BKA Trojaner PC gesperrt

willi31 · 19.11.2012, 00:13

Hallo!
Habe heute BKA Virus gefangen.
Kommt meldung PC gesperrt und PC geht aus.
Habe DSL Kabel entfernt, nun bleibt er wenigstens an.
Task-Manager lässt sich nicht starten.
Habe mit OTL gescannt
Das kamm raus:

OTL logfile created on: 18.11.2012 23:52:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = K:\Hjthis
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 65,65% Memory free
6,00 Gb Paging File | 4,91 Gb Available in Paging File | 81,85% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 284,09 Gb Total Space | 167,33 Gb Free Space | 58,90% Space Free | Partition Type: NTFS
Drive K: | 3,73 Gb Total Space | 1,15 Gb Free Space | 30,87% Space Free | Partition Type: FAT

Computer Name: WITALA-OLGA | User Name: Witala&Olga | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - K:\Hjthis\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\lsass.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Users\Witala&Olga\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe ()
PRC - C:\Users\Witala&Olga\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Programme\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe ()
PRC - C:\Windows\System32\HidService.exe (Packard Bell Services)
PRC - C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()

========== Modules (No Company Name) ==========

MOD - C:\Users\WITALA~1\AppData\Local\Temp\wgsdgsdgdsgsd.exe ()
MOD - C:\Users\Witala&Olga\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
MOD - C:\Users\WITALA~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL ()
MOD - C:\Windows\System32\CmdLineExt03.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()

========== Services (SafeList) ==========

SRV - (WPFFontCache_v0400) -- File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (DefaultTabUpdate) -- C:\Users\Witala&Olga\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe ()
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TeamViewer7) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Programme\Nero\Update\NASvc.exe (Nero AG)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (LVPrcSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ETService) -- C:\Programme\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe ()
SRV - (GenericHidService) -- C:\Windows\System32\HidService.exe (Packard Bell Services)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (InputFilter_Hid_FlexDef2b) -- C:\Windows\System32\drivers\InputFilter_FlexDef2b.sys (Siliten)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=1&o=vp32&d=0310&m=imedia_d3860_ge
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-8.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6B450403-5728-492D-B6AD-458D58ABB544}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D081E50-AA5A-4AA0-885D-A69195588A7A}: "URL" = hxxp://rover.ebay.com/rover/1/707-1403-27640-2/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
IE - HKCU\..\SearchScopes\{5E44BB08-E061-489B-AE5F-0C9B28619A69}: "URL" = hxxp://www.mysearchresults.com/search?&c=4001&t=10&q={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKCU\..\SearchScopes\{6B450403-5728-492D-B6AD-458D58ABB544}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW_deDE370
IE - HKCU\..\SearchScopes\{8D2A4BE6-03F6-421A-A37F-2395EA5FF212}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?sr=twiki&q={searchTerms}&dia=tie8
IE - HKCU\..\SearchScopes\{A3F3902B-5E02-4A4D-A905-BFA294A4924A}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tweb&q={searchTerms}&dia=tie8
IE - HKCU\..\SearchScopes\{E20BD284-46FE-4C73-9894-12BF937D6F21}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tonline_internetexplorer-browser-suche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Linkury Smartbar Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: linkuryfirefoxremoteplugin@linkury.com:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}:5.0.17
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.2.44026
FF - prefs.js..keyword.URL: "hxxp://search-us.linkury.com/results.htm?cx=partner-pub-7890126930977991:7317400059&cof=FORID:11&sa=Search&siteurl=search.linkury.com&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Witala&Olga\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Witala&Olga\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.29 14:38:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.05.28 19:45:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.03 21:51:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.03 21:51:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.29 14:38:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.1.0\FF [2011.02.08 10:37:05 | 000,000,000 | ---D | M]

