Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win 7 security 2011

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 15.05.2011, 09:24   #1
Batzke
 
Win 7 security 2011 - Standard

Win 7 security 2011



Ich habe mir vor ein paar tagen etwas runtergeladen und als ich es dann installieren wollte ging auf einmal mein Browser aus und ich erhielt eine virennachricht von win 7 security 2011. Ich kenne dieses programm nicht und bitte euch mir zu helfen
Vielen Dank schonmal im Vorraus

Hier habe ich schon die logfiles zusammengestellt die ich mit OTL gemacht habe:



OTL Extras logfile created on: 15.05.2011 10:07:00 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sebastian Batzke\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,87 Gb Total Space | 311,19 Gb Free Space | 67,82% Space Free | Partition Type: NTFS
Drive D: | 458,87 Gb Total Space | 259,24 Gb Free Space | 56,49% Space Free | Partition Type: NTFS
Drive E: | 7,87 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: SEBASTIANBATZKE | User Name: Sebastian Batzke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- C:\Users\Sebastian Batzke\AppData\Local\uok.exe ()
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]


OTL

OTL logfile created on: 15.05.2011 10:07:00 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sebastian Batzke\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,87 Gb Total Space | 311,19 Gb Free Space | 67,82% Space Free | Partition Type: NTFS
Drive D: | 458,87 Gb Total Space | 259,24 Gb Free Space | 56,49% Space Free | Partition Type: NTFS
Drive E: | 7,87 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: SEBASTIANBATZKE | User Name: Sebastian Batzke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Sebastian Batzke\Downloads\OTL.exe (OldTimer Tools)
PRC - D:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
PRC - D:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe (Crawler.com)
PRC - C:\Users\Sebastian Batzke\AppData\Local\uok.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\PROGRA~2\Crawler\Toolbar\CToolbar.exe (Crawler.com)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - d:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Program Files (x86)\Ant.com\IE add-on\AntUpdaterService.exe (Ant.com)
PRC - d:\Program Files (x86)\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\ProgramData\DatacardService\DCService.exe ()
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - d:\Program Files (x86)\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Users\Sebastian Batzke\AppData\Roaming\Telekom Internet Manager\ouc.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe ()
PRC - C:\OEM\USBDECTION\USBS3S4Detection.exe ()
PRC - C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe ()
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Sebastian Batzke\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - d:\Program Files (x86)\PC Tools Security\PCTGMhk.dll (PC Tools)


========== Win32 Services (SafeList) ==========

SRV - (sp_rssrv) -- d:\Program Files (x86)\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntUpdaterService) -- C:\Program Files (x86)\Ant.com\IE add-on\AntUpdaterService.exe (Ant.com)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (sdCoreService) -- d:\Program Files (x86)\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (DCService.exe) -- C:\ProgramData\DatacardService\DCService.exe ()
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (sdAuxService) -- d:\Program Files (x86)\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (WLANBelkinService) -- C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe ()
SRV - (USBS3S4Detection) -- C:\OEM\USBDECTION\USBS3S4Detection.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (silabser) -- C:\Windows\SysNative\drivers\silabser.sys (Silicon Laboratories)
DRV:64bit: - (silabenm) -- C:\Windows\SysNative\drivers\silabenm.sys (Silicon Laboratories)
DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys (PC Tools)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (pctEFA) -- C:\Windows\SysNative\drivers\pctEFA64.sys (PC Tools)
DRV:64bit: - (sp_rsdrv2) -- C:\Windows\SysNative\drivers\stflt.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (pctDS) -- C:\Windows\SysNative\drivers\pctDS64.sys (PC Tools)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (tcpipBM) -- C:\Windows\SysNative\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV:64bit: - (BMLoad) -- C:\Windows\SysNative\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (BCMH43XX) -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys (Broadcom Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (e1kexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcp) -- C:\Windows\SysNative\drivers\BthAvrcp.sys (CSR, plc)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Dnetr7364) -- C:\Windows\SysNative\drivers\Dnetr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64k.sys (Microsoft Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (anodlwf) -- C:\Windows\SysNative\drivers\anodlwfx.sys ()
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouKE) -- C:\Windows\SysNative\drivers\LMouKE.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (L8042mou) -- C:\Windows\SysNative\drivers\L8042mou.Sys (Logitech, Inc.)
DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV:64bit: - (RT73) -- C:\Windows\SysNative\drivers\Dr71WU.sys (Ralink Technology, Corp.)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=17360510ln07973380f453h971y352
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=17360510ln07973380f453h971y352
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=17360510ln07973380f453h971y352
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=17360510ln07973380f453h971y352
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=17360510ln07973380f453h971y352
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.crawler.com/homepage.aspx?tbid=60347
IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.startup.homepage: "hxxp://www.crawler.com/homepage.aspx?tbid=60347"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {c9508125-4747-4733-b048-e4b82dc9716d}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: support@free-hideip.com:1.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.4
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.04.03 10:35:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.04.03 10:35:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files (x86)\Crawler\Toolbar\firefox\ [2011.05.14 19:33:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.08.08 18:42:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.07 18:40:57 | 000,000,000 | ---D | M]

