Bka virus windows 7

JimmyRainer · 01.10.2012, 17:23

guten tag mein laptop wurde von dem bka virus heimgesucht nun kann ich den rechner nicht mehr hoch fahren hier die daten die otlpe ausgespuckt hat

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 10/2/2012 1:49:48 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium  (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 74.29 Mb Free Space | 74.29% Space Free | Partition Type: NTFS
Drive D: | 160.88 Gb Total Space | 59.63 Gb Free Space | 37.06% Space Free | Partition Type: NTFS
Drive E: | 290.78 Gb Total Space | 278.44 Gb Free Space | 95.75% Space Free | Partition Type: NTFS
Drive F: | 14.92 Gb Total Space | 14.92 Gb Free Space | 99.99% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/06/15 06:51:56 | 000,822,304 | ---- | M] (Acer Incorporated) [Auto] -- D:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/04/20 19:34:40 | 000,202,752 | ---- | M] (AMD) [Auto] -- D:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto] -- D:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/11/02 07:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand] -- D:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/24 14:43:35 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/07 21:38:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/13 07:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto] -- D:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/17 13:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand] -- D:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/11/21 05:49:24 | 000,247,608 | ---- | M] () [Auto] -- D:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010/09/30 09:00:28 | 000,253,264 | ---- | M] () [Auto] -- D:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010/08/10 05:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto] -- D:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/07/29 08:16:12 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto] -- D:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/07/01 00:10:26 | 002,533,400 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/07/01 00:10:22 | 000,325,656 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/06/28 18:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto] -- D:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/05/26 22:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand] -- D:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto] -- D:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/03/06 19:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System] -- D:\Windows\System32\Drivers\aswrdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/06 19:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto] -- D:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/02/15 18:24:40 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2012/02/15 18:24:38 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2010/11/17 08:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/29 08:16:30 | 000,270,496 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/07/29 08:16:28 | 000,295,072 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010/07/29 08:16:28 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010/07/29 08:16:28 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010/07/29 08:16:28 | 000,051,872 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010/07/29 08:16:28 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010/07/29 08:16:28 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand] -- D:\Windows\System32\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010/07/15 17:57:34 | 002,350,952 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/06/24 22:33:36 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/06/05 10:27:58 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/05/05 17:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/20 21:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/20 18:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/02/10 03:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/02 07:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto] -- D:\Windows\System32\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/29 14:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2009/10/29 14:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2009/10/29 14:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2009/10/29 14:28:24 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2009/09/17 00:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/02 22:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 22:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System] -- D:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 22:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/26 09:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand] -- D:\Windows\system32\drivers\AmUStor.SYS -- (AmUStor)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.funmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuzytBzy0F0F0AzytB0E0DzyzyyD0D0A0DtN0D0Tzu0CtCzyzytN1L2XzutBtFtCtFtDtFtAtDtC&cr=1525869463
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
IE - HKU\Viktor_ON_D\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_0&u=443F8AC41D7AC23FF253DE4F88C4F014
IE - HKU\Viktor_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKU\Viktor_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=115307&tt=280812_2004_3512_6&babsrc=HP_ss&mntrId=e4dc5dad000000000000929ffa92ed99
IE - HKU\Viktor_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..backup.old.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..backup.old.browser.search.selectedEngine: "WiseConvert Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT3230028&SearchSource=13"
FF - prefs.js..browser.search.defaultthis.engineName: "WiseConvert Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "WiseConvert Customized Web Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=161&systemid=406&sr=0&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF64_11_4_402_278.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: D:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011/01/13 12:54:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/01/13 12:54:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/01/13 12:54:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/29 05:02:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 21:38:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/07 21:38:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\Viktor\AppData\Roaming\14001.018 [2012/08/27 06:02:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 21:38:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/07 21:38:38 | 000,000,000 | ---D | M]
 
