\Users\Marcus\AppData\Local\7ovc8181l54gae1uqsu15ogro
[2011.04.04 19:07:16 | 000,012,464 | -HS- | C] () -- C:\ProgramData\7ovc8181l54gae1uqsu15ogro
[2010.07.29 12:19:06 | 000,214,265 | ---- | C] () -- C:\Windows\hpwins23.dat
 :Files
C:\Users\marcus2\AppData\Local\Temp\mor.exe
C:\Windows\system32\config\systemprofile\AppData\Local\axcifda.dll) - C:\Windows\System32\config\systemprofile\AppData\Local\axcifda.dll
:Commands
[Reboot]


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!



Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus



lade unhide:
http://filepony.de/download-unhide/
doppelklicken, dateien werden sichtbar
__________________

__________________
Antwort

Themen zu windows secirity sperrt computer
adobe, babylon toolbar, babylontoolbar, bho, bonjour, compare, computer, conduit, dealply, desktop, downloader, error, explorer, firefox, firewall, flash player, format, google, home, incredibar toolbar, intranet, langs, logfile, montera, nvidia, object, plug-in, realtek, registry, scan, searchscopes, security, software, sweetim, temp, version=1.0, vista, windows


« BKA-Trojaner Windows 7 (32-bit) Virus in "explorer.exe" OTL schon durchgeführt | Verwirrende Avira-Meldung -_-"? »


Ähnliche Themen: windows secirity sperrt computer


  1. Interpol Trojaner sperrt den Computer
    Log-Analyse und Auswertung - 19.11.2014 (11)
  2. Interpol-Virus sperrt Computer
    Plagegeister aller Art und deren Bekämpfung - 07.01.2014 (8)
  3. Polizei sperrt Computer (Österreich)
    Plagegeister aller Art und deren Bekämpfung - 13.09.2013 (17)
  4. Trojaner: Bundesministerium für Sicherheit sperrt ihren Computer
    Plagegeister aller Art und deren Bekämpfung - 01.04.2013 (3)
  5. GVU-Trojaner sperrt Computer nicht mehr -> PC wirklich sauber?
    Plagegeister aller Art und deren Bekämpfung - 20.02.2013 (18)
  6. bundespolizei trojaner sperrt computer hilfe
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (4)
  7. Trojaner Republik Österreich sperrt den Computer - 100€ Zahlungsforderung
    Log-Analyse und Auswertung - 06.09.2012 (5)
  8. Polizei Einheit 5.2 Trojaner sperrt Computer
    Log-Analyse und Auswertung - 04.09.2012 (5)
  9. GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv
    Log-Analyse und Auswertung - 14.08.2012 (9)
  10. Trojaner sperrt meinen Computer!
    Plagegeister aller Art und deren Bekämpfung - 10.08.2012 (13)
  11. Informationskontrolle sperrt Computer - Trojaner
    Plagegeister aller Art und deren Bekämpfung - 02.07.2012 (2)
  12. Bundespolizei sperrt Computer
    Log-Analyse und Auswertung - 22.06.2012 (1)
  13. BKA Trojaner sperrt computer 02 Juni 2012
    Plagegeister aller Art und deren Bekämpfung - 05.06.2012 (3)
  14. Windows Security Center sperrt Computer
    Log-Analyse und Auswertung - 10.02.2012 (9)
  15. Windows Security Center Trojaner sperrt Computer
    Log-Analyse und Auswertung - 07.02.2012 (17)
  16. problem mit virus, der computer sperrt und 50€ will,,,
    Log-Analyse und Auswertung - 02.02.2012 (22)
  17. Bundestrojaner sperrt meinen Computer
    Log-Analyse und Auswertung - 19.08.2011 (23)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema windows secirity sperrt computer - hier meine orl bin absoluter laie zu dem thema weis nur das ihr experten diesen orl scan braucht ich hoffe ihr helft mir weiter !!! ORL: OTL logfile created on: - windows secirity sperrt computer...
Archiv
Du betrachtest: windows secirity sperrt computer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55