Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Win32:Malware gen, Win32:Troj gen und ähnliche nach Adobe Flash Player Aktualisierung (?)

Win32:Malware gen, Win32:Troj gen und ähnliche nach Adobe Flash Player Aktualisierung (?)


Plagegeister aller Art und deren Bekämpfung: Win32:Malware gen, Win32:Troj gen und ähnliche nach Adobe Flash Player Aktualisierung (?)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 15.08.2012, 09:06   #1
kicker
 
Win32:Malware gen, Win32:Troj gen und ähnliche nach Adobe Flash Player Aktualisierung (?) - Standard

Win32:Malware gen, Win32:Troj gen und ähnliche nach Adobe Flash Player Aktualisierung (?)


Hallo zusammen

Gestern drehte mein avast Antivirus durch und meldete mir im gefühlten Sekundentakt blockierte Trojaner und Malware (Win32:Malware-gen und Win32:Troj-gen). Habe daraufhin avast einmal komplett drüberlaufen lassen und Malware Antbytes aktiviert (kp wann oder warum ich das deaktiviert hatte -.- ), mit dem Ergebnis, dass zwei Viren erkannt wurden, welche ich gelöscht habe. Damit hörte das Problem aber nicht auf, im Gegenteil, Malware meldete mir nun auch noch, dass es Zugriffe auf gefährliche Websites blockiere und nachdem ich mich ein bisschen mit google informiert hatte, habe ich mir von Kaspersky den TDSS (?)-Remover runtergeladen. Habe auch das zweimal laufen lassen mit anschließender Löschung von zwei Infektionen und danach gaben Malware und Avast Ruhe. Habe dann gestern Nacht noch einmal mit Malware den ganzen PC komplett gescannt, der noch drei Bedrohungen fand, die ich auch gelöscht habe.
PC zeigte und zeigt keinerlei Anzeichen für einen Befall, läuft sauber und genauso schnell wie immer. Adware öffnet sich auch nicht.

Will aber trotzdem auf Nummer sicher gehen, und nochmal ordentlich "durchputzen", dafür fehlt mir jedoch das nötige Know-How und hoffe, dass mich hier freundlicherweise jemand an die Hand nimmt und mir hilft



OTL logs:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 15.08.2012 09:27:11 - Run 1
OTL by OldTimer - Version 3.2.57.0     Folder = C:\Users\Paul\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 57,04% Memory free
3,46 Gb Paging File | 2,52 Gb Available in Paging File | 72,74% Paging File free
Paging file location(s): c:\pagefile.sys 3067 12000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,78 Gb Total Space | 1,49 Gb Free Space | 0,67% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,03 Gb Free Space | 60,33% Space Free | Partition Type: NTFS
 
Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.15 09:26:53 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\OTL.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.06.15 11:41:33 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\Update\realsched.exe
PRC - [2012.05.29 16:55:56 | 000,351,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
PRC - [2012.01.04 15:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
PRC - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.05.11 15:26:44 | 004,452,352 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.05.11 05:06:38 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2006.11.05 13:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Programme\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006.11.05 12:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Programme\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2007.05.11 05:08:40 | 003,076,096 | ---- | M] () -- c:\Programme\Adobe\Reader 8.0\Reader\RdLang32.DEU
MOD - [2007.05.11 04:55:44 | 000,053,248 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\Weblink.DEU
MOD - [2007.05.11 04:54:28 | 000,036,864 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\Spelling.DEU
MOD - [2007.05.11 04:54:20 | 000,026,112 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\SendMail.deu
MOD - [2007.05.11 04:54:02 | 000,053,248 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\Search.DEU
MOD - [2007.05.11 04:53:52 | 000,974,848 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\PPKLITE.DEU
MOD - [2007.05.11 04:53:32 | 000,028,672 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\SaveAsRTF.DEU
MOD - [2007.05.11 04:53:22 | 000,013,312 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\ReadOutLoud.DEU
MOD - [2007.05.11 04:52:58 | 000,159,744 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\Multimedia.DEU
MOD - [2007.05.11 04:52:54 | 000,086,016 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\makeaccessible.DEU
MOD - [2007.05.11 04:52:02 | 000,098,304 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\Escript.deu
MOD - [2007.05.11 04:52:02 | 000,006,656 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\EWH32.DEU
MOD - [2007.05.11 04:51:42 | 000,221,184 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\DigSig.DEU
MOD - [2007.05.11 04:51:38 | 001,224,704 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\Annots.DEU
MOD - [2007.05.11 04:51:24 | 000,192,512 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\Checkers.DEU
MOD - [2007.05.11 04:50:30 | 000,811,008 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\Acroform.DEU
MOD - [2007.05.11 04:50:04 | 000,077,824 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\accessibility.DEU
MOD - [2007.04.04 15:05:56 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.01.13 05:01:28 | 000,475,136 | R--- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\ccme_base.dll
MOD - [2007.01.13 05:01:28 | 000,397,312 | R--- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\cryptocme2.dll
MOD - [2006.11.05 12:58:44 | 000,516,096 | ---- | M] () -- C:\Programme\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006.11.05 12:28:18 | 004,587,520 | R--- | M] () -- C:\Programme\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2006.10.23 03:34:44 | 000,005,120 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\updater.DEU
MOD - [2006.10.23 03:33:38 | 000,012,288 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\Search5.DEU
MOD - [2006.10.23 03:33:02 | 000,008,192 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\reflow.DEU
MOD - [2006.10.23 03:32:30 | 000,011,264 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\pddom.DEU
MOD - [2006.10.23 03:31:30 | 000,013,312 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\Hls.deu
MOD - [2006.10.23 03:30:32 | 000,028,672 | ---- | M] () -- C:\Programme\Adobe\Reader 8.0\Reader\plug_ins\eBook.DEU
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.04 15:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.01.09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.05.31 11:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 11:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Paul\AppData\Local\Temp\pxldapod.sys -- (pxldapod)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\6537.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Paul\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Paul\AppData\Local\Temp\inyafakj.sys -- (inyafakj)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.10.01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011.10.01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011.10.01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011.10.01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2007.04.29 10:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007.04.04 15:05:54 | 002,313,216 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006.11.10 15:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\ATITool.sys -- (ATITool)
DRV - [2006.10.10 08:54:34 | 000,138,240 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006.10.10 08:54:32 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcj.sys -- (Nokia USB Port)
DRV - [2006.10.10 08:54:32 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006.10.10 08:54:32 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdc.sys -- (Nokia USB Generic)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DADE
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=3071221
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKCU\..\URLSearchHook: {b80f591e-fe9a-46cf-a13e-180377240586} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DADE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1456
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.14.1
FF - prefs.js..extensions.enabledItems: {97E22097-9A2F-45b1-8DAF-36AD648C7EF4}:15.0.4
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Paul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.07.09 21:21:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.06.15 11:46:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.15 11:45:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.15 11:48:21 | 000,000,000 | ---D | M]
 