[2010.10.17 12:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Extensions
[2012.11.16 11:15:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions
[2010.10.17 12:27:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.02.04 21:18:27 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.10.13 14:26:29 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\4f3msv4e.ht4
[2011.10.13 14:24:18 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\efcwh4jd.0gz
[2011.03.23 21:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\engine@conduit.com
[2012.01.28 14:08:14 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\plugin@yontoo.com
[2012.10.07 12:51:12 | 000,022,390 | ---- | M] () (No name found) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\firefox\profiles\ouscka8m.default\extensions\addon@defaulttab.com.xpi
[2012.11.16 11:15:02 | 000,566,853 | ---- | M] () (No name found) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\firefox\profiles\ouscka8m.default\extensions\toolbar@web.de.xpi
[2012.07.25 19:53:37 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\firefox\profiles\ouscka8m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.10.16 19:50:08 | 000,005,601 | ---- | M] () -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\firefox\profiles\ouscka8m.default\searchplugins\Linkury Smartbar Search.xml
[2012.10.17 20:07:27 | 000,001,982 | ---- | M] () -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\firefox\profiles\ouscka8m.default\searchplugins\search-here.xml
[2012.07.30 19:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.10.31 22:39:03 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.30 19:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2012.07.30 19:24:24 | 000,000,000 | ---D | M] (WEB.DE MailCheck) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
[2012.06.01 16:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.08.24 10:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.01 17:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.01 17:33:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.01 17:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 17:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 17:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 17:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: hxxp://www.google.de/
CHR - default_search_provider: Linkury Smartbar Search (Enabled)
CHR - default_search_provider: search_url = hxxp://search-us.linkury.com/results.htm?cx=partner-pub-7890126930977991:5731629158&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Browser Companion Helper = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
CHR - Extension: Google-Suche = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: General Crawler = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.6_0\
CHR - Extension: DefaultTab = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.10_0\
CHR - Extension: Skype Click to Call = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Witala&Olga\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\WITALA~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL ()
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [HijackThis startup scan] K:\Hjthis\HijackThis.exe /startupscan File not found
O4 - Startup: C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk = C:\ProgramData\lsass.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Witala&Olga\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Witala&Olga\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab (Java Plug-in 1.5.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34A4A7AE-AD19-4197-8B3A-D30B9DAD7EAB}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B38C2D4-3D7C-488C-A49E-7677EA9505D4}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA3EC34E-F5E8-4CE9-8E59-475AB8582249}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.11.18 20:04:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
[2012.11.15 11:32:02 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.11.15 11:32:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.11.15 11:31:29 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.11.15 11:31:28 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.11.15 11:31:28 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.11.15 11:31:07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.11.15 11:31:06 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.11.15 11:31:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.11.15 11:31:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.11.15 11:31:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.11.15 11:31:04 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.11.15 11:31:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.11.15 11:31:02 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.11.15 11:19:03 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.11.15 11:19:03 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.11.15 11:18:59 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012.11.15 11:18:58 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2012.11.15 11:18:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012.11.15 11:18:54 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2012.11.15 11:18:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012.11.14 19:40:29 | 000,000,000 | ---D | C] -- C:\Users\Witala&Olga\AppData\Local\Punkbuster
[2012.11.14 19:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory
[2012.11.14 19:16:12 | 000,000,000 | ---D | C] -- C:\Users\Witala&Olga\Game
[2012.11.04 18:09:43 | 000,000,000 | ---D | C] -- C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard101(DE)
[2012.11.04 18:09:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Wizard101(DE)
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.11.18 23:56:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.18 23:51:50 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.18 23:51:50 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.18 23:44:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012.11.18 23:44:37 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.18 23:44:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.18 23:43:38 | 2415,316,992 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.18 21:14:13 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.18 21:07:04 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-819265921-1684063707-1882086428-1000Core.job
[2012.11.18 21:07:03 | 000,001,144 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-819265921-1684063707-1882086428-1000UA.job
[2012.11.18 20:52:34 | 000,694,030 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2012.11.18 20:52:34 | 000,674,838 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.18 20:52:34 | 000,633,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.18 20:52:34 | 000,390,310 | ---- | M] () -- C:\Windows\System32\prfh0404.dat
[2012.11.18 20:52:34 | 000,141,268 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2012.11.18 20:52:34 | 000,138,830 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.18 20:52:34 | 000,114,386 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.18 20:52:34 | 000,107,332 | ---- | M] () -- C:\Windows\System32\prfc0404.dat
[2012.11.18 20:10:30 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.11.18 20:05:01 | 000,000,828 | ---- | M] () -- C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.11.18 20:04:59 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
[2012.11.15 18:56:09 | 000,340,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.14 21:34:33 | 000,002,027 | ---- | M] () -- C:\Users\Witala&Olga\Desktop\Kies Air Discovery Service.lnk
[2012.11.14 19:43:33 | 000,137,176 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.11.14 19:41:01 | 000,022,328 | ---- | M] () -- C:\Users\Witala&Olga\AppData\Roaming\PnkBstrK.sys
[2012.11.14 19:40:29 | 000,682,280 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2012.11.14 17:30:56 | 000,016,765 | ---- | M] () -- C:\Users\Witala&Olga\Documents\PersoBogen RSUKr.pdf
[2012.11.09 13:10:14 | 000,002,520 | ---- | M] () -- C:\Users\Witala&Olga\Desktop\Google Chrome.lnk
[2012.11.04 18:09:43 | 000,001,493 | ---- | M] () -- C:\Users\Witala&Olga\Desktop\Wizard101.lnk
[2012.10.27 13:48:22 | 000,001,262 | ---- | M] () -- C:\Users\Witala&Olga\Desktop\Free YouTube Download.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.11.18 20:05:01 | 000,000,828 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.11.18 20:04:59 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.11.15 11:32:03 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.15 11:31:28 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.14 21:34:33 | 000,002,027 | ---- | C] () -- C:\Users\Witala&Olga\Desktop\Kies Air Discovery Service.lnk
[2012.11.14 19:41:01 | 000,137,176 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.11.14 19:40:31 | 000,268,952 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012.11.14 19:40:29 | 000,682,280 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2012.11.14 19:40:29 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012.11.14 17:30:55 | 000,016,765 | ---- | C] () -- C:\Users\Witala&Olga\Documents\PersoBogen RSUKr.pdf
[2012.11.04 18:09:43 | 000,001,493 | ---- | C] () -- C:\Users\Witala&Olga\Desktop\Wizard101.lnk
[2012.01.09 19:49:18 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.11.01 09:28:55 | 000,000,099 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Local\fusioncache.dat
[2011.10.31 18:14:02 | 000,022,328 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Roaming\PnkBstrK.sys
[2011.10.17 22:48:36 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2011.10.13 14:10:52 | 000,005,028 | ---- | C] () -- C:\ProgramData\cgatmfqq.mbd
[2011.07.30 18:15:20 | 000,008,704 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.16 17:37:30 | 000,117,840 | ---- | C] () -- C:\Windows\System32\prfi0404.dat
[2011.06.16 17:37:29 | 000,390,310 | ---- | C] () -- C:\Windows\System32\prfh0404.dat
[2011.06.16 17:37:29 | 000,107,332 | ---- | C] () -- C:\Windows\System32\prfc0404.dat
[2011.06.16 17:37:29 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0404.dat
[2011.05.26 21:51:59 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.05.26 21:50:47 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.05.26 20:54:06 | 000,000,000 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Local\{6375AED8-2435-4363-81CF-050539C9E94E}
[2011.01.29 14:27:26 | 000,185,952 | ---- | C] () -- C:\Windows\hpoins43.dat.temp
[2011.01.29 14:27:26 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2011.01.29 14:07:04 | 000,221,147 | ---- | C] () -- C:\Windows\hpoins43.dat
[2011.01.29 14:07:04 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat
[2010.12.16 20:03:00 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.04.29 08:28:43 | 000,004,202 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Roaming\wklnhst.dat
[2010.03.08 17:52:06 | 000,001,024 | ---- | C] () -- C:\Users\Witala&Olga\.rnd

