Ihr Computer wurde gesperrt - Bundespolizei

:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox 
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local 
FF - prefs.js..browser.search.defaultthis.engineName: "InnoGames Customized Web Search" 
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=3&q={searchTerms}" 
FF - prefs.js..browser.search.useDBForOrder: true 
FF - prefs.js..browser.startup.homepage: "http://web.de/" 
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&q=" 
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" 
FF - prefs.js..network.proxy.backup.ftp_port: 4001 
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" 
FF - prefs.js..network.proxy.backup.socks_port: 4001 
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" 
FF - prefs.js..network.proxy.backup.ssl_port: 4001 
FF - prefs.js..network.proxy.ftp: "127.0.0.1" 
FF - prefs.js..network.proxy.ftp_port: 4001 
FF - prefs.js..network.proxy.http: "127.0.0.1" 
FF - prefs.js..network.proxy.http_port: 4001 
FF - prefs.js..network.proxy.share_proxy_settings: true 
FF - prefs.js..network.proxy.socks: "127.0.0.1" 
FF - prefs.js..network.proxy.socks_port: 4001 
FF - prefs.js..network.proxy.ssl: "127.0.0.1" 
FF - prefs.js..network.proxy.ssl_port: 4001 
FF - prefs.js..network.proxy.type: 0 
FF - user.js - File not found 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O4 - HKLM..\Run: [] File not found 
O4 - HKCU..\Run: [zavsagldfzmbxnj] C:\ProgramData\zavsagld.exe () 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) 
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) 
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O32 - HKLM CDRom: AutoRun - 1 
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] 
O33 - MountPoints2\{a80213ec-bb90-11e0-ba5f-bcaec541d004}\Shell - "" = AutoRun 
O33 - MountPoints2\{a80213ec-bb90-11e0-ba5f-bcaec541d004}\Shell\AutoRun\command - "" = F:\autorun.exe 
 
[2012.08.18 23:29:46 | 000,000,000 | ---D | C] -- C:\ProgramData\qnluopfrfkhsefg 

[2012.08.18 23:29:47 | 000,000,051 | ---- | M] () -- C:\ProgramData\njfxbyhejxmllqw 
[2012.08.18 23:29:29 | 000,057,344 | ---- | M] () -- C:\ProgramData\zavsagld.exe 
[2012.08.18 23:29:29 | 000,057,344 | ---- | M] () -- C:\Users\S\0.48882446010349323.exe 

@Alternate Data Stream - 155 bytes -> C:\ProgramData\Temp:AB689DEA 
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:A724744F 
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:9E22BBE8 

:Files


ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]