Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Bka virus windows 7

Bka virus windows 7


Log-Analyse und Auswertung: Bka virus windows 7

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 01.10.2012, 17:23   #1
JimmyRainer
 
Bka virus windows 7 - Standard

Bka virus windows 7


guten tag mein laptop wurde von dem bka virus heimgesucht nun kann ich den rechner nicht mehr hoch fahren hier die daten die otlpe ausgespuckt hat


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 10/2/2012 1:49:48 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium  (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 74.29 Mb Free Space | 74.29% Space Free | Partition Type: NTFS
Drive D: | 160.88 Gb Total Space | 59.63 Gb Free Space | 37.06% Space Free | Partition Type: NTFS
Drive E: | 290.78 Gb Total Space | 278.44 Gb Free Space | 95.75% Space Free | Partition Type: NTFS
Drive F: | 14.92 Gb Total Space | 14.92 Gb Free Space | 99.99% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/06/15 06:51:56 | 000,822,304 | ---- | M] (Acer Incorporated) [Auto] -- D:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/04/20 19:34:40 | 000,202,752 | ---- | M] (AMD) [Auto] -- D:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto] -- D:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/11/02 07:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand] -- D:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/24 14:43:35 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/07 21:38:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/13 07:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto] -- D:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/17 13:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand] -- D:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/11/21 05:49:24 | 000,247,608 | ---- | M] () [Auto] -- D:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010/09/30 09:00:28 | 000,253,264 | ---- | M] () [Auto] -- D:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010/08/10 05:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto] -- D:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/07/29 08:16:12 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto] -- D:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/07/01 00:10:26 | 002,533,400 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/07/01 00:10:22 | 000,325,656 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/06/28 18:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto] -- D:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/05/26 22:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand] -- D:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto] -- D:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/03/06 19:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System] -- D:\Windows\System32\Drivers\aswrdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/06 19:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto] -- D:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/02/15 18:24:40 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2012/02/15 18:24:38 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2010/11/17 08:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/29 08:16:30 | 000,270,496 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/07/29 08:16:28 | 000,295,072 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010/07/29 08:16:28 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010/07/29 08:16:28 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010/07/29 08:16:28 | 000,051,872 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010/07/29 08:16:28 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010/07/29 08:16:28 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010/07/15 17:57:34 | 002,350,952 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/06/24 22:33:36 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/06/05 10:27:58 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/05/05 17:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/20 21:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/20 18:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/02/10 03:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/02 07:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto] -- D:\Windows\System32\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/29 14:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2009/10/29 14:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2009/10/29 14:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2009/10/29 14:28:24 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2009/09/17 00:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/02 22:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 22:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System] -- D:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 22:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/26 09:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand] -- D:\Windows\system32\drivers\AmUStor.SYS -- (AmUStor)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.funmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuzytBzy0F0F0AzytB0E0DzyzyyD0D0A0DtN0D0Tzu0CtCzyzytN1L2XzutBtFtCtFtDtFtAtDtC&cr=1525869463
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
IE - HKU\Viktor_ON_D\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_0&u=443F8AC41D7AC23FF253DE4F88C4F014
IE - HKU\Viktor_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKU\Viktor_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=115307&tt=280812_2004_3512_6&babsrc=HP_ss&mntrId=e4dc5dad000000000000929ffa92ed99
IE - HKU\Viktor_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..backup.old.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..backup.old.browser.search.selectedEngine: "WiseConvert Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT3230028&SearchSource=13"
FF - prefs.js..browser.search.defaultthis.engineName: "WiseConvert Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "WiseConvert Customized Web Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=161&systemid=406&sr=0&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF64_11_4_402_278.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: D:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011/01/13 12:54:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/01/13 12:54:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/01/13 12:54:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/29 05:02:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 21:38:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/07 21:38:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\Viktor\AppData\Roaming\14001.018 [2012/08/27 06:02:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 21:38:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/07 21:38:38 | 000,000,000 | ---D | M]
 