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Bitte um Hilfe.
Danke

Swisstreasure · 19.11.2012, 01:14

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die Textbox.

Code:

ATTFilter

:OTL
PRC - C:\ProgramData\lsass.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HijackThis startup scan] K:\Hjthis\HijackThis.exe /startupscan File not found
O4 - Startup: C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk = C:\ProgramData\lsass.exe (Microsoft Corporation)
[2012.11.18 20:04:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
[2012.11.18 20:05:01 | 000,000,828 | ---- | M] () -- C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.11.18 20:04:59 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
[2012.11.18 20:04:59 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.11.18 20:10:30 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
:Commands
[purity]
[emptytemp]

Schliesse bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

Schritt 2

Downloade Dir bitte Malwarebytes

Installiere das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
Wenn das Update beendet wurde, aktiviere Quick-Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

willi31 · 24.11.2012, 15:58

Error: Unable to interpret <OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 24.11.2012 15:46:38 - Run 2> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.69.0     Folder = K:\Hjthis> in the current context!
Error: Unable to interpret < Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,84% Memory free> in the current context!
Error: Unable to interpret <6,00 Gb Paging File | 4,36 Gb Available in Paging File | 72,76% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files> in the current context!
Error: Unable to interpret <Drive C: | 284,09 Gb Total Space | 167,32 Gb Free Space | 58,90% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive I: | 298,09 Gb Total Space | 271,20 Gb Free Space | 90,98% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive K: | 3,73 Gb Total Space | 1,15 Gb Free Space | 30,86% Space Free | Partition Type: FAT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: WITALA-OLGA | User Name: Witala&Olga | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - K:\Hjthis\OTL.exe (OldTimer Tools)> in the current context!
Error: Unable to interpret <PRC - C:\ProgramData\lsass.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Users\Witala&Olga\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe ()> in the current context!
Error: Unable to interpret <PRC - C:\Users\Witala&Olga\AppData\Roaming\BrowserCompanion\tbhcn.exe ()> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)> in the current context!
Error: Unable to interpret <PRC - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Logitech\Vid HD\Vid.exe (Logitech Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe ()> in the current context!
Error: Unable to interpret <PRC - C:\Windows\System32\HidService.exe (Packard Bell Services)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - C:\Users\WITALA~1\AppData\Local\Temp\wgsdgsdgdsgsd.exe ()> in the current context!
Error: Unable to interpret <MOD - C:\Users\Witala&Olga\AppData\Roaming\BrowserCompanion\tbhcn.exe ()> in the current context!
Error: Unable to interpret <MOD - C:\Users\WITALA~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\vpxmd.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\SDL.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\WinRAR\RarExt.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Common Files\logishrd\LvApi11\LvApi11.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\QtNetwork4.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\QtCore4.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\plugins\imageformats\qico4.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\plugins\imageformats\qgif4.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\QtWebKit4.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\QtXml4.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\QtSql4.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\QtOpenGL4.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\QtGui4.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Programme\Logitech\Vid HD\phonon4.dll ()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV - (WPFFontCache_v0400) --  File not found> in the current context!
Error: Unable to interpret <SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)> in the current context!
Error: Unable to interpret <SRV - (DefaultTabUpdate) -- C:\Users\Witala&Olga\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe ()> in the current context!
Error: Unable to interpret <SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)> in the current context!
Error: Unable to interpret <SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)> in the current context!
Error: Unable to interpret <SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)> in the current context!
Error: Unable to interpret <SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)> in the current context!
Error: Unable to interpret <SRV - (TeamViewer7) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)> in the current context!
Error: Unable to interpret <SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)> in the current context!
Error: Unable to interpret <SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)> in the current context!
Error: Unable to interpret <SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)> in the current context!
Error: Unable to interpret <SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)> in the current context!
Error: Unable to interpret <SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (NAUpdate) -- C:\Programme\Nero\Update\NASvc.exe (Nero AG)> in the current context!
Error: Unable to interpret <SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)> in the current context!
Error: Unable to interpret <SRV - (LVPrcSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)> in the current context!
Error: Unable to interpret <SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)> in the current context!
Error: Unable to interpret <SRV - (ETService) -- C:\Programme\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe ()> in the current context!
Error: Unable to interpret <SRV - (GenericHidService) -- C:\Windows\System32\HidService.exe (Packard Bell Services)> in the current context!
Error: Unable to interpret <SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)> in the current context!