[2012/07/17 15:38:27 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Extensions
[2012/08/29 04:58:16 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions
[2012/03/28 21:15:34 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012/07/17 15:38:26 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012/07/16 16:36:11 | 000,000,000 | ---D | M] (WiseConvert Community Toolbar) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}
[2012/07/17 15:33:16 | 000,000,000 | ---D | M] (Browser Companion Helper) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\bbrs_002@blabbers.com
[2012/07/17 15:35:25 | 000,000,000 | ---D | M] (Funmoods.com) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\ffxtlbr@funmoods.com
[2012/07/20 21:23:16 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/08/29 04:58:16 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\staged
[2012/08/29 05:45:35 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\yjqczl3w.Standard-Benutzer\extensions
[2012/08/29 05:45:35 | 000,000,000 | ---D | M] (Babylon) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\yjqczl3w.Standard-Benutzer\extensions\ffxtlbr@babylon.com
[2012/06/29 21:35:31 | 000,000,853 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\11-suche.xml
[2012/07/16 03:12:42 | 000,000,925 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\conduit.xml
[2012/06/29 21:35:31 | 000,002,209 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\englische-ergebnisse.xml
[2012/06/29 21:35:31 | 000,010,506 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\gmx-suche.xml
[2012/07/17 12:48:46 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-1.xml
[2011/11/13 19:04:09 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-10.xml
[2011/12/05 18:02:55 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-11.xml
[2012/01/27 07:02:51 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-12.xml
[2012/01/31 10:26:04 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-13.xml
[2012/02/13 06:21:08 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-14.xml
[2012/02/18 12:16:53 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-15.xml
[2012/02/24 08:10:57 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-16.xml
[2012/04/13 20:31:44 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-17.xml
[2012/06/18 08:48:54 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-18.xml
[2012/07/17 15:35:32 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-19.xml
[2011/07/20 19:03:41 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-2.xml
[2012/07/21 08:22:24 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-20.xml
[2011/08/19 06:27:49 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-3.xml
[2011/08/31 16:49:36 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-4.xml
[2011/09/06 18:55:38 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-5.xml
[2011/09/08 05:37:57 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-6.xml
[2011/10/01 09:04:12 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-7.xml
[2011/10/23 07:55:44 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-8.xml
[2011/11/11 07:47:18 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-9.xml
[2011/07/09 17:09:25 | 000,001,056 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin.xml
[2012/06/29 21:35:31 | 000,002,368 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\lastminute.xml
[2012/07/17 15:35:33 | 000,002,339 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\Search.xml
[2012/07/17 15:38:24 | 000,002,519 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\Search_Results.xml
[2012/06/29 21:35:31 | 000,005,489 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\webde-suche.xml
[2012/09/07 21:38:37 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/07 21:38:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- D:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/07 21:38:36 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2012/09/07 21:38:36 | 000,000,000 | ---D | M] (Anti-Banner) -- D:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
[2012/09/07 21:38:36 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- D:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
File not found (No name found) -- 
[2012/07/17 15:38:27 | 000,000,000 | ---D | M] (DataMngr) -- D:\PROGRAM FILES (X86)\SEARCHQU TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2012/07/23 07:21:40 | 000,000,000 | ---D | M] (Java Link Helper) -- D:\USERS\VIKTOR\APPDATA\ROAMING\14001.003
File not found (No name found) -- D:\USERS\VIKTOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PJQ5X742.DEFAULT\EXTENSIONS\{87934C42-161D-45BC-8CEF-EF18ABE2A30C}
() (No name found) -- D:\USERS\VIKTOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PJQ5X742.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI
[2012/09/07 21:38:40 | 000,266,720 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/19 20:07:54 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/07/20 21:22:56 | 000,000,616 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
[2012/07/13 20:45:08 | 000,001,392 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/29 04:58:12 | 000,002,361 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/08/31 05:50:11 | 000,002,465 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/07/13 20:45:08 | 000,001,153 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/07/13 20:45:08 | 000,006,805 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/07/17 15:38:24 | 000,002,519 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012/07/13 20:45:08 | 000,001,178 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/07/13 20:45:07 | 000,001,105 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - D:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - D:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - D:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - D:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - D:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - D:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - D:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - D:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\Viktor_ON_D\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4 - HKLM..\Run: [avast] D:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DATAMNGR] D:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [jICc7n9BYxBTRVw] D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe ()