[2008.11.08 21:06:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Extensions
[2012.07.27 10:46:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\v13il3tt.default\extensions
[2011.06.22 22:30:55 | 000,000,000 | ---D | M] ("Winamp Toolbar") -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\v13il3tt.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009.11.21 09:31:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\v13il3tt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.26 23:02:36 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\v13il3tt.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.06.02 00:53:33 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\v13il3tt.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.06.16 18:10:28 | 000,002,354 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\v13il3tt.default\searchplugins\aol-web-search.xml
[2011.07.27 20:19:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.08.12 01:05:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.09 21:21:16 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012.08.12 01:05:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.06.15 11:46:38 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2012.06.15 11:42:37 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2011.03.22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2008.03.15 15:56:14 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.01.01 16:58:22 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2008.02.19 16:40:48 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2006.12.03 17:59:22 | 000,000,986 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2006.11.17 13:19:24 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Programme\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.21022; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"hxxp://cc.porsche.com/icc_euro/ui/pva/application/bpModules/interior_3D.jsp;jsessionid=F9C9205408D9F59EAA745678E7F76607.icc_euro?RT=1337443640288" File not found
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Paul\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Programme\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6493CB48-7F85-46D7-AE1F-8F60556E23B4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FA9BFC4-8DE8-4444-8520-41FCAFD46533}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Paul\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Paul\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{22372fc1-9398-11dd-a7c8-001d097750a6}\Shell\AutoRun\command - "" = gjn2pjlw.exe
O33 - MountPoints2\{22372fc1-9398-11dd-a7c8-001d097750a6}\Shell\explore\Command - "" = gjn2pjlw.exe
O33 - MountPoints2\{22372fc1-9398-11dd-a7c8-001d097750a6}\Shell\open\Command - "" = gjn2pjlw.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.15 09:26:50 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Paul\Desktop\OTL.exe
[2012.08.15 08:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2012.08.15 08:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2012.08.14 23:11:27 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.08.12 01:05:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.08.12 01:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.08.04 17:13:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Unis Bewerbungen
[2010.03.26 07:48:53 | 005,115,824 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Paul\mbam-setup.exe
[2010.03.26 00:48:02 | 058,172,520 | ---- | C] (Kaspersky Lab) -- C:\Users\Paul\kav9.0.0.459DE.exe
[2010.03.26 00:38:52 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Paul\HJTInstall.exe
[2010.03.26 00:20:04 | 009,823,176 | ---- | C] (Microsoft Corporation) -- C:\Users\Paul\windows-kb890830-v3.5.exe
[2009.10.15 17:11:07 | 021,128,536 | ---- | C] (DivX, Inc.) -- C:\Users\Paul\DivXInstaller72.exe
[2009.08.27 20:20:30 | 001,875,076 | ---- | C] (Password Recovery Magic Studio Ltd.                         ) -- C:\Users\Paul\RAR-Password-Recovery-Magic.exe
[2009.07.01 14:39:57 | 077,690,152 | ---- | C] (Apple Inc.) -- C:\Users\Paul\iTunesSetup.exe