Error: Unable to interpret <SRV - (AdobeActiveFileMonitor6.0) -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()> in the current context!
Error: Unable to interpret <SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found> in the current context!
Error: Unable to interpret <DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found> in the current context!
Error: Unable to interpret <DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found> in the current context!
Error: Unable to interpret <DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))> in the current context!
Error: Unable to interpret <DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))> in the current context!
Error: Unable to interpret <DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)> in the current context!
Error: Unable to interpret <DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)> in the current context!
Error: Unable to interpret <DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)> in the current context!
Error: Unable to interpret <DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)> in the current context!
Error: Unable to interpret <DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)> in the current context!
Error: Unable to interpret <DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)> in the current context!
Error: Unable to interpret <DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)> in the current context!
Error: Unable to interpret <DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (InputFilter_Hid_FlexDef2b) -- C:\Windows\System32\drivers\InputFilter_FlexDef2b.sys (Siliten)> in the current context!
Error: Unable to interpret <DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)> in the current context!
Error: Unable to interpret <DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()> in the current context!
Error: Unable to interpret <DRV - (PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)> in the current context!
Error: Unable to interpret <DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)> in the current context!
Error: Unable to interpret <DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)> in the current context!
Error: Unable to interpret <DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)> in the current context!
Error: Unable to interpret <DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)> in the current context!
Error: Unable to interpret <DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=1&o=vp32&d=0310&m=imedia_d3860_ge> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-8.html> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes,DefaultScope = {6B450403-5728-492D-B6AD-458D58ABB544}> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{0D081E50-AA5A-4AA0-885D-A69195588A7A}: "URL" = hxxp://rover.ebay.com/rover/1/707-1403-27640-2/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{5E44BB08-E061-489B-AE5F-0C9B28619A69}: "URL" = hxxp://www.mysearchresults.com/search?&c=4001&t=10&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{6B450403-5728-492D-B6AD-458D58ABB544}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW_deDE370> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{8D2A4BE6-03F6-421A-A37F-2395EA5FF212}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?sr=twiki&q={searchTerms}&dia=tie8> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{A3F3902B-5E02-4A4D-A905-BFA294A4924A}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tweb&q={searchTerms}&dia=tie8> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{E20BD284-46FE-4C73-9894-12BF937D6F21}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tonline_internetexplorer-browser-suche-21&index=blended&linkCode=ur2&camp=1638&creative=6742> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaulturl: ""> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.selectedEngine: "Linkury Smartbar Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.suggest.enabled: false> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.useDBForOrder: true> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "www.google.de"> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: linkuryfirefoxremoteplugin@linkury.com:1.0> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}:5.0.17> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.23> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.2.44026> in the current context!
Error: Unable to interpret <FF - prefs.js..keyword.URL: "hxxp://search-us.linkury.com/results.htm?cx=partner-pub-7890126930977991:7317400059&cof=FORID:11&sa=Search&siteurl=search.linkury.com&q="> in the current context!
Error: Unable to interpret <FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""> in the current context!
Error: Unable to interpret <FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"> in the current context!
Error: Unable to interpret <FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "softonic-de3 Customized Web Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "www.google.de"> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Witala&Olga\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Witala&Olga\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.29 14:38:26 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.05.28 19:45:10 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.03 21:51:37 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.03 21:51:37 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.29 14:38:26 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.1.0\FF [2011.02.08 10:37:05 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2010.10.17 12:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Extensions> in the current context!
Error: Unable to interpret <[2012.11.16 11:15:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions> in the current context!
Error: Unable to interpret <[2010.10.17 12:27:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}> in the current context!
Error: Unable to interpret <[2012.02.04 21:18:27 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}> in the current context!
Error: Unable to interpret <[2011.10.13 14:26:29 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\4f3msv4e.ht4> in the current context!
Error: Unable to interpret <[2011.10.13 14:24:18 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\efcwh4jd.0gz> in the current context!