[2012/07/17 15:38:27 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Extensions
[2012/08/29 04:58:16 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions
[2012/03/28 21:15:34 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012/07/17 15:38:26 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012/07/16 16:36:11 | 000,000,000 | ---D | M] (WiseConvert Community Toolbar) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}
[2012/07/17 15:33:16 | 000,000,000 | ---D | M] (Browser Companion Helper) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\bbrs_002@blabbers.com
[2012/07/17 15:35:25 | 000,000,000 | ---D | M] (Funmoods.com) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\ffxtlbr@funmoods.com
[2012/07/20 21:23:16 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/08/29 04:58:16 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\staged
[2012/08/29 05:45:35 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\yjqczl3w.Standard-Benutzer\extensions
[2012/08/29 05:45:35 | 000,000,000 | ---D | M] (Babylon) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\yjqczl3w.Standard-Benutzer\extensions\ffxtlbr@babylon.com
[2012/06/29 21:35:31 | 000,000,853 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\11-suche.xml
[2012/07/16 03:12:42 | 000,000,925 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\conduit.xml
[2012/06/29 21:35:31 | 000,002,209 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\englische-ergebnisse.xml
[2012/06/29 21:35:31 | 000,010,506 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\gmx-suche.xml
[2012/07/17 12:48:46 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-1.xml
[2011/11/13 19:04:09 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-10.xml
[2011/12/05 18:02:55 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-11.xml
[2012/01/27 07:02:51 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-12.xml
[2012/01/31 10:26:04 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-13.xml
[2012/02/13 06:21:08 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-14.xml
[2012/02/18 12:16:53 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-15.xml
[2012/02/24 08:10:57 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-16.xml
[2012/04/13 20:31:44 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-17.xml
[2012/06/18 08:48:54 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-18.xml
[2012/07/17 15:35:32 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-19.xml
[2011/07/20 19:03:41 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-2.xml
[2012/07/21 08:22:24 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-20.xml
[2011/08/19 06:27:49 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-3.xml
[2011/08/31 16:49:36 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-4.xml
[2011/09/06 18:55:38 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-5.xml
[2011/09/08 05:37:57 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-6.xml
[2011/10/01 09:04:12 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-7.xml
[2011/10/23 07:55:44 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-8.xml
[2011/11/11 07:47:18 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-9.xml
[2011/07/09 17:09:25 | 000,001,056 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin.xml
[2012/06/29 21:35:31 | 000,002,368 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\lastminute.xml
[2012/07/17 15:35:33 | 000,002,339 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\Search.xml
[2012/07/17 15:38:24 | 000,002,519 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\Search_Results.xml
[2012/06/29 21:35:31 | 000,005,489 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\webde-suche.xml
[2012/09/07 21:38:37 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/07 21:38:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- D:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/07 21:38:36 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2012/09/07 21:38:36 | 000,000,000 | ---D | M] (Anti-Banner) -- D:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
[2012/09/07 21:38:36 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- D:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
File not found (No name found) -- 
[2012/07/17 15:38:27 | 000,000,000 | ---D | M] (DataMngr) -- D:\PROGRAM FILES (X86)\SEARCHQU TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2012/07/23 07:21:40 | 000,000,000 | ---D | M] (Java Link Helper) -- D:\USERS\VIKTOR\APPDATA\ROAMING\14001.003
File not found (No name found) -- D:\USERS\VIKTOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PJQ5X742.DEFAULT\EXTENSIONS\{87934C42-161D-45BC-8CEF-EF18ABE2A30C}
() (No name found) -- D:\USERS\VIKTOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PJQ5X742.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI
[2012/09/07 21:38:40 | 000,266,720 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/19 20:07:54 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/07/20 21:22:56 | 000,000,616 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
[2012/07/13 20:45:08 | 000,001,392 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/29 04:58:12 | 000,002,361 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/08/31 05:50:11 | 000,002,465 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/07/13 20:45:08 | 000,001,153 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/07/13 20:45:08 | 000,006,805 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/07/17 15:38:24 | 000,002,519 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012/07/13 20:45:08 | 000,001,178 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/07/13 20:45:07 | 000,001,105 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - D:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - D:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - D:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - D:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - D:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - D:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - D:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - D:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\Viktor_ON_D\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4 - HKLM..\Run: [avast] D:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DATAMNGR] D:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [jICc7n9BYxBTRVw] D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe ()
O4 - HKLM..\Run: [LManager] D:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Viktor_ON_D..\Run: [jICc7n9BYxBTRVw] D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe ()
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - Startup: D:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\Viktor_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Viktor_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Viktor_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O18:64bit: - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (C:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe) - D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe ()
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Viktor_ON_D Winlogon: Shell - (C:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe) - D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/10/01 23:55:58 | 000,000,000 | ---D | C] -- D:\_OTL
[2012/09/30 09:15:12 | 000,000,000 | ---D | C] -- D:\Users\Viktor\AppData\Roaming\Roaming
[2012/09/24 14:21:31 | 000,000,000 | ---D | C] -- D:\Users\Viktor\AppData\Local\Macromedia
[2012/09/24 14:15:08 | 000,696,240 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/22 16:27:21 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012/09/22 06:10:04 | 000,736,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2012/09/22 06:10:03 | 000,627,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2012/09/22 06:09:55 | 000,247,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2012/09/22 06:09:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2012/09/22 06:09:54 | 000,256,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2012/09/22 06:09:54 | 000,185,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2012/09/22 06:09:54 | 000,097,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2012/09/22 06:09:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2012/09/22 06:09:53 | 000,057,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2012/09/22 06:09:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2012/09/22 06:09:51 | 000,482,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2012/09/22 06:09:51 | 000,386,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2012/09/22 06:09:51 | 000,134,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2012/09/22 06:09:51 | 000,132,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2012/09/22 06:09:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2012/09/22 06:09:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2012/09/12 15:34:07 | 000,574,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2012/09/12 15:34:07 | 000,490,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10level9.dll
[2012/09/07 21:38:36 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Firefox
[3 D:\Users\Viktor\AppData\Roaming\*.tmp files -> D:\Users\Viktor\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/10/01 17:59:48 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012/10/01 17:59:29 | 000,001,106 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/01 17:59:19 | 000,065,536 | ---- | M] () -- D:\Windows\System32\Ikeext.etl