[2007.12.29 19:21:46 | 044,575,761 | ---- | C] (Phenomedia AG                                               ) -- C:\Program Files\Setup_Moorhuhn_Kart_XL.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.15 09:26:53 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\OTL.exe
[2012.08.15 09:26:16 | 000,000,000 | ---- | M] () -- C:\Users\Paul\defogger_reenable
[2012.08.15 09:08:02 | 000,087,360 | ---- | M] () -- C:\Users\Paul\Desktop\gmer.wmv
[2012.08.15 09:08:02 | 000,061,440 | ---- | M] () -- C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.15 08:59:20 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.15 08:59:20 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.15 08:59:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.15 08:40:58 | 000,278,161 | ---- | M] () -- C:\Users\Paul\Desktop\gmer1015.zip
[2012.08.15 08:30:05 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.08.14 22:36:13 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.13 16:02:58 | 000,308,402 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.13 16:02:58 | 000,210,908 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.13 16:02:58 | 000,061,620 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.13 16:02:58 | 000,038,804 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.12 01:04:15 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.09 12:55:36 | 000,002,912 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\wklnhst.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.15 09:26:16 | 000,000,000 | ---- | C] () -- C:\Users\Paul\defogger_reenable
[2012.08.15 09:08:00 | 000,087,360 | ---- | C] () -- C:\Users\Paul\Desktop\gmer.wmv
[2012.08.15 08:40:58 | 000,278,161 | ---- | C] () -- C:\Users\Paul\Desktop\gmer1015.zip
[2012.08.14 22:36:13 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.12 01:04:15 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.01.18 13:50:15 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.01.18 13:50:15 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.01.18 13:49:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.01.02 17:41:30 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.01.02 17:41:26 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2011.01.02 17:41:26 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.01.02 17:41:26 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.01.02 17:41:25 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.01.02 17:32:27 | 000,000,034 | -H-- | C] () -- C:\Windows\System32\Converter_sysquict.dat
[2010.08.25 11:15:06 | 000,221,584 | ---- | C] () -- C:\Users\Paul\controller.pdf
[2010.08.08 18:49:20 | 077,796,050 | ---- | C] () -- C:\Users\Paul\gameskeebrake.zip
[2010.07.11 10:14:25 | 003,364,153 | ---- | C] () -- C:\Users\Paul\Upside_(feat._Michelle_Breeze).mp3
[2010.06.02 01:34:57 | 057,817,611 | ---- | C] () -- C:\Users\Paul\Kano_-_Kano_Mixtape.rar
[2010.06.02 00:28:59 | 068,414,451 | ---- | C] () -- C:\Users\Paul\Kano_-_Beats_And_Bars__2005___www.beatboxradioshow.blogspot.com_.rar
[2010.06.01 23:48:36 | 056,687,361 | ---- | C] () -- C:\Users\Paul\Kano-Beats_&_Bars_(2005).zip
[2010.05.29 17:19:04 | 010,871,495 | ---- | C] () -- C:\Users\Paul\Usher_-_OMG_(Feat._Will.I.Am).mp3
[2010.05.13 12:46:05 | 006,469,101 | ---- | C] () -- C:\Users\Paul\Justin_Timberlake_-_Rock_Your_Body.mp3
[2010.05.13 12:25:33 | 003,966,046 | ---- | C] () -- C:\Users\Paul\three 6 mafia feat. tiesto, sean kingston & flo rida - feel it.mp3.mp3
[2010.05.13 12:17:21 | 007,670,478 | ---- | C] () -- C:\Users\Paul\10__Dizzee_Rascal_-_Holiday_[Ft._Chrome].mp3
[2010.05.08 19:26:30 | 007,946,244 | ---- | C] () -- C:\Users\Paul\Surkin_-_Radio_Fireworks_(Riot_In_Belgium_Second_Remix).mp3
[2010.05.08 18:56:11 | 004,235,328 | ---- | C] () -- C:\Users\Paul\Bob_Marley_Vs._Funkstar_Deluxe_-_Sun_Is_Shining.mp3
[2010.04.04 21:44:24 | 000,017,089 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\UserTile.png
[2010.03.25 23:55:29 | 004,103,298 | ---- | C] () -- C:\Users\Paul\cleanvirusmsn.zip
[2010.03.19 18:00:00 | 008,655,505 | ---- | C] () -- C:\Users\Paul\11 Pursuit Of Happiness.mp3