Error: Unable to interpret <[2011.03.23 21:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\engine@conduit.com> in the current context!
Error: Unable to interpret <[2012.01.28 14:08:14 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\Firefox\Profiles\ouscka8m.default\extensions\plugin@yontoo.com> in the current context!
Error: Unable to interpret <[2012.10.07 12:51:12 | 000,022,390 | ---- | M] () (No name found) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\firefox\profiles\ouscka8m.default\extensions\addon@defaulttab.com.xpi> in the current context!
Error: Unable to interpret <[2012.11.16 11:15:02 | 000,566,853 | ---- | M] () (No name found) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\firefox\profiles\ouscka8m.default\extensions\toolbar@web.de.xpi> in the current context!
Error: Unable to interpret <[2012.07.25 19:53:37 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\firefox\profiles\ouscka8m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi> in the current context!
Error: Unable to interpret <[2011.10.16 19:50:08 | 000,005,601 | ---- | M] () -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\firefox\profiles\ouscka8m.default\searchplugins\Linkury Smartbar Search.xml> in the current context!
Error: Unable to interpret <[2012.10.17 20:07:27 | 000,001,982 | ---- | M] () -- C:\Users\Witala&Olga\AppData\Roaming\mozilla\firefox\profiles\ouscka8m.default\searchplugins\search-here.xml> in the current context!
Error: Unable to interpret <[2012.07.30 19:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions> in the current context!
Error: Unable to interpret <[2011.10.31 22:39:03 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}> in the current context!
Error: Unable to interpret <[2012.07.30 19:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions> in the current context!
Error: Unable to interpret <[2012.07.30 19:24:24 | 000,000,000 | ---D | M] (WEB.DE MailCheck) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de> in the current context!
Error: Unable to interpret <[2012.06.01 16:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll> in the current context!
Error: Unable to interpret <[2010.08.24 10:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll> in the current context!
Error: Unable to interpret <[2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll> in the current context!
Error: Unable to interpret <[2012.06.01 17:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context!
Error: Unable to interpret <[2012.06.01 17:33:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml> in the current context!
Error: Unable to interpret <[2012.06.01 17:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml> in the current context!
Error: Unable to interpret <[2012.06.01 17:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context!
Error: Unable to interpret <[2012.06.01 17:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context!
Error: Unable to interpret <[2012.06.01 17:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Chrome  ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <CHR - homepage: hxxp://www.google.de/> in the current context!
Error: Unable to interpret <CHR - default_search_provider: Linkury Smartbar Search (Enabled)> in the current context!
Error: Unable to interpret <CHR - default_search_provider: search_url = hxxp://search-us.linkury.com/results.htm?cx=partner-pub-7890126930977991:5731629158&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com> in the current context!
Error: Unable to interpret <CHR - default_search_provider: suggest_url = > in the current context!
Error: Unable to interpret <CHR - homepage: hxxp://www.google.de/> in the current context!
Error: Unable to interpret <CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer> in the current context!
Error: Unable to interpret <CHR - plugin: Native Client (Enabled) = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\Application\23.0.1271.64\pdf.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\Application\23.0.1271.64\gcswf32.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll> in the current context!
Error: Unable to interpret <CHR - plugin: BitCometAgent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll> in the current context!
Error: Unable to interpret <CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll> in the current context!
Error: Unable to interpret <CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll> in the current context!
Error: Unable to interpret <CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll> in the current context!
Error: Unable to interpret <CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll> in the current context!
Error: Unable to interpret <CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll> in the current context!
Error: Unable to interpret <CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll> in the current context!
Error: Unable to interpret <CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll> in the current context!
Error: Unable to interpret <CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll> in the current context!
Error: Unable to interpret <CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll> in the current context!
Error: Unable to interpret <CHR - Extension: YouTube = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\> in the current context!
Error: Unable to interpret <CHR - Extension: Browser Companion Helper = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\> in the current context!
Error: Unable to interpret <CHR - Extension: Google-Suche = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\> in the current context!
Error: Unable to interpret <CHR - Extension: General Crawler = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.6_0\> in the current context!
Error: Unable to interpret <CHR - Extension: DefaultTab = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.10_0\> in the current context!
Error: Unable to interpret <CHR - Extension: Skype Click to Call = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\> in the current context!
Error: Unable to interpret <CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\> in the current context!
Error: Unable to interpret <CHR - Extension: Google Mail = C:\Users\Witala&Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1       localhost> in the current context!
Error: Unable to interpret <O1 - Hosts: ::1             localhost> in the current context!
Error: Unable to interpret <O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( )> in the current context!