O4 - HKLM..\Run: [LManager] D:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Viktor_ON_D..\Run: [jICc7n9BYxBTRVw] D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe ()
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - Startup: D:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\Viktor_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Viktor_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Viktor_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O18:64bit: - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (C:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe) - D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe ()
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Viktor_ON_D Winlogon: Shell - (C:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe) - D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/10/01 23:55:58 | 000,000,000 | ---D | C] -- D:\_OTL
[2012/09/30 09:15:12 | 000,000,000 | ---D | C] -- D:\Users\Viktor\AppData\Roaming\Roaming
[2012/09/24 14:21:31 | 000,000,000 | ---D | C] -- D:\Users\Viktor\AppData\Local\Macromedia
[2012/09/24 14:15:08 | 000,696,240 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/22 16:27:21 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012/09/22 06:10:04 | 000,736,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2012/09/22 06:10:03 | 000,627,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2012/09/22 06:09:55 | 000,247,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2012/09/22 06:09:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2012/09/22 06:09:54 | 000,256,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2012/09/22 06:09:54 | 000,185,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2012/09/22 06:09:54 | 000,097,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2012/09/22 06:09:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2012/09/22 06:09:53 | 000,057,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2012/09/22 06:09:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2012/09/22 06:09:51 | 000,482,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2012/09/22 06:09:51 | 000,386,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2012/09/22 06:09:51 | 000,134,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2012/09/22 06:09:51 | 000,132,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2012/09/22 06:09:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2012/09/22 06:09:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2012/09/12 15:34:07 | 000,574,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2012/09/12 15:34:07 | 000,490,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10level9.dll
[2012/09/07 21:38:36 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Firefox
[3 D:\Users\Viktor\AppData\Roaming\*.tmp files -> D:\Users\Viktor\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/10/01 17:59:48 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012/10/01 17:59:29 | 000,001,106 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/01 17:59:19 | 000,065,536 | ---- | M] () -- D:\Windows\System32\Ikeext.etl
[2012/10/01 17:58:42 | 2960,510,976 | -HS- | M] () -- D:\hiberfil.sys
[2012/10/01 13:15:08 | 000,009,696 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 13:15:08 | 000,009,696 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 13:12:38 | 000,654,400 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2012/10/01 13:12:38 | 000,616,242 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012/10/01 13:12:38 | 000,130,240 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2012/10/01 13:12:38 | 000,106,622 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2012/09/30 19:55:05 | 000,001,110 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/30 19:49:31 | 000,003,416 | ---- | M] () -- D:\bootsqm.dat
[2012/09/30 19:26:54 | 182,962,506 | ---- | M] () -- D:\Windows\MEMORY.DMP
[2012/09/30 12:43:00 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/30 09:15:05 | 000,206,336 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe
[2012/09/29 20:56:54 | 000,002,378 | ---- | M] () -- D:\Users\Public\Desktop\Google Chrome.lnk
[2012/09/24 14:43:34 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/24 14:43:34 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/23 15:41:23 | 000,120,249 | ---- | M] () -- D:\Users\Viktor\Desktop\229945_399044770152906_724560029_n.jpg
[2012/09/23 11:31:21 | 000,083,829 | ---- | M] () -- D:\Users\Viktor\Desktop\264109_465157953517111_1683313455_n.jpg
[2012/09/23 06:11:27 | 000,056,465 | ---- | M] () -- D:\Users\Viktor\Desktop\383466_517961104885261_816712024_n.jpg
[2012/09/22 17:06:37 | 000,000,993 | ---- | M] () -- D:\Users\Public\Desktop\World of Warcraft.lnk
[2012/09/22 17:06:27 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012/09/19 16:01:08 | 001,380,267 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084501113.jpg
[2012/09/19 16:00:08 | 001,191,189 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084478128.jpg
[2012/09/19 15:59:00 | 001,307,060 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084442066.jpg
[2012/09/19 15:58:04 | 001,274,416 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084440886.jpg
[2012/09/19 15:57:03 | 001,393,423 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084154160.jpg
[2012/09/19 15:56:19 | 001,133,678 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084151708.jpg
[2012/09/19 15:55:26 | 001,378,811 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084150564.jpg
[2012/09/19 15:54:27 | 001,122,308 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084149300.jpg
[2012/09/19 15:50:42 | 001,418,448 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084118265.jpg
[2012/09/19 15:49:48 | 000,816,933 | ---- | M] () -- D:\Users\Viktor\Desktop\1348084104657.jpg
[2012/09/19 14:45:22 | 000,811,096 | ---- | M] () -- D:\Users\Viktor\Desktop\1348079312082.jpg
[3 D:\Users\Viktor\AppData\Roaming\*.tmp files -> D:\Users\Viktor\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/09/30 19:49:31 | 000,003,416 | ---- | C] () -- D:\bootsqm.dat
[2012/09/30 09:15:10 | 000,206,336 | ---- | C] () -- D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe
[2012/09/24 14:15:08 | 000,000,884 | ---- | C] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/23 15:41:22 | 000,120,249 | ---- | C] () -- D:\Users\Viktor\Desktop\229945_399044770152906_724560029_n.jpg
[2012/09/23 11:29:44 | 000,083,829 | ---- | C] () -- D:\Users\Viktor\Desktop\264109_465157953517111_1683313455_n.jpg
[2012/09/23 06:11:27 | 000,056,465 | ---- | C] () -- D:\Users\Viktor\Desktop\383466_517961104885261_816712024_n.jpg
[2012/09/22 16:27:21 | 000,000,993 | ---- | C] () -- D:\Users\Public\Desktop\World of Warcraft.lnk
[2012/09/19 16:01:08 | 001,380,267 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084501113.jpg
[2012/09/19 16:00:00 | 001,191,189 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084478128.jpg
[2012/09/19 15:58:47 | 001,307,060 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084442066.jpg
[2012/09/19 15:57:47 | 001,274,416 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084440886.jpg
[2012/09/19 15:56:58 | 001,393,423 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084154160.jpg
[2012/09/19 15:56:11 | 001,133,678 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084151708.jpg
[2012/09/19 15:55:18 | 001,378,811 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084150564.jpg
[2012/09/19 15:54:17 | 001,122,308 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084149300.jpg
[2012/09/19 15:50:24 | 001,418,448 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084118265.jpg
[2012/09/19 15:49:41 | 000,816,933 | ---- | C] () -- D:\Users\Viktor\Desktop\1348084104657.jpg
[2012/09/19 14:45:17 | 000,811,096 | ---- | C] () -- D:\Users\Viktor\Desktop\1348079312082.jpg
[2012/08/28 18:19:34 | 000,065,536 | ---- | C] () -- D:\Users\Viktor\AppData\Roaming\pjq5x742.default.dat
[2012/08/27 02:16:33 | 000,000,017 | ---- | C] () -- D:\Users\Viktor\AppData\Roaming\blckdom.res
[2012/07/23 08:50:30 | 000,000,025 | ---- | C] () -- D:\Users\Viktor\AppData\Roaming\urhtps.dat
[2012/07/17 15:33:11 | 000,384,844 | ---- | C] () -- D:\Users\Viktor\AppData\Local\funmoods-speeddial.crx
[2012/07/17 15:33:11 | 000,031,465 | ---- | C] () -- D:\Users\Viktor\AppData\Local\funmoods.crx
[2011/06/14 05:36:39 | 000,000,064 | ---- | C] () -- D:\Windows\SysWow64\rp_stats.dat
[2011/06/14 05:36:39 | 000,000,044 | ---- | C] () -- D:\Windows\SysWow64\rp_rules.dat
[2011/04/13 15:59:14 | 000,059,904 | ---- | C] () -- D:\Windows\SysWow64\OVDecode.dll
[2011/02/15 12:52:16 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat
[2011/01/13 12:41:19 | 000,000,000 | ---- | C] () -- D:\Windows\ativpsrm.bin
[2011/01/13 12:37:22 | 000,002,093 | ---- | C] () -- D:\Windows\SysWow64\atipblup.dat
[2010/09/08 04:17:26 | 000,870,560 | ---- | C] () -- D:\Windows\SysWow64\igkrng575.bin
[2010/09/08 04:17:26 | 000,208,896 | ---- | C] () -- D:\Windows\SysWow64\iglhsip32.dll
[2010/09/08 04:17:26 | 000,143,360 | ---- | C] () -- D:\Windows\SysWow64\iglhcp32.dll
[2010/09/08 04:17:26 | 000,104,636 | ---- | C] () -- D:\Windows\SysWow64\igfcg575m.bin
[2010/09/08 04:17:25 | 000,127,868 | ---- | C] () -- D:\Windows\SysWow64\igcompkrng575.bin
[2010/09/08 04:17:24 | 000,002,093 | ---- | C] () -- D:\Windows\SysWow64\atipblag.dat
[2010/09/08 03:41:35 | 000,131,984 | ---- | C] () -- D:\ProgramData\FullRemove.exe
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2010/09/08 03:52:37 | 000,000,000 | ---D | M] -- D:\ProgramData\Acer
[2010/09/08 03:34:08 | 000,000,000 | ---D | M] -- D:\ProgramData\AmUStor
[2011/02/12 18:24:14 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2011/02/14 18:56:11 | 000,000,000 | ---D | M] -- D:\ProgramData\ashampoo
[2012/08/29 05:01:50 | 000,000,000 | ---D | M] -- D:\ProgramData\AVAST Software
[2012/08/29 04:58:08 | 000,000,000 | ---D | M] -- D:\ProgramData\Babylon
[2010/09/08 04:04:17 | 000,000,000 | ---D | M] -- D:\ProgramData\BackupManager
[2012/06/20 08:45:37 | 000,000,000 | ---D | M] -- D:\ProgramData\Battle.net
[2012/07/20 21:28:12 | 000,000,000 | ---D | M] -- D:\ProgramData\boost_interprocess
[2012/05/31 11:28:27 | 000,000,000 | -H-D | M] -- D:\ProgramData\CanonBJ
[2011/02/14 19:10:19 | 000,000,000 | ---D | M] -- D:\ProgramData\createpart
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2011/02/12 18:24:14 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2011/01/13 12:42:32 | 000,000,000 | ---D | M] -- D:\ProgramData\EgisTec IPS
[2010/09/08 03:39:41 | 000,000,000 | ---D | M] -- D:\ProgramData\eSobi
[2011/02/14 19:09:58 | 000,000,000 | ---D | M] -- D:\ProgramData\explauncher
[2011/02/12 18:24:14 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2012/06/07 17:05:13 | 000,000,000 | ---D | M] -- D:\ProgramData\Friends Games
[2012/07/24 14:18:25 | 000,000,000 | ---D | M] -- D:\ProgramData\GFI Software
[2011/05/12 13:35:47 | 000,000,000 | ---D | M] -- D:\ProgramData\ICQ
[2011/02/14 19:09:55 | 000,000,000 | ---D | M] -- D:\ProgramData\launcher
[2010/09/08 03:48:10 | 000,000,000 | ---D | M] -- D:\ProgramData\OberonGameConsole
[2011/02/12 11:26:58 | 000,000,000 | ---D | M] -- D:\ProgramData\oem
[2012/06/08 04:13:07 | 000,000,000 | ---D | M] -- D:\ProgramData\Sandlot Games
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2011/02/12 18:24:14 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2012/08/06 05:12:47 | 000,000,000 | ---D | M] -- D:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2012/06/20 10:20:35 | 000,000,000 | ---D | M] -- D:\ProgramData\TuneUp Software
[2011/02/12 18:24:14 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2011/02/14 18:40:07 | 000,000,000 | -HSD | M] -- D:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2012/08/01 03:32:34 | 000,032,640 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\Auto4.bmp:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\Auto3.bmp:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\Auto2.bmp:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\Auto1.bmp:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 144 bytes -> D:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 143 bytes -> D:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 143 bytes -> D:\ProgramData\Temp:93EB7685
@Alternate Data Stream - 135 bytes -> D:\ProgramData\Temp:E36F5B57
@Alternate Data Stream - 129 bytes -> D:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 127 bytes -> D:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 119 bytes -> D:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 118 bytes -> D:\ProgramData\Temp:798A3728
< End of report >