[2010.03.19 18:00:00 | 008,035,880 | ---- | C] () -- C:\Users\Paul\08 Back Home.mp3
[2010.03.19 18:00:00 | 005,467,521 | ---- | C] () -- C:\Users\Paul\09 Kinda Like A Big Deal (KA Freestyle).mp3
[2010.03.19 18:00:00 | 005,063,145 | ---- | C] () -- C:\Users\Paul\10 Kano In The House (Pon De Floor).mp3
[2010.03.19 17:59:59 | 007,281,464 | ---- | C] () -- C:\Users\Paul\07 Chip Roll, Sausage In Batter.mp3
[2010.03.19 17:59:58 | 009,437,088 | ---- | C] () -- C:\Users\Paul\05 Game Over.mp3
[2010.03.19 17:59:58 | 008,561,464 | ---- | C] () -- C:\Users\Paul\04 Pass Out (KA Freestyle).mp3
[2010.03.19 17:59:58 | 007,593,888 | ---- | C] () -- C:\Users\Paul\03 Track Burglar.mp3
[2010.03.19 17:59:58 | 006,496,745 | ---- | C] () -- C:\Users\Paul\06 Rude Boy.mp3
[2010.03.19 17:59:57 | 008,962,705 | ---- | C] () -- C:\Users\Paul\02 You Are Young.mp3
[2010.03.19 17:59:57 | 000,806,231 | ---- | C] () -- C:\Users\Paul\01 Intro.mp3
[2010.03.19 17:59:05 | 076,615,102 | ---- | C] () -- C:\Users\Paul\Jack Bauer- The 7 Day Edition (www.kanosworld.com).zip
[2010.02.21 14:42:23 | 001,579,618 | ---- | C] () -- C:\Users\Paul\img004.jpg
[2010.01.07 17:45:56 | 000,953,919 | ---- | C] () -- C:\Users\Paul\Apple Store - Deutschland.mht
[2010.01.07 17:45:34 | 000,190,335 | ---- | C] () -- C:\Users\Paul\Sparkasse Krefeld - Ihr persönliches Finanzportal - Ihr Auftrag.mht
[2010.01.06 02:05:19 | 001,901,794 | ---- | C] () -- C:\Users\Paul\02 chase the sun.mp3
[2010.01.06 02:00:58 | 007,686,773 | ---- | C] () -- C:\Users\Paul\Planet_Funk_-_Chase_the_Sun.mp3
[2010.01.05 17:31:36 | 006,513,216 | ---- | C] () -- C:\Users\Paul\Nikkfurie_-_The_A_La_Menthe_Extended.mp3
[2009.12.26 15:43:05 | 007,989,158 | ---- | C] () -- C:\Users\Paul\-_Akon_ft_David_Guetta_-_Sexy_Bitch.mp3
[2009.10.11 10:59:48 | 005,556,136 | ---- | C] () -- C:\Users\Paul\Plane9.exe
[2009.08.28 15:19:31 | 010,351,542 | ---- | C] () -- C:\Users\Paul\Jay-Z_-_Death_of_Autotune.mp3
[2009.08.27 20:14:21 | 003,449,769 | ---- | C] () -- C:\Users\Paul\-_Planet_Funk_-_Chase_The_Sun.rar
[2009.07.02 19:53:14 | 099,423,964 | ---- | C] () -- C:\Users\Paul\34082008.rar
[2009.07.02 16:27:56 | 006,393,388 | ---- | C] () -- C:\Users\Paul\myGamersCam_Setup.zip
[2009.06.05 13:37:36 | 015,350,784 | ---- | C] () -- C:\Users\Paul\AppleMobileDeviceSupport.msi
[2009.06.03 15:09:15 | 000,041,838 | ---- | C] () -- C:\Users\Paul\John_Brown_-_Suburban_Empire_(Hosted_By_Superstar_Jay)-2009-MIXFIEND.torrent
[2009.05.22 19:27:18 | 004,329,056 | ---- | C] () -- C:\Users\Paul\DJ_Size_feat._J._Lourenzo___Big_Steve_-_Sunglasses.mp3
[2009.05.15 16:06:32 | 005,824,446 | ---- | C] () -- C:\Users\Paul\She's Glowing (Remix).mp3
[2009.03.31 19:22:03 | 000,463,360 | ---- | C] () -- C:\Users\Paul\Magischer+Kater+3.pps
[2008.08.12 15:07:44 | 000,022,328 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\PnkBstrK.sys
[2008.01.05 18:30:08 | 000,222,269 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\NMM-MetaData.db
[2007.12.29 19:21:48 | 003,108,049 | ---- | C] () -- C:\Program Files\The Beatles - Come Together.mp3
[2007.12.29 19:21:48 | 000,086,791 | ---- | C] () -- C:\Program Files\575m_rot_front.zip
[2007.12.29 19:21:48 | 000,062,874 | ---- | C] () -- C:\Program Files\575m_blau_dreiviertelfront.zip
[2007.12.29 19:21:48 | 000,062,613 | ---- | C] () -- C:\Program Files\575m_blau_heck.zip
[2007.12.29 19:21:48 | 000,057,566 | ---- | C] () -- C:\Program Files\575m_blau_top.zip
[2007.12.29 19:21:48 | 000,053,648 | ---- | C] () -- C:\Program Files\575m_rot_seite.zip
[2007.12.29 19:21:46 | 005,316,116 | ---- | C] () -- C:\Program Files\Forsaken_Part2.zip
[2007.12.29 19:21:46 | 003,060,864 | ---- | C] () -- C:\Program Files\Infamous.mp3
[2007.12.29 19:21:46 | 002,927,388 | ---- | C] () -- C:\Program Files\Infamous.zip
[2007.12.28 23:01:19 | 000,002,912 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\wklnhst.dat
[2007.12.28 21:13:39 | 000,000,552 | ---- | C] () -- C:\Users\Paul\AppData\Local\d3d8caps.dat
[2007.12.28 20:59:41 | 000,061,440 | ---- | C] () -- C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.28 20:49:52 | 000,001,356 | ---- | C] () -- C:\Users\Paul\AppData\Local\d3d9caps.dat
 