Error: Unable to interpret <O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)> in the current context!
Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Witala&Olga\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\BrowserCompanion\updatebhoWin32.dll ( )> in the current context!
Error: Unable to interpret <O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\WITALA~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL ()> in the current context!
Error: Unable to interpret <O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: []  File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [HijackThis startup scan] K:\Hjthis\HijackThis.exe /startupscan File not found> in the current context!
Error: Unable to interpret <O4 - Startup: C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk = C:\ProgramData\lsass.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - Startup: C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Witala&Olga\AppData\Roaming\BrowserCompanion\tbhcn.exe ()> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Free YouTube Download - C:\Users\Witala&Olga\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab (Java Plug-in 1.5.0_17)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34A4A7AE-AD19-4197-8B3A-D30B9DAD7EAB}: DhcpNameServer = 192.168.178.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B38C2D4-3D7C-488C-A49E-7677EA9505D4}: DhcpNameServer = 192.168.178.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA3EC34E-F5E8-4CE9-8E59-475AB8582249}: DhcpNameServer = 192.168.178.1> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O24 - Desktop WallPaper: C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg> in the current context!
Error: Unable to interpret <O24 - Desktop BackupWallPaper: C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.11.18 20:04:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\lsass.exe> in the current context!
Error: Unable to interpret <[2012.11.15 11:32:02 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys> in the current context!
Error: Unable to interpret <[2012.11.15 11:32:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:29 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:28 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:28 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:06 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:04 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:02 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl> in the current context!
Error: Unable to interpret <[2012.11.15 11:19:03 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys> in the current context!
Error: Unable to interpret <[2012.11.15 11:19:03 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:18:59 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:18:58 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:18:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:18:54 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll> in the current context!
Error: Unable to interpret <[2012.11.15 11:18:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll> in the current context!
Error: Unable to interpret <[2012.11.14 19:40:29 | 000,000,000 | ---D | C] -- C:\Users\Witala&Olga\AppData\Local\Punkbuster> in the current context!
Error: Unable to interpret <[2012.11.14 19:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory> in the current context!
Error: Unable to interpret <[2012.11.14 19:16:12 | 000,000,000 | ---D | C] -- C:\Users\Witala&Olga\Game> in the current context!
Error: Unable to interpret <[2012.11.04 18:09:43 | 000,000,000 | ---D | C] -- C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard101(DE)> in the current context!
Error: Unable to interpret <[2012.11.04 18:09:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Wizard101(DE)> in the current context!
Error: Unable to interpret <[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.11.24 15:46:18 | 000,694,030 | ---- | M] () -- C:\Windows\System32\perfh019.dat> in the current context!
Error: Unable to interpret <[2012.11.24 15:46:18 | 000,674,838 | ---- | M] () -- C:\Windows\System32\perfh007.dat> in the current context!
Error: Unable to interpret <[2012.11.24 15:46:18 | 000,633,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat> in the current context!
Error: Unable to interpret <[2012.11.24 15:46:18 | 000,390,310 | ---- | M] () -- C:\Windows\System32\prfh0404.dat> in the current context!
Error: Unable to interpret <[2012.11.24 15:46:18 | 000,141,268 | ---- | M] () -- C:\Windows\System32\perfc019.dat> in the current context!
Error: Unable to interpret <[2012.11.24 15:46:18 | 000,138,830 | ---- | M] () -- C:\Windows\System32\perfc007.dat> in the current context!
Error: Unable to interpret <[2012.11.24 15:46:18 | 000,114,386 | ---- | M] () -- C:\Windows\System32\perfc009.dat> in the current context!
Error: Unable to interpret <[2012.11.24 15:46:18 | 000,107,332 | ---- | M] () -- C:\Windows\System32\prfc0404.dat> in the current context!
Error: Unable to interpret <[2012.11.24 15:21:46 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012.11.24 15:21:46 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012.11.24 15:14:21 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml> in the current context!
Error: Unable to interpret <[2012.11.24 15:14:14 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job> in the current context!
Error: Unable to interpret <[2012.11.24 15:13:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2012.11.24 15:13:34 | 2415,316,992 | -HS- | M] () -- C:\hiberfil.sys> in the current context!
Error: Unable to interpret <[2012.11.22 21:51:16 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad> in the current context!
Error: Unable to interpret <[2012.11.19 00:14:10 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context!
Error: Unable to interpret <[2012.11.19 00:07:10 | 000,001,144 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-819265921-1684063707-1882086428-1000UA.job> in the current context!
Error: Unable to interpret <[2012.11.18 23:56:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job> in the current context!
Error: Unable to interpret <[2012.11.18 21:07:04 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-819265921-1684063707-1882086428-1000Core.job> in the current context!
Error: Unable to interpret <[2012.11.18 20:05:01 | 000,000,828 | ---- | M] () -- C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk> in the current context!