[2012/10/01 17:58:42 | 2960,510,976 | -HS- | M] () -- D:\hiberfil.sys
[2012/10/01 13:15:08 | 000,009,696 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 13:15:08 | 000,009,696 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 13:12:38 | 000,654,400 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2012/10/01 13:12:38 | 000,616,242 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012/10/01 13:12:38 | 000,130,240 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2012/10/01 13:12:38 | 000,106,622 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2012/09/30 19:55:05 | 000,001,110 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/30 19:49:31 | 000,003,416 | ---- | M] () -- D:\bootsqm.dat
[2012/09/30 19:26:54 | 182,962,506 | ---- | M] () -- D:\Windows\MEMORY.DMP
[2012/09/30 12:43:00 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/30 09:15:05 | 000,206,336 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe
[2012/09/29 20:56:54 | 000,002,378 | ---- | M] () -- D:\Users\Public\Desktop\Google Chrome.lnk
[2012/09/24 14:43:34 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/24 14:43:34 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/23 15:41:23 | 000,120,249 | ---- | M] () -- D:\Users\Viktor\Desktop\229945_399044770152906_724560029_n.jpg
[2012/09/23 11:31:21 | 000,083,829 | ---- | M] () -- D:\Users\Viktor\Desktop\264109_465157953517111_1683313455_n.jpg
[2012/09/23 06:11:27 | 000,056,465 | ---- | M] () -- D:\Users\Viktor\Desktop\383466_517961104885261_816712024_n.jpg
[2012/09/22 17:06:37 | 000,000,993 | ---- | M] () -- D:\Users\Public\Desktop\World of Warcraft.lnk
[2012/09/22 17:06:27 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012/09/19 16:01:08 | 001,380,267 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084501113.jpg
[2012/09/19 16:00:08 | 001,191,189 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084478128.jpg
[2012/09/19 15:59:00 | 001,307,060 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084442066.jpg
[2012/09/19 15:58:04 | 001,274,416 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084440886.jpg
[2012/09/19 15:57:03 | 001,393,423 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084154160.jpg
[2012/09/19 15:56:19 | 001,133,678 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084151708.jpg
[2012/09/19 15:55:26 | 001,378,811 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084150564.jpg
[2012/09/19 15:54:27 | 001,122,308 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084149300.jpg
[2012/09/19 15:50:42 | 001,418,448 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084118265.jpg
[2012/09/19 15:49:48 | 000,816,933 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084104657.jpg
[2012/09/19 14:45:22 | 000,811,096 | ---- | M] () -- D:\Users\Viktor\Desktop\1348079312082.jpg
[3 D:\Users\Viktor\AppData\Roaming\*.tmp files -> D:\Users\Viktor\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/09/30 19:49:31 | 000,003,416 | ---- | C] () -- D:\bootsqm.dat
[2012/09/30 09:15:10 | 000,206,336 | ---- | C] () -- D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe
[2012/09/24 14:15:08 | 000,000,884 | ---- | C] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/23 15:41:22 | 000,120,249 | ---- | C] () -- D:\Users\Viktor\Desktop\229945_399044770152906_724560029_n.jpg
[2012/09/23 11:29:44 | 000,083,829 | ---- | C] () -- D:\Users\Viktor\Desktop\264109_465157953517111_1683313455_n.jpg
[2012/09/23 06:11:27 | 000,056,465 | ---- | C] () -- D:\Users\Viktor\Desktop\383466_517961104885261_816712024_n.jpg
[2012/09/22 16:27:21 | 000,000,993 | ---- | C] () -- D:\Users\Public\Desktop\World of Warcraft.lnk
[2012/09/19 16:01:08 | 001,380,267 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084501113.jpg
[2012/09/19 16:00:00 | 001,191,189 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084478128.jpg
[2012/09/19 15:58:47 | 001,307,060 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084442066.jpg
[2012/09/19 15:57:47 | 001,274,416 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084440886.jpg
[2012/09/19 15:56:58 | 001,393,423 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084154160.jpg
[2012/09/19 15:56:11 | 001,133,678 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084151708.jpg
[2012/09/19 15:55:18 | 001,378,811 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084150564.jpg
[2012/09/19 15:54:17 | 001,122,308 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084149300.jpg
[2012/09/19 15:50:24 | 001,418,448 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084118265.jpg
[2012/09/19 15:49:41 | 000,816,933 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084104657.jpg
[2012/09/19 14:45:17 | 000,811,096 | ---- | C] () -- D:\Users\Viktor\Desktop\1348079312082.jpg