========== LOP Check ==========
 
[2010.01.13 00:52:10 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Amazon
[2010.06.02 00:53:32 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.07.22 18:44:27 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\GetRightToGo
[2008.12.31 15:04:37 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ICQ
[2008.03.20 17:08:28 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ICQ Toolbar
[2008.03.09 15:58:36 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ICQ6
[2008.05.03 17:46:35 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\LimeWire
[2008.03.05 17:09:39 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\MAGIX
[2008.03.01 21:08:57 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Nokia
[2007.12.30 16:33:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\PC Suite
[2010.12.10 23:14:51 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\PCDr
[2010.04.04 21:44:24 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\PeerNetworking
[2009.10.11 11:02:13 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Plane9
[2007.12.28 23:19:39 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Template
[2012.03.15 01:01:59 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\TP
[2012.08.15 08:30:12 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 76 bytes -> C:\Users\Paul\Documents\My Games:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Paul\Documents\Meine empfangenen Dateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Paul\Documents\CyberLink:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Paul\Documents\Battlefield 2 Demo:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Paul\Desktop\Installationsdateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Program Files\Nokia:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Program Files\Netscape:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Program Files\Codemasters:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Program Files\City Interactive:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Program Files\Activision:Roxio EMC Stream
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >
--- --- ---



Extras:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.08.2012 09:27:12 - Run 1
OTL by OldTimer - Version 3.2.57.0     Folder = C:\Users\Paul\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 57,04% Memory free
3,46 Gb Paging File | 2,52 Gb Available in Paging File | 72,74% Paging File free
Paging file location(s): c:\pagefile.sys 3067 12000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,78 Gb Total Space | 1,49 Gb Free Space | 0,67% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,03 Gb Free Space | 60,33% Space Free | Partition Type: NTFS
 
Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OtsMedia.Surf] -- "C:\OtsLabs\OTSPLAY.EXE" "%1" /play /surf ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02091327-B124-4216-9D71-58C0E24F5392}" = Nokia PC Suite
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{04F3BF74-9E34-4D3E-93C3-D3D1F24199C8}" = PC Connectivity Solution
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}" = Splinter Cell Pandora Tomorrow
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0DE20748-45A5-6CD9-610E-F881A34E7342}" = Catalyst Control Center Localization Arabic
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{150C58DD-54ED-4697-AAA5-16F037C9F7EF}" = Kane and Lynch Dead Men Demo
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{15CC10AB-4266-210D-E2D2-03089C25A028}" = CCC Help English
"{1603C7DC-358B-97AF-B451-B2DDAC734117}" = Catalyst Control Center Localization French
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{214030BC-490D-57D4-2547-D0D4ECC851A5}" = Catalyst Control Center Localization Japanese
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25F28E36-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne Demo
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2B98E4C3-AABC-9594-3219-A6EB60006C2C}" = Catalyst Control Center Graphics Full Existing
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2C698DB8-0D99-5A27-DA3D-A3414FC5DBA7}" = Catalyst Control Center Graphics Light
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31DBBB49-CAC2-984A-64CA-A88102056E10}" = CCC Help German
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{32E2F180-247C-4077-B06A-20F9868568E0}_is1" = UltraMixer 2.2.1
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3BFFC6B8-4EC0-4240-858C-998FD4077983}" = Nokia Connectivity Cable Driver
"{3D26D137-EA12-4D31-8326-226EA0A819A9}" = Moorhuhn Kart XL
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{412FECA2-836F-3DF6-A302-924CEC5B4DE2}" = CCC Help Spanish
"{46ACAEB5-365A-74BB-D405-980EA4FE3545}" = CCC Help Japanese
"{4AAB7E8F-1C71-E364-458F-5A6797670157}" = Catalyst Control Center Graphics Full New
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{501BB464-E875-4E1E-9CF4-8C445DDAE01E}" = Tom Clancy's Splinter Cell Double Agent Demo
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = Benutzerhandbuch
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{65E6362A-B878-4A7B-86DA-D16F8DBD75C7}" = ccc-core-static
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}" = Call of Duty(R) 4 - Modern Warfare(TM) Demo
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69EA6470-D4D3-49A3-89C8-0530C416ADB9}" = Need For Speed Hot Pursuit 2 Demo
"{6DD45BD7-DB28-E59F-8239-CF6816AE1FA4}" = Skins
"{70D52D20-82A5-43CC-85C1-C994FA2EC591}" = Tom Clancy's Rainbow Six: Lockdown Demo
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C8DECD-5948-F3DB-6B38-B7AF881647A6}" = ATI Catalyst Install Manager
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76C73966-AED3-5ACB-B438-B47E9B1FB2E3}" = CCC Help Chinese Standard
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{794F49F0-2A44-EE74-62FE-22FD68953A25}" = ccc-utility
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{7CD5F286-FF0A-E638-8143-0E258E3C17E2}" = CCC Help Thai
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{98698CC8-F4C4-A0A7-F521-8547DDD1BB6B}" = Catalyst Control Center Localization Chinese Standard
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B651AD20-D522-2D6F-3AC7-A5F625FCB283}" = Catalyst Control Center Core Implementation
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{C3E2D64C-1B8E-D142-A76F-DEAC02AFF4FA}" = CCC Help Polish
"{C5145CD4-4F74-C986-F86B-F57F3995C59B}" = Catalyst Control Center Localization Arabic
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C8D524C0-FBD2-C4F0-2446-912EABA681E0}" = CCC Help Portuguese
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CAD1691A-FA24-4B95-9009-3257B8440ECC}" = Tom Clancy's Splinter Cell Double Agent
"{CCF7F09E-A1C5-7D81-437D-B2DC347CC52E}" = Catalyst Control Center Localization Spanish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEEE47BB-4AB7-9AEB-2212-ECC6D05DDC74}" = Catalyst Control Center Localization Italian
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D71B45B0-70B5-12BA-4ACF-2CEC94FE8A06}" = CCC Help Korean
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile-Gerätecenter: Treiberupdate
"{E7744050-4D6F-1280-5331-2EA048B51E94}" = Catalyst Control Center Localization Arabic
"{ECA80341-4BFB-172D-EC5D-64FD8DD41F5A}" = Catalyst Control Center Localization German
"{ECBEB9C6-CC47-70F7-E939-1E20E3BEEC8F}" = Catalyst Control Center Localization Korean
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4FA8AC4-6B6A-CAA6-8E44-FC64227CC4F7}" = CCC Help Italian
"{F6412237-45F7-B34B-0803-4D77E2D39D0C}" = Catalyst Control Center Localization Chinese Traditional
"{FD01FEBF-376F-F125-09F8-E94B04D21E77}" = CCC Help French
"{FD023F61-65E9-465C-B558-7C64EB2B97E6}" = Dell Handbuch zum Einstieg
"{FF001690-A829-9DFD-9EF6-DA285783C49C}" = CCC Help Chinese Traditional
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.5
"ASIO4ALL" = ASIO4ALL
"Aston Martin Screensaver" = Aston Martin Screensaver
"Aston Martin Vanquish V12 S Screensaver" = Aston Martin Vanquish V12 S Screensaver
"ATITool" = ATITool Overclocking Utility
"avast" = avast! Free Antivirus
"Clean Virus MSN_is1" = Clean Virus MSN
"Collab" = Collab
"Counter-Strike: Source" = Counter-Strike: Source
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Driving Speed 2_is1" = Driving Speed 2.0
"eMule" = eMule
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"FL Studio 7" = FL Studio 7
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Convert to DIVX AVI WMV MP4 MPEG Converter_is1" = Free Convert to DIVX AVI WMV MP4 MPEG Converter 5.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"IL Download Manager" = IL Download Manager
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}" = Call of Duty(R) 4 - Modern Warfare(TM) Demo
"InstallShield_{69EA6470-D4D3-49A3-89C8-0530C416ADB9}" = Need For Speed Hot Pursuit 2 Demo
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"MAGIX Music Maker 2008 Producer Edition Trial D" = MAGIX Music Maker 2008 Producer Edition Trial 13.0.1.11 (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.5)" = Mozilla Firefox (3.0.5)
"myGamersCam" = myGamersCam 1.2
"Need For Speed II SE" = Need For Speed II SE
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OpenAL" = OpenAL
"Operation Flashpoint" = Operation Flashpoint (Uninstall via Start Menu shortcut)
"Ots CD Scratch 1200" = Ots CD Scratch 1200 1.00.044
"OtsTurntables Free" = OtsTurntables Free 1.00.027
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"RAR Password Recovery Magic_is1" = RAR Password Recovery Magic v6.1.1.111
"RealPlayer 15.0" = RealPlayer
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"StationRipper" = StationRipper 2.87
"SystemRequirementsLab" = System Requirements Lab
"TmNationsForever_is1" = TmNationsForever
"tt2_demo_is1" = Terrorist Takedown 2 DEMO (1.01)
"Uninstall_is1" = Uninstall 1.0.0.1
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinRAR archiver" = WinRAR
"XTTB00001.XTTB00001Toolbar" = ICQ Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
"Winamp Toolbar" = Winamp Toolbar
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11.08.2012 19:26:15 | Computer Name = Paul-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 12.08.2012 05:45:15 | Computer Name = Paul-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 12.08.2012 10:41:27 | Computer Name = Paul-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 13.08.2012 14:52:04 | Computer Name = Paul-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 14.08.2012 06:18:52 | Computer Name = Paul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16447, Zeitstempel
 0x4fc9cd53, fehlerhaftes Modul aswWebRepIE.dll, Version 7.0.1456.418, Zeitstempel
 0x4ff31b8b, Ausnahmecode 0xc0000417, Fehleroffset 0x0004d9fb,  Prozess-ID 0x16e4,
 Anwendungsstartzeit 01cd7a063332084f.
 