--- --- ---

t'john · 02.10.2012, 05:55

Fixen mit OTLpe

Starte den unbootbaren Computer erneut mit der OTLPE-CD,
warte bis der Reatogo-X-Pe-Desktop erscheint und doppelklicke das OTLPE-Icon.

Kopiere folgendes Skript in das Textfeld unterhalb von Custom Scans/Fixes:
Sollte das mangels Internet-Verbindung nicht möglich sein,
kopiere den Text aus der folgenden Code-Box und speichere ihn als Fix.txt auf einen USB-Stick.
Schließe den USB-Stick an den Computer an und öffne Fix.txt mit dem Explorer auf dem Reatogo-Desktop.
Kopiere den Inhalt von Fix.txt in das Textfeld unterhalb von Custom Scans/Fixes:

Code:

ATTFilter

:OTL
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\Viktor_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=115307&tt=280812_2004_3512_6&babsrc=HP_ss&mntrId=e4dc5dad000000000000929ffa92ed99 
IE - HKU\Viktor_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF - prefs.js..browser.search.update: false 
FF - prefs.js..backup.old.browser.search.defaultenginename: "ICQ Search" 
FF - prefs.js..backup.old.browser.search.selectedEngine: "WiseConvert Customized Web Search" 
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT3230028&SearchSource=13" 
FF - prefs.js..browser.search.defaultthis.engineName: "WiseConvert Customized Web Search" 
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}" 
FF - prefs.js..browser.search.selectedEngine: "WiseConvert Customized Web Search" 
FF - prefs.js..browser.search.useDBForOrder: true 
FF - prefs.js..browser.startup.homepage: "http://www.searchnu.com/406" 
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632 
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556 
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556 
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=161&systemid=406&sr=0&q=" 
FF - prefs.js..network.proxy.type: 0 
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" 
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\Viktor\AppData\Roaming\14001.018 [2012/08/27 06:02:26 | 000,000,000 | ---D | M] 
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc) 
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - D:\Program Files (x86)\BrowserCompanion\jsloader.dll ( ) 
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - D:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll (Babylon BHO) 
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - D:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( ) 
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () 
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc) 
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. 
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - D:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll (Babylon Ltd.) 
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () 
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3:64bit: - HKU\Viktor_ON_D\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) 
O4 - HKLM..\Run: [DATAMNGR] D:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc) 
O4 - HKLM..\Run: [jICc7n9BYxBTRVw] D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe () 
O4 - HKU\Viktor_ON_D..\Run: [jICc7n9BYxBTRVw] D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe () 
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] File not found 
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] File not found 
O4 - Startup: D:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk () 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 
O7 - HKU\Viktor_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1 
O7 - HKU\Viktor_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 
O7 - HKU\Viktor_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) 
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) 
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc) 
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc) 
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc) 
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - D:\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc) 
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O20 - HKLM Winlogon: Shell - (C:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe) - D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe () 
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O20 - HKU\Viktor_ON_D Winlogon: Shell - (C:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe) - D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe () 
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. 
O32 - HKLM CDRom: AutoRun - 1 
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] 
O34 - HKLM BootExecute: (autocheck autochk *) - File not found 
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found 
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found 
[2012/09/30 09:15:05 | 000,206,336 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\wsf3CmCT.exe 
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\AutO4.bmp:3or4kl4x13tuuug3Byamue2s4b 
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\Auto3.bmp:3or4kl4x13tuuug3Byamue2s4b 
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\Auto2.bmp:3or4kl4x13tuuug3Byamue2s4b 
@Alternate Data Stream - 152 bytes -> D:\Users\Viktor\Desktop\Auto1.bmp:3or4kl4x13tuuug3Byamue2s4b 
@Alternate Data Stream - 144 bytes -> D:\ProgramData\Temp:5D7E5A8F 
@Alternate Data Stream - 143 bytes -> D:\ProgramData\Temp:CDFF58FE 
@Alternate Data Stream - 143 bytes -> D:\ProgramData\Temp:93EB7685 
@Alternate Data Stream - 135 bytes -> D:\ProgramData\Temp:E36F5B57 
@Alternate Data Stream - 129 bytes -> D:\ProgramData\Temp:E1F04E8D 
@Alternate Data Stream - 127 bytes -> D:\ProgramData\Temp:0B9176C0 
@Alternate Data Stream - 119 bytes -> D:\ProgramData\Temp:4D066AD2 
@Alternate Data Stream - 118 bytes -> D:\ProgramData\Temp:798A3728 
[2012/07/17 15:38:27 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Extensions 
[2012/07/17 15:38:26 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} 
[2012/07/17 15:38:24 | 000,002,519 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\Search_Results.xml 
[2012/07/17 15:38:27 | 000,000,000 | ---D | M] (DataMngr) -- D:\PROGRAM FILES (X86)\SEARCHQU TOOLBAR\DATAMNGR\FIREFOXEXTENSION 
[2012/07/17 15:38:24 | 000,002,519 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml 
[2012/07/17 15:33:16 | 000,000,000 | ---D | M] (Browser Companion Helper) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\bbrs_002@blabbers.com 
[2012/07/17 15:33:11 | 000,384,844 | ---- | C] () -- D:\Users\Viktor\AppData\Local\funmoods-speeddial.crx 
[2012/07/17 15:33:11 | 000,031,465 | ---- | C] () -- D:\Users\Viktor\AppData\Local\funmoods.crx 
[2012/07/17 15:35:25 | 000,000,000 | ---D | M] (Funmoods.com) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\ffxtlbr@funmoods.com 
[2012/07/17 15:35:32 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-19.xml 
[2012/07/17 15:35:33 | 000,002,339 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\Search.xml 
[2012/08/29 05:45:35 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\yjqczl3w.Standard-Benutzer\extensions 
[2012/08/29 05:45:35 | 000,000,000 | ---D | M] (Babylon) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\yjqczl3w.Standard-Benutzer\extensions\ffxtlbr@babylon.com 
[2012/06/29 21:35:31 | 000,000,853 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\11-suche.xml 
[2012/06/29 21:35:31 | 000,002,209 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\englische-ergebnisse.xml 
[2012/06/29 21:35:31 | 000,010,506 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\gmx-suche.xml 
[2012/06/29 21:35:31 | 000,002,368 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\lastminute.xml 
[2012/06/29 21:35:31 | 000,005,489 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\webde-suche.xml 
[2012/07/16 03:12:42 | 000,000,925 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\conduit.xml 
[2012/07/17 12:48:46 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-1.xml 
[2011/11/13 19:04:09 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-10.xml 
[2011/12/05 18:02:55 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-11.xml 
[2012/01/27 07:02:51 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-12.xml 
[2012/01/31 10:26:04 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-13.xml 
[2012/02/13 06:21:08 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-14.xml 
[2012/02/18 12:16:53 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-15.xml 
[2012/02/24 08:10:57 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-16.xml 
[2012/04/13 20:31:44 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-17.xml 
[2012/06/18 08:48:54 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-18.xml 
[2011/07/20 19:03:41 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-2.xml 
[2012/07/21 08:22:24 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-20.xml 
[2011/08/19 06:27:49 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-3.xml 
[2011/08/31 16:49:36 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-4.xml 
[2011/09/06 18:55:38 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-5.xml 
[2011/09/08 05:37:57 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-6.xml 
[2011/10/01 09:04:12 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-7.xml 
[2011/10/23 07:55:44 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-8.xml 
[2011/11/11 07:47:18 | 000,000,950 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin-9.xml 
[2011/07/09 17:09:25 | 000,001,056 | ---- | M] () -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\searchplugins\icqplugin.xml 
[2012/09/07 21:38:37 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions 
[2012/09/07 21:38:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- D:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} 
[2012/09/07 21:38:36 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com 
[2012/09/07 21:38:36 | 000,000,000 | ---D | M] (Anti-Banner) -- D:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak 
[2012/09/07 21:38:36 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- D:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak 
[2012/07/23 07:21:40 | 000,000,000 | ---D | M] (Java Link Helper) -- D:\USERS\VIKTOR\APPDATA\Roaming\14001.003 
[2012/07/20 21:22:56 | 000,000,616 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml 
[2012/07/20 21:23:16 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- D:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack 
[2012/07/13 20:45:08 | 000,001,392 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml 
[2012/07/13 20:45:08 | 000,001,153 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml 
[2012/07/13 20:45:08 | 000,006,805 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml 
[2012/07/13 20:45:08 | 000,001,178 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml 
[2012/07/13 20:45:07 | 000,001,105 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml 
[2012/08/29 04:58:12 | 000,002,361 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml 
[2012/08/29 04:58:08 | 000,000,000 | ---D | M] -- D:\ProgramData\Babylon 
[2012/08/31 05:50:11 | 000,002,465 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml 