[2012/08/28 18:19:34 | 000,065,536 | ---- | C] () -- D:\Users\Viktor\AppData\Roaming\pjq5x742.default.dat
[2012/08/27 02:16:33 | 000,000,017 | ---- | C] () -- D:\Users\Viktor\AppData\Roaming\blckdom.res
[2012/07/23 08:50:30 | 000,000,025 | ---- | C] () -- D:\Users\Viktor\AppData\Roaming\urhtps.dat
[2012/07/17 15:33:11 | 000,384,844 | ---- | C] () -- D:\Users\Viktor\AppData\Local\funmoods-speeddial.crx
[2012/07/17 15:33:11 | 000,031,465 | ---- | C] () -- D:\Users\Viktor\AppData\Local\funmoods.crx
[2011/06/14 05:36:39 | 000,000,064 | ---- | C] () -- D:\Windows\SysWow64\rp_stats.dat
[2011/06/14 05:36:39 | 000,000,044 | ---- | C] () -- D:\Windows\SysWow64\rp_rules.dat
[2011/04/13 15:59:14 | 000,059,904 | ---- | C] () -- D:\Windows\SysWow64\OVDecode.dll
[2011/02/15 12:52:16 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat
[2011/01/13 12:41:19 | 000,000,000 | ---- | C] () -- D:\Windows\ativpsrm.bin
[2011/01/13 12:37:22 | 000,002,093 | ---- | C] () -- D:\Windows\SysWow64\atipblup.dat
[2010/09/08 04:17:26 | 000,870,560 | ---- | C] () -- D:\Windows\SysWow64\igkrng575.bin
[2010/09/08 04:17:26 | 000,208,896 | ---- | C] () -- D:\Windows\SysWow64\iglhsip32.dll
[2010/09/08 04:17:26 | 000,143,360 | ---- | C] () -- D:\Windows\SysWow64\iglhcp32.dll
[2010/09/08 04:17:26 | 000,104,636 | ---- | C] () -- D:\Windows\SysWow64\igfcg575m.bin
[2010/09/08 04:17:25 | 000,127,868 | ---- | C] () -- D:\Windows\SysWow64\igcompkrng575.bin
[2010/09/08 04:17:24 | 000,002,093 | ---- | C] () -- D:\Windows\SysWow64\atipblag.dat
[2010/09/08 03:41:35 | 000,131,984 | ---- | C] () -- D:\ProgramData\FullRemove.exe
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2010/09/08 03:52:37 | 000,000,000 | ---D | M] -- D:\ProgramData\Acer
[2010/09/08 03:34:08 | 000,000,000 | ---D | M] -- D:\ProgramData\AmUStor
[2011/02/12 18:24:14 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2011/02/14 18:56:11 | 000,000,000 | ---D | M] -- D:\ProgramData\ashampoo
[2012/08/29 05:01:50 | 000,000,000 | ---D | M] -- D:\ProgramData\AVAST Software
[2012/08/29 04:58:08 | 000,000,000 | ---D | M] -- D:\ProgramData\Babylon
[2010/09/08 04:04:17 | 000,000,000 | ---D | M] -- D:\ProgramData\BackupManager
[2012/06/20 08:45:37 | 000,000,000 | ---D | M] -- D:\ProgramData\Battle.net
[2012/07/20 21:28:12 | 000,000,000 | ---D | M] -- D:\ProgramData\boost_interprocess
[2012/05/31 11:28:27 | 000,000,000 | -H-D | M] -- D:\ProgramData\CanonBJ
[2011/02/14 19:10:19 | 000,000,000 | ---D | M] -- D:\ProgramData\createpart
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2011/02/12 18:24:14 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2011/01/13 12:42:32 | 000,000,000 | ---D | M] -- D:\ProgramData\EgisTec IPS
[2010/09/08 03:39:41 | 000,000,000 | ---D | M] -- D:\ProgramData\eSobi
[2011/02/14 19:09:58 | 000,000,000 | ---D | M] -- D:\ProgramData\explauncher
[2011/02/12 18:24:14 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2012/06/07 17:05:13 | 000,000,000 | ---D | M] -- D:\ProgramData\Friends Games
[2012/07/24 14:18:25 | 000,000,000 | ---D | M] -- D:\ProgramData\GFI Software
[2011/05/12 13:35:47 | 000,000,000 | ---D | M] -- D:\ProgramData\ICQ
[2011/02/14 19:09:55 | 000,000,000 | ---D | M] -- D:\ProgramData\launcher
[2010/09/08 03:48:10 | 000,000,000 | ---D | M] -- D:\ProgramData\OberonGameConsole
[2011/02/12 11:26:58 | 000,000,000 | ---D | M] -- D:\ProgramData\oem
[2012/06/08 04:13:07 | 000,000,000 | ---D | M] -- D:\ProgramData\Sandlot Games
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2011/02/12 18:24:14 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2012/08/06 05:12:47 | 000,000,000 | ---D | M] -- D:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2012/06/20 10:20:35 | 000,000,000 | ---D | M] -- D:\ProgramData\TuneUp Software
[2011/02/12 18:24:14 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2011/02/14 18:40:07 | 000,000,000 | -HSD | M] -- D:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2012/08/01 03:32:34 | 000,032,640 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\Auto4.bmp:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\Auto3.bmp:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\Auto2.bmp:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\Auto1.bmp:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 144 bytes -> D:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 143 bytes -> D:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 143 bytes -> D:\ProgramData\Temp:93EB7685
@Alternate Data Stream - 135 bytes -> D:\ProgramData\Temp:E36F5B57
@Alternate Data Stream - 129 bytes -> D:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 127 bytes -> D:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 119 bytes -> D:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 118 bytes -> D:\ProgramData\Temp:798A3728
< End of report >
--- --- ---
 