Error - 14.08.2012 06:25:41 | Computer Name = Paul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16447, Zeitstempel
 0x4fc9cd53, fehlerhaftes Modul aswWebRepIE.dll, Version 7.0.1456.418, Zeitstempel
 0x4ff31b8b, Ausnahmecode 0xc0000417, Fehleroffset 0x0004d9fb,  Prozess-ID 0x17bc,
 Anwendungsstartzeit 01cd7a072789ca4f.
 
Error - 14.08.2012 07:33:12 | Computer Name = Paul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung InstallFlashPlayer.exe, Version 11.0.1.152, 
Zeitstempel 0x4e7d1453, fehlerhaftes Modul InstallFlashPlayer.exe, Version 11.0.1.152,
 Zeitstempel 0x4e7d1453, Ausnahmecode 0xc0000005, Fehleroffset 0x000071ad,  Prozess-ID
 0x14d0, Anwendungsstartzeit 01cd7a1088e81eb9.
 
Error - 15.08.2012 02:50:01 | Computer Name = Paul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung gmer.exe, Version 1.0.15.14966, Zeitstempel 
0x49ccf290, fehlerhaftes Modul gmer.exe, Version 1.0.15.14966, Zeitstempel 0x49ccf290,
 Ausnahmecode 0xc0000005, Fehleroffset 0x0000c4b1,  Prozess-ID 0xbf0, Anwendungsstartzeit
 01cd7ab1f986aab0.
 
Error - 15.08.2012 03:03:46 | Computer Name = Paul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung gmer.exe, Version 1.0.15.14966, Zeitstempel 
0x49ccf290, fehlerhaftes Modul gmer.exe, Version 1.0.15.14966, Zeitstempel 0x49ccf290,
 Ausnahmecode 0xc0000005, Fehleroffset 0x0000c4b1,  Prozess-ID 0x508, Anwendungsstartzeit
 01cd7ab3ad461c40.
 
Error - 15.08.2012 03:06:50 | Computer Name = Paul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung qk4ecqzy.exe, Version 1.0.15.15641, Zeitstempel
 0x4e21f2b1, fehlerhaftes Modul qk4ecqzy.exe, Version 1.0.15.15641, Zeitstempel 
0x4e21f2b1, Ausnahmecode 0xc0000005, Fehleroffset 0x0000c676,  Prozess-ID 0x1750, 
Anwendungsstartzeit 01cd7ab43f76d2d0.
 
[ System Events ]
Error - 15.08.2012 02:46:55 | Computer Name = Paul-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 15.08.2012 um 08:45:06 unerwartet heruntergefahren.
 
Error - 15.08.2012 02:46:43 | Computer Name = Paul-PC | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
 fehlgeschlagen. Stellen  Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
 vorhanden ist und dass diese  groß genug ist, um den gesamten physikalischen Speicher
 abbilden zu können.
 
Error - 15.08.2012 02:47:07 | Computer Name = Paul-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description = 
 
Error - 15.08.2012 02:48:15 | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7024
Description = 
 
Error - 15.08.2012 02:48:15 | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 15.08.2012 02:58:56 | Computer Name = Paul-PC | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
 fehlgeschlagen. Stellen  Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
 vorhanden ist und dass diese  groß genug ist, um den gesamten physikalischen Speicher
 abbilden zu können.
 
Error - 15.08.2012 02:59:14 | Computer Name = Paul-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 15.08.2012 um 08:57:31 unerwartet heruntergefahren.
 