Error: Unable to interpret <[2012.11.18 20:04:59 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\lsass.exe> in the current context!
Error: Unable to interpret <[2012.11.15 18:56:09 | 000,340,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT> in the current context!
Error: Unable to interpret <[2012.11.14 21:34:33 | 000,002,027 | ---- | M] () -- C:\Users\Witala&Olga\Desktop\Kies Air Discovery Service.lnk> in the current context!
Error: Unable to interpret <[2012.11.14 19:43:33 | 000,137,176 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys> in the current context!
Error: Unable to interpret <[2012.11.14 19:41:01 | 000,022,328 | ---- | M] () -- C:\Users\Witala&Olga\AppData\Roaming\PnkBstrK.sys> in the current context!
Error: Unable to interpret <[2012.11.14 19:40:29 | 000,682,280 | ---- | M] () -- C:\Windows\System32\pbsvc.exe> in the current context!
Error: Unable to interpret <[2012.11.14 17:30:56 | 000,016,765 | ---- | M] () -- C:\Users\Witala&Olga\Documents\PersoBogen RSUKr.pdf> in the current context!
Error: Unable to interpret <[2012.11.09 13:10:14 | 000,002,520 | ---- | M] () -- C:\Users\Witala&Olga\Desktop\Google Chrome.lnk> in the current context!
Error: Unable to interpret <[2012.11.04 18:09:43 | 000,001,493 | ---- | M] () -- C:\Users\Witala&Olga\Desktop\Wizard101.lnk> in the current context!
Error: Unable to interpret <[2012.10.27 13:48:22 | 000,001,262 | ---- | M] () -- C:\Users\Witala&Olga\Desktop\Free YouTube Download.lnk> in the current context!
Error: Unable to interpret <[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.11.18 20:05:01 | 000,000,828 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk> in the current context!
Error: Unable to interpret <[2012.11.18 20:04:59 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad> in the current context!
Error: Unable to interpret <[2012.11.15 11:32:03 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf> in the current context!
Error: Unable to interpret <[2012.11.15 11:31:28 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf> in the current context!
Error: Unable to interpret <[2012.11.14 21:34:33 | 000,002,027 | ---- | C] () -- C:\Users\Witala&Olga\Desktop\Kies Air Discovery Service.lnk> in the current context!
Error: Unable to interpret <[2012.11.14 19:41:01 | 000,137,176 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys> in the current context!
Error: Unable to interpret <[2012.11.14 19:40:31 | 000,268,952 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe> in the current context!
Error: Unable to interpret <[2012.11.14 19:40:29 | 000,682,280 | ---- | C] () -- C:\Windows\System32\pbsvc.exe> in the current context!
Error: Unable to interpret <[2012.11.14 19:40:29 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe> in the current context!
Error: Unable to interpret <[2012.11.14 17:30:55 | 000,016,765 | ---- | C] () -- C:\Users\Witala&Olga\Documents\PersoBogen RSUKr.pdf> in the current context!
Error: Unable to interpret <[2012.11.04 18:09:43 | 000,001,493 | ---- | C] () -- C:\Users\Witala&Olga\Desktop\Wizard101.lnk> in the current context!
Error: Unable to interpret <[2012.01.09 19:49:18 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll> in the current context!
Error: Unable to interpret <[2011.11.01 09:28:55 | 000,000,099 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Local\fusioncache.dat> in the current context!
Error: Unable to interpret <[2011.10.31 18:14:02 | 000,022,328 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Roaming\PnkBstrK.sys> in the current context!
Error: Unable to interpret <[2011.10.17 22:48:36 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll> in the current context!
Error: Unable to interpret <[2011.10.13 14:10:52 | 000,005,028 | ---- | C] () -- C:\ProgramData\cgatmfqq.mbd> in the current context!
Error: Unable to interpret <[2011.07.30 18:15:20 | 000,008,704 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context!
Error: Unable to interpret <[2011.06.16 17:37:30 | 000,117,840 | ---- | C] () -- C:\Windows\System32\prfi0404.dat> in the current context!
Error: Unable to interpret <[2011.06.16 17:37:29 | 000,390,310 | ---- | C] () -- C:\Windows\System32\prfh0404.dat> in the current context!
Error: Unable to interpret <[2011.06.16 17:37:29 | 000,107,332 | ---- | C] () -- C:\Windows\System32\prfc0404.dat> in the current context!
Error: Unable to interpret <[2011.06.16 17:37:29 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0404.dat> in the current context!
Error: Unable to interpret <[2011.05.26 21:51:59 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe> in the current context!
Error: Unable to interpret <[2011.05.26 21:50:47 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe> in the current context!
Error: Unable to interpret <[2011.05.26 20:54:06 | 000,000,000 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Local\{6375AED8-2435-4363-81CF-050539C9E94E}> in the current context!
Error: Unable to interpret <[2011.01.29 14:27:26 | 000,185,952 | ---- | C] () -- C:\Windows\hpoins43.dat.temp> in the current context!
Error: Unable to interpret <[2011.01.29 14:27:26 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp> in the current context!
Error: Unable to interpret <[2011.01.29 14:07:04 | 000,221,147 | ---- | C] () -- C:\Windows\hpoins43.dat> in the current context!
Error: Unable to interpret <[2011.01.29 14:07:04 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat> in the current context!
Error: Unable to interpret <[2010.12.16 20:03:00 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini> in the current context!
Error: Unable to interpret <[2010.04.29 08:28:43 | 000,004,202 | ---- | C] () -- C:\Users\Witala&Olga\AppData\Roaming\wklnhst.dat> in the current context!
Error: Unable to interpret <[2010.03.08 17:52:06 | 000,001,024 | ---- | C] () -- C:\Users\Witala&Olga\.rnd> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== ZeroAccess Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context!
Error: Unable to interpret <"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Apartment> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]> in the current context!
Error: Unable to interpret <"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Free> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]> in the current context!
Error: Unable to interpret <"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <"ThreadingModel" = Both> in the current context!
Error: Unable to interpret << End of report >