[2012/09/30 09:15:12 | 000,000,000 | ---D | C] -- D:\Users\Viktor\AppData\Roaming\Roaming 
[2012/08/27 02:16:33 | 000,000,017 | ---- | C] () -- D:\Users\Viktor\AppData\Roaming\blckdom.res 
[2012/07/20 21:28:12 | 000,000,000 | ---D | M] -- D:\ProgramData\boost_interprocess 
:Files
D:\USERS\VIKTOR\APPDATA\Roaming\MOZILLA\FIREFOX\PROFILES\PJQ5X742.DEFAULT\EXTENSIONS\{87934C42-161D-45BC-8CEF-EF18ABE2A30C}
D:\USERS\VIKTOR\APPDATA\Roaming\140*.*
D:\ProgramData\Babylon
D:\ProgramData\boost_interprocess

D:\ProgramData\*.exe
D:\ProgramData\TEMP
D:\Users\Viktor\*.tmp
D:\Users\Viktor\AppData\Local\{*}
D:\Users\Viktor\AppData\Local\Temp\*.exe
D:\Users\Viktor\AppData\LocalLow\Sun\Java\Deployment\cache
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
ipconfig /flushdns /c
:Commands
[emptytemp]

Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
Kopiere den Inhalt hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\OTLpe\MovedFiles\<datum_nummer.log>
Teste, ob den Computer nun wieder in den normalen Windows-Modus booten kannst und berichte.

JimmyRainer · 02.10.2012, 14:54

vielen dank der rechner bootet wieder,
ist der virus jetzt entfernt, würde es reichen nen viren scanner durchlaufen zu lassen oder muss ich windows neu aufspielen ?????ß

t'john · 02.10.2012, 17:26

Sehr gut!

Wie laeuft der Rechner?

1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Search.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

JimmyRainer · 04.10.2012, 19:12

mailwarebyte habe ich leider schon alles löschen lassen speichert er das auch irgendwo ab das ich das noch nach schicken kann?

PHP-Code:

  # AdwCleaner v2.003 - Datei am 10/05/2012 um 19:57:36 erstellt

# Aktualisiert am 23/09/2012 von Xplode

# Betriebssystem : Windows 7 Home Premium  (64 bits)

# Benutzer : Viktor - WITJOK

# Bootmodus : Normal

# Ausgef�hrt unter : C:\Users\Viktor\Downloads\adwcleaner2.002.exe

# Option [Suche]

 
 
**** [Dienste] ****

 
 
***** [Dateien / Ordner] *****

 
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

Datei Gefunden : C:\user.js

Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk

Ordner Gefunden : C:\Program Files (x86)\AVG Secure Search

Ordner Gefunden : C:\Program Files (x86)\BabylonToolbar

Ordner Gefunden : C:\Program Files (x86)\Common Files\AVG Secure Search

Ordner Gefunden : C:\Program Files (x86)\Funmoods

Ordner Gefunden : C:\Program Files (x86)\Searchqu Toolbar

Ordner Gefunden : C:\ProgramData\AVG Secure Search

Ordner Gefunden : C:\Users\Viktor\AppData\Local\AVG Secure Search

Ordner Gefunden : C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Ordner Gefunden : C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Ordner Gefunden : C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb

Ordner Gefunden : C:\Users\Viktor\AppData\Local\Ilivid Player

Ordner Gefunden : C:\Users\Viktor\AppData\Local\Temp\avg@toolbar

Ordner Gefunden : C:\Users\Viktor\AppData\LocalLow\AVG Secure Search

Ordner Gefunden : C:\Users\Viktor\AppData\LocalLow\BabylonToolbar

Ordner Gefunden : C:\Users\Viktor\AppData\LocalLow\bbrs_002.tb

Ordner Gefunden : C:\Users\Viktor\AppData\LocalLow\Funmoods

Ordner Gefunden : C:\Users\Viktor\AppData\LocalLow\searchquband

Ordner Gefunden : C:\Users\Viktor\AppData\LocalLow\Searchqutoolbar

Ordner Gefunden : C:\Users\Viktor\AppData\Roaming\Babylon

Ordner Gefunden : C:\Users\Viktor\AppData\Roaming\BabylonToolbar

Ordner Gefunden : C:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\ConduitCommon

Ordner Gefunden : C:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}

Ordner Gefunden : C:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\extensions\staged

Ordner Gefunden : C:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\Searchqutoolbar

 
***** [Registrierungsdatenbank] *****

 
Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll

Schl&#65533;ssel Gefunden : HKCU\Software\AppDataLow\Software\searchqutoolbar

Schl&#65533;ssel Gefunden : HKCU\Software\AVG Secure Search

Schl&#65533;ssel Gefunden : HKCU\Software\BabylonToolbar

Schl&#65533;ssel Gefunden : HKCU\Software\DataMngr

Schl&#65533;ssel Gefunden : HKCU\Software\DataMngr_Toolbar

Schl&#65533;ssel Gefunden : HKCU\Software\Funmoods

Schl&#65533;ssel Gefunden : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Schl&#65533;ssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Schl&#65533;ssel Gefunden : HKLM\Software\AVG Secure Search