Error - 15.08.2012 02:59:06 | Computer Name = Paul-PC | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
 fehlgeschlagen. Stellen  Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
 vorhanden ist und dass diese  groß genug ist, um den gesamten physikalischen Speicher
 abbilden zu können.
 
Error - 15.08.2012 03:00:46 | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7024
Description = 
 
Error - 15.08.2012 03:00:46 | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
--- --- ---

Gmer kann ich leider nicht ausführen, der Scan bricht immer ab mit der Begründung, xyz.exe funktioniere nicht mehr.

Der Bericht vom letzten Malware Bytes Scan:

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.14.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Paul :: PAUL-PC [Administrator]

Schutz: Aktiviert

14.08.2012 23:36:28
mbam-log-2012-08-14 (23-36-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|G:\|H:\|I:\|J:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 440218
Laufzeit: 2 Stunde(n), 12 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\TDSSKiller_Quarantine\14.08.2012_23.09.55\zasubsys0000\zafs0000\tsk0001.dta (Trojan.Dropper.BCMiner) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Paul\AppData\Local\Temp\Low\msimg32.dll (Trojan.Sirefef) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Paul\AppData\Local\Temp\Low\adfm32.exe (Trojan.Sirefef) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

 

Themen zu Win32:Malware gen, Win32:Troj gen und ähnliche nach Adobe Flash Player Aktualisierung (?)
adobe, adobe flash player, adware, antivirus, avast, avast antivirus, befall, bytes, ergebnis, erkannt, flash player, gelöscht, gen, google, intranet, kaspersky, malware, malware bytes, plug-in, problem, schnell, sekunden, tables, tdss, trojaner, viren, warum, websites, win, win32, öffnet


« GVU Trojaner PC startet immer, ohne Zugriffsmöglichkeit | Probleme beim Öffnen verschiendener Internetseiten »


Ähnliche Themen: Win32:Malware gen, Win32:Troj gen und ähnliche nach Adobe Flash Player Aktualisierung (?)


  1. Adobe Flash Player
    Log-Analyse und Auswertung - 21.11.2015 (28)
  2. Adobe Flash-Player funktioniert nicht
    Alles rund um Windows - 26.10.2015 (0)
  3. Bei Installation Adobe Flash Player Virus eingefangen...
    Log-Analyse und Auswertung - 12.04.2015 (34)
  4. Adobe Flash Player Aktualisierung Virus
    Plagegeister aller Art und deren Bekämpfung - 08.12.2014 (2)
  5. Problem mit dem Update von Adobe Flash Player
    Log-Analyse und Auswertung - 27.01.2014 (1)
  6. Trojaner nach Adobe Flash Player Update
    Log-Analyse und Auswertung - 24.01.2014 (11)
  7. Adobe Flash Player, Clickjacking
    Diskussionsforum - 13.09.2013 (8)
  8. Windows 7: Adobe Flash Player - ZeroAccess
    Log-Analyse und Auswertung - 08.09.2013 (21)
  9. Das runterladen von Adobe flash player und alles was mit adobe zu tun hat , geht nicht runterzuladen. installation bricht immer ab. vielleic
    Plagegeister aller Art und deren Bekämpfung - 04.09.2013 (11)
  10. Adobe dichtet Flash Player, Shockwave und ColdFusion ab
    Nachrichten - 10.07.2013 (0)
  11. große probleme mit adobe flash player
    Plagegeister aller Art und deren Bekämpfung - 16.03.2013 (2)
  12. Virus Benutzerkontensteurung Adobe Flash Player
    Plagegeister aller Art und deren Bekämpfung - 02.01.2013 (1)
  13. adobe flash player update Trojaner, FP_AX_CAB_INSTALLER.DMP
    Plagegeister aller Art und deren Bekämpfung - 31.10.2012 (13)
  14. Sicherheitswarnung von Adobe Flash Player
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (24)
  15. Adobe Flash Player funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 23.09.2012 (33)
  16. Avast meldet Trojaner nach Adobe Flash Player Update
    Plagegeister aller Art und deren Bekämpfung - 15.05.2012 (4)
  17. Updates für Flash Player und Adobe Reader
    Nachrichten - 22.03.2011 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Win32:Malware gen, Win32:Troj gen und ähnliche nach Adobe Flash Player Aktualisierung (?) - Hallo zusammen Gestern drehte mein avast Antivirus durch und meldete mir im gefühlten Sekundentakt blockierte Trojaner und Malware (Win32:Malware-gen und Win32:Troj-gen). Habe daraufhin avast einmal komplett drüberlaufen lassen und Malware - Win32:Malware gen, Win32:Troj gen und ähnliche nach Adobe Flash Player Aktualisierung (?)...
Archiv
Du betrachtest: Win32:Malware gen, Win32:Troj gen und ähnliche nach Adobe Flash Player Aktualisierung (?) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131