Themen zu Bka virus windows 7
adobe, antivirus, autorun, avast, babylon toolbar, babylontoolbar, bandoo, bho, defender, device driver, error, firefox, flash player, format, helper, home, homepage, igdpmd64.sys, launch, logfile, mozilla, mywinlocker, object, plug-in, port, registry, scan, security, services.exe, software, usb, virus, windows


« Online cyber police trojaner! | CPU-Auslastung zu hoch »


Ähnliche Themen: Bka virus windows 7


  1. Windows XP: BKA Virus
    Plagegeister aller Art und deren Bekämpfung - 07.02.2015 (13)
  2. Zombie News Virus / Windows Version Installer - Windows 7
    Log-Analyse und Auswertung - 21.12.2014 (1)
  3. Alter laptop Windows vista sp2 32bit: (vermutlich)virus blockt Windows services und einige Internet verbindungen
    Log-Analyse und Auswertung - 04.11.2014 (3)
  4. Windows 7: Avira meldet Boo/ cidox.b virus und Windows ist nicht mehr aktiviert
    Log-Analyse und Auswertung - 20.10.2014 (15)
  5. Windows 8, Windows PC-Repair Virus und wohl noch andere
    Log-Analyse und Auswertung - 07.05.2014 (27)
  6. Windows 7 Meldung Win32/Small-CA Virus entfernen, AntiVir findet nichts, Windows Update und Defender funktionieren nicht mehr
    Log-Analyse und Auswertung - 20.11.2013 (15)
  7. Windows 7: Pup Virus
    Log-Analyse und Auswertung - 17.08.2013 (13)
  8. GUV Virus Windows XP
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (3)
  9. Windows XP Home und Windows Update Virus
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (5)
  10. GVU 2.07 Virus, Windows 7 - 64 Bit
    Log-Analyse und Auswertung - 22.07.2012 (1)
  11. GVU Virus 2.07 auf Windows 7 - 64 Bit
    Log-Analyse und Auswertung - 21.07.2012 (8)
  12. Windows 7 (64bit) Virus/Trojaner (evtl. Windows Verschlüsselungs Trojaner)
    Plagegeister aller Art und deren Bekämpfung - 07.05.2012 (19)
  13. Windows System blockiert - Virus Windows Vista
    Log-Analyse und Auswertung - 17.02.2012 (13)
  14. Windows gesperrt - Virus Windows Vista
    Log-Analyse und Auswertung - 15.02.2012 (37)
  15. C:\WINDOWS\system32\IE.exe möglicherweise unbekannter Virus NewHeur_PE Virus
    Plagegeister aller Art und deren Bekämpfung - 10.12.2010 (19)
  16. Windows Update und Windows Gadgets durch Virus blockiert
    Plagegeister aller Art und deren Bekämpfung - 01.10.2010 (19)
  17. Windows Update und Windows Gadgets durch Virus blockiert
    Mülltonne - 16.09.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bka virus windows 7 - guten tag mein laptop wurde von dem bka virus heimgesucht nun kann ich den rechner nicht mehr hoch fahren hier die daten die otlpe ausgespuckt hat OTL Logfile: Code: Alles - Bka virus windows 7...
Archiv
Du betrachtest: Bka virus windows 7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19