Schl&#65533;ssel Gefunden : HKLM\Software\Babylon

Schl&#65533;ssel Gefunden : HKLM\Software\BabylonToolbar

Schl&#65533;ssel Gefunden : HKLM\Software\BrowserCompanion

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\b

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\S

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\updatebho.TimerBHO

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\wit4ie.WitBHO

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2

Schl&#65533;ssel Gefunden : HKLM\Software\DataMngr

Schl&#65533;ssel Gefunden : HKLM\Software\Funmoods

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Schl&#65533;ssel Gefunden : HKLM\Software\SearchquMediabarTb

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\DataMngr

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Schl&#65533;ssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Schl&#65533;ssel Gefunden : HKU\S-1-5-21-193109525-2496757550-1605565129-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Schl&#65533;ssel Gefunden : HKU\S-1-5-21-193109525-2496757550-1605565129-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Schl&#65533;ssel Gefunden : HKU\S-1-5-21-193109525-2496757550-1605565129-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Schl&#65533;ssel Gefunden : HKU\S-1-5-21-193109525-2496757550-1605565129-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

 
***** [Internet Browser] *****

 
-\\ Internet Explorer v8.0.7600.16385

 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuzytBzy0F0F0AzytB0E0DzyzyyD0D0A0DtN0D0Tzu0CtCzyzytN1L2XzutBtFtCtFtDtFtAtDtC&cr=1525869463

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affid=115307&tt=280812_2004_3512_6&babsrc=nt_ss&mntrid=e4dc5dad000000000000929ffa92ed99

 
-\\ Mozilla Firefox v15.0 (de)

 
Profilname : default 

Datei : C:\Users\Viktor\AppData\Roaming\Mozilla\Firefox\Profiles\pjq5x742.default\prefs.js

 
Gefunden : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Gefunden : user_pref("browser.search.selectedEngine", "AVG Secure Search");

Gefunden : user_pref("CT3196716..clientLogIsEnabled", false);

Gefunden : user_pref("CT3196716..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Gefunden : user_pref("CT3196716..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Gefunden : user_pref("CT3196716.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Gefunden : user_pref("CT3196716.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Gefunden : user_pref("CT3196716.AppTrackingLastCheckTime", "Sun Jul 22 2012 03:33:52 GMT+0200");

Gefunden : user_pref("CT3196716.BrowserCompStateIsOpen_3263554499264134319", true);

Gefunden : user_pref("CT3196716.BrowserCompStateIsOpen_4711547172607932304", true);

Gefunden : user_pref("CT3196716.CT3196716", "CT3196716");

Gefunden : user_pref("CT3196716.CurrentServerDate", "24-7-2012");

Gefunden : user_pref("CT3196716.DSChangedManually", false);

Gefunden : user_pref("CT3196716.DSInstall", true);

Gefunden : user_pref("CT3196716.DSProtectChoice", true);

Gefunden : user_pref("CT3196716.DSProtectCount", 3);

Gefunden : user_pref("CT3196716.DialogsAlignMode", "LTR");

Gefunden : user_pref("CT3196716.DialogsGetterLastCheckTime", "Mon Jul 23 2012 20:43:09 GMT+0200");

Gefunden : user_pref("CT3196716.DownloadReferralCookieData", "");

Gefunden : user_pref("CT3196716.EMailNotifierPollDate", "Tue Jul 24 2012 10:24:08 GMT+0200");

Gefunden : user_pref("CT3196716.ExternalComponentPollDate129844886196746599", "Mon Jul 23 2012 00:36:07 GMT+020[...]

Gefunden : user_pref("CT3196716.ExternalComponentPollDate129844886197059098", "Mon Jul 23 2012 00:36:07 GMT+020[...]

Gefunden : user_pref("CT3196716.FirstServerDate", "16-7-2012");

Gefunden : user_pref("CT3196716.FirstTime", true);

Gefunden : user_pref("CT3196716.FirstTimeFF3", true);

Gefunden : user_pref("CT3196716.FirstTimeHiddenVer", true);

Gefunden : user_pref("CT3196716.FixPageNotFoundErrors", true);

Gefunden : user_pref("CT3196716.GroupingServerCheckInterval", 1440);

Gefunden : user_pref("CT3196716.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Gefunden : user_pref("CT3196716.HPInstall", true);

Gefunden : user_pref("CT3196716.HPProtectChoice", true);

Gefunden : user_pref("CT3196716.HPProtectCount", 3);

Gefunden : user_pref("CT3196716.HasUserGlobalKeys", true);

Gefunden : user_pref("CT3196716.HomePageProtectorEnabled", false);

Gefunden : user_pref("CT3196716.HomepageBeforeUnload", "hxxp://www.searchnu.com/406");

Gefunden : user_pref("CT3196716.Initialize", true);

Gefunden : user_pref("CT3196716.InitializeCommonPrefs", true);

Gefunden : user_pref("CT3196716.InstallationAndCookieDataSentCount", 3);

Gefunden : user_pref("CT3196716.InstallationType", "Unknown");

Gefunden : user_pref("CT3196716.InstalledDate", "Mon Jul 16 2012 22:36:18 GMT+0200");

Gefunden : user_pref("CT3196716.InvalidateCache", false);

Gefunden : user_pref("CT3196716.IsAlertDBUpdated", true);

Gefunden : user_pref("CT3196716.IsGrouping", false);

Gefunden : user_pref("CT3196716.IsInitSetupIni", true);

Gefunden : user_pref("CT3196716.IsMulticommunity", false);

Gefunden : user_pref("CT3196716.IsOpenThankYouPage", true);

Gefunden : user_pref("CT3196716.IsOpenUninstallPage", true);