--- --- ---
> in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 11242012_155542

Malwarebytes Anti-Malware (Test) 1.65.1.1000
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.09.29.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Witala&Olga :: WITALA-OLGA [Administrator]

Schutz: Aktiviert

24.11.2012 16:04:18
mbam-log-2012-11-24 (16-04-18).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 196216
Laufzeit: 5 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 1
C:\ProgramData\lsass.exe (Trojan.Delf) -> 1536 -> Löschen bei Neustart.

Infizierte Speichermodule: 2
C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Löschen bei Neustart.
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Löschen bei Neustart.

Infizierte Registrierungsschlüssel: 34
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\gencrawler_gc.GenCrawler (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\OW1T3CYG7T (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\XML (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 3
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Program Files\BrowserCompanion (PUP.Blabbers) -> Löschen bei Neustart.

Infizierte Dateien: 15
C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Löschen bei Neustart.
C:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Löschen bei Neustart.
C:\Users\Witala&Olga\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.dll (Trojan.Downloader) -> Löschen bei Neustart.
C:\Users\Witala&Olga\AppData\Local\Temp\wgsdgsdgdsgsd.exe (Exploit.Drop.GS) -> Löschen bei Neustart.
C:\ProgramData\lsass.exe (Trojan.Delf) -> Löschen bei Neustart.
C:\Users\Witala&Olga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\terms.lnk.url (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Laut Program ist alles weg. Sogar Minianwendungen gehen wieder.

Swisstreasure · 25.11.2012, 22:41

Das mit Schritt hat jedoch nicht geklappt!
http://www.trojaner-board.de/127220-...tml#post958987
Mach es genau so. Du musst das Script welches ich im Post geschrieben habe in das Textfeld kopieren und nicht das ganze Log!

25.11.2012, 22:41	#4
Swisstreasure /// Malwareteam	BKA Trojaner PC gesperrt Das mit Schritt hat jedoch nicht geklappt! http://www.trojaner-board.de/127220-...tml#post958987 Mach es genau so. Du musst das Script welches ich im Post geschrieben habe in das Textfeld kopieren und nicht das ganze Log!

BKA Trojaner PC gesperrt

Log-Analyse und Auswertung: BKA Trojaner PC gesperrt