Gefunden : user_pref("CT3196716.IsProtectorsInit", true);

Gefunden : user_pref("CT3196716.LanguagePackLastCheckTime", "Mon Jul 23 2012 13:21:42 GMT+0200");

Gefunden : user_pref("CT3196716.LanguagePackReloadIntervalMM", 1440);

Gefunden : user_pref("CT3196716.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Gefunden : user_pref("CT3196716.LastLogin_3.14.1.0", "Tue Jul 24 2012 10:24:10 GMT+0200");

Gefunden : user_pref("CT3196716.LatestVersion", "3.14.1.0");

Gefunden : user_pref("CT3196716.Locale", "en");

Gefunden : user_pref("CT3196716.MCDetectTooltipHeight", "83");

Gefunden : user_pref("CT3196716.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Gefunden : user_pref("CT3196716.MCDetectTooltipWidth", "295");

Gefunden : user_pref("CT3196716.MyStuffEnabledAtInstallation", true);

Gefunden : user_pref("CT3196716.OriginalFirstVersion", "3.14.1.0");

Gefunden : user_pref("CT3196716.RadioIsPodcast", false);

Gefunden : user_pref("CT3196716.RadioLastCheckTime", "Mon Jul 23 2012 13:21:38 GMT+0200");

Gefunden : user_pref("CT3196716.RadioLastUpdateIPServer", "3");

Gefunden : user_pref("CT3196716.RadioLastUpdateServer", "3");

Gefunden : user_pref("CT3196716.RadioMediaID", "9962");

Gefunden : user_pref("CT3196716.RadioMediaType", "Media Player");

Gefunden : user_pref("CT3196716.RadioMenuSelectedID", "EBRadioMenu_CT31967169962");

Gefunden : user_pref("CT3196716.RadioShrinkedFromSetup", false);

Gefunden : user_pref("CT3196716.RadioStationName", "California%20Rock");

Gefunden : user_pref("CT3196716.RadioStationURL", "hxxp://feedlive.net/california.asx");

Gefunden : user_pref("CT3196716.SavedHomepage", "hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&[...]

Gefunden : user_pref("CT3196716.SearchCaption", "WiseConvert Customized Web Search");

Gefunden : user_pref("CT3196716.SearchEngineBeforeUnload", "WiseConvert Customized Web Search");

Gefunden : user_pref("CT3196716.SearchFromAddressBarIsInit", true);

Gefunden : user_pref("CT3196716.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT323[...]

Gefunden : user_pref("CT3196716.SearchInNewTabEnabled", true);

Gefunden : user_pref("CT3196716.SearchInNewTabIntervalMM", 1440);

Gefunden : user_pref("CT3196716.SearchInNewTabLastCheckTime", "Mon Jul 23 2012 13:21:38 GMT+0200");

Gefunden : user_pref("CT3196716.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Gefunden : user_pref("CT3196716.SearchProtectorEnabled", false);

Gefunden : user_pref("CT3196716.SearchProtectorToolbarDisabled", false);

Gefunden : user_pref("CT3196716.SendProtectorDataViaLogin", true);

Gefunden : user_pref("CT3196716.ServiceMapLastCheckTime", "Mon Jul 23 2012 13:21:40 GMT+0200");

Gefunden : user_pref("CT3196716.SettingsLastCheckTime", "Tue Jul 24 2012 10:24:08 GMT+0200");

Gefunden : user_pref("CT3196716.SettingsLastUpdate", "1342194074");

Gefunden : user_pref("CT3196716.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3230028&SearchSource=13");

Gefunden : user_pref("CT3196716.ThirdPartyComponentsInterval", 504);

Gefunden : user_pref("CT3196716.ThirdPartyComponentsLastCheck", "Mon Jul 16 2012 22:36:16 GMT+0200");

Gefunden : user_pref("CT3196716.ThirdPartyComponentsLastUpdate", "1331805997");

Gefunden : user_pref("CT3196716.ToolbarShrinkedFromSetup", false);

Gefunden : user_pref("CT3196716.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3230028");

Gefunden : user_pref("CT3196716.UserID", "UN61387861802182825");

Gefunden : user_pref("CT3196716.ValidationData_Toolbar", 1);

Gefunden : user_pref("CT3196716.WeatherNetwork", "");

Gefunden : user_pref("CT3196716.WeatherPollDate", "Tue Jul 24 2012 10:24:27 GMT+0200");

Gefunden : user_pref("CT3196716.WeatherUnit", "C");

Gefunden : user_pref("CT3196716.alertChannelId", "1667895");

Gefunden : user_pref("CT3196716.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e06cg5el8:", "6E6D6D6F72736D747070");

Gefunden : user_pref("CT3196716.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747373757879737A7676242F4B4947[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e31;cjdjihl@af%peh", "247E61393F236B25767172727A2B222D6F425[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e31;cjeik4!kk", "247E61393F236B25767177722A212C6E414F444D32[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e31;cji68>;la<>\"!(rr", "247E61393F236B2576767329202B6D404E[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e31;cji8a k@c", "247E61393F236B256F75287E2A6C3F4D424B307832[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]

Gefunden : user_pref("CT3196716.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]

Gefunden : user_pref("CT3196716.backendstorage./9b-0?3g>d", "396B6F6C3F7141727A71467447207978794C25204F7D212A55[...]

Gefunden : user_pref("CT3196716.backendstorage./9b-0?3g@6:5;", "");

Gefunden : user_pref("CT3196716.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");

Gefunden : user_pref("CT3196716.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D443078

t'john · 04.10.2012, 19:53

Bitte das Malwarebytes Logfile posten!
(Reiter Logberichte)

t'john · 21.11.2012, 05:22

Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.

Bka virus windows 7

Log-Analyse und Auswertung: Bka virus windows 7