[2010.05.10 14:28:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebastian Batzke\AppData\Roaming\mozilla\Extensions
[2011.05.15 10:07:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebastian Batzke\AppData\Roaming\mozilla\Firefox\Profiles\exryr75n.default\extensions
[2010.09.02 20:35:57 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Sebastian Batzke\AppData\Roaming\mozilla\Firefox\Profiles\exryr75n.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.07.27 11:25:57 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Sebastian Batzke\AppData\Roaming\mozilla\Firefox\Profiles\exryr75n.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.09.04 09:47:29 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Sebastian Batzke\AppData\Roaming\mozilla\Firefox\Profiles\exryr75n.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.05.14 20:17:07 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Sebastian Batzke\AppData\Roaming\mozilla\Firefox\Profiles\exryr75n.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.06.19 13:31:08 | 000,000,000 | ---D | M] (PHPNukeDE Toolbar) -- C:\Users\Sebastian Batzke\AppData\Roaming\mozilla\Firefox\Profiles\exryr75n.default\extensions\{c9508125-4747-4733-b048-e4b82dc9716d}
[2010.05.20 16:51:02 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\Sebastian Batzke\AppData\Roaming\mozilla\Firefox\Profiles\exryr75n.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.11.22 18:43:26 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Sebastian Batzke\AppData\Roaming\mozilla\Firefox\Profiles\exryr75n.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.12.23 12:22:21 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\Sebastian Batzke\AppData\Roaming\mozilla\Firefox\Profiles\exryr75n.default\extensions\anttoolbar@ant.com
[2011.03.20 18:05:01 | 000,000,000 | ---D | M] (Free Hide IP) -- C:\Users\Sebastian Batzke\AppData\Roaming\mozilla\Firefox\Profiles\exryr75n.default\extensions\support@free-hideip.com
[2010.09.04 10:02:51 | 000,000,873 | ---- | M] () -- C:\Users\Sebastian Batzke\AppData\Roaming\Mozilla\Firefox\Profiles\exryr75n.default\searchplugins\conduit.xml
[2010.11.22 18:43:23 | 000,003,915 | ---- | M] () -- C:\Users\Sebastian Batzke\AppData\Roaming\Mozilla\Firefox\Profiles\exryr75n.default\searchplugins\sweetim.xml
[2011.04.09 23:30:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.11.14 20:23:22 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.01.12 15:04:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.09 23:30:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.05.14 19:33:17 | 000,000,000 | ---D | M] (Crawler Toolbar) -- C:\PROGRAM FILES (X86)\CRAWLER\TOOLBAR\FIREFOX
[2011.04.03 10:35:23 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011.04.03 10:35:23 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011.04.09 09:34:29 | 000,000,000 | ---D | M] (OneClick YouTube Downloader) -- C:\PROGRAM FILES (X86)\ORBITDOWNLOADER\ADDONS\ONECLICKYOUTUBEDOWNLOADER
[2011.04.09 23:30:13 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.03.19 09:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.02.13 14:22:18 | 000,002,424 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.08.08 16:21:15 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Ant.com browser helper (video detector)) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll (Ant.com)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {c9508125-4747-4733-b048-e4b82dc9716d} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ant.com Download Toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (no name) - {c9508125-4747-4733-b048-e4b82dc9716d} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ant.com Download Toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (no name) - {C9508125-4747-4733-B048-E4B82DC9716D} - Reg Error: Value error. File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [ISTray] d:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [SpywareTerminator] d:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [SpywareTerminatorUpdate] d:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Sebastian Batzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Sebastian Batzke\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Sebastian Batzke\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Sebastian Batzke\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Sebastian Batzke\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll (Ant.com)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} hxxp://www.fiaa.eu/OPLauncher.cab (Perparer Class)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.07 09:46:02 | 000,000,081 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{5a089952-7720-11dc-878e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5a089952-7720-11dc-878e-806e6f6e6963}\Shell\AutoRun\command - "" = E:\0data\cbs.exe -- [2011.02.09 15:11:51 | 003,427,328 | R--- | M] ()
O33 - MountPoints2\{5ddce8b2-6b24-11e0-a293-90fba62ea004}\Shell - "" = AutoRun
O33 - MountPoints2\{5ddce8b2-6b24-11e0-a293-90fba62ea004}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{75a6baf5-6e43-11e0-96f2-90fba62ea004}\Shell - "" = AutoRun
O33 - MountPoints2\{75a6baf5-6e43-11e0-96f2-90fba62ea004}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{75a6bb0e-6e43-11e0-96f2-90fba62ea004}\Shell - "" = AutoRun
O33 - MountPoints2\{75a6bb0e-6e43-11e0-96f2-90fba62ea004}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{adc26d6a-5bb4-11e0-af0f-944452645507}\Shell - "" = AutoRun
O33 - MountPoints2\{adc26d6a-5bb4-11e0-af0f-944452645507}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "C:\Users\Sebastian Batzke\AppData\Local\uok.exe" -a "%1" %* ()
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "C:\Users\Sebastian Batzke\AppData\Local\uok.exe" -a "%1" %* ()

========== Files/Folders - Created Within 30 Days ==========

[2011.05.15 09:52:02 | 000,000,000 | -HSD | C] -- C:\found.000
[2011.05.15 09:33:29 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys
[2011.05.15 09:33:29 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys
[2011.05.15 09:33:24 | 000,334,976 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2011.05.15 09:33:24 | 000,137,704 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2011.05.15 09:32:57 | 000,257,232 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2011.05.15 09:32:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011.05.15 09:32:39 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2011.05.15 09:32:18 | 000,000,000 | ---D | C] -- C:\Users\Sebastian Batzke\AppData\Roaming\PC Tools
[2011.05.15 09:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011.05.14 19:33:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Toolbar
[2011.05.14 19:33:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crawler
[2011.05.14 19:33:06 | 000,000,000 | ---D | C] -- C:\Users\Sebastian Batzke\AppData\Roaming\Spyware Terminator
[2011.05.14 19:33:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator
[2011.05.14 19:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2011.05.14 19:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2011.05.14 19:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2011.05.14 17:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011.05.11 14:29:38 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.05.11 14:29:37 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.05.11 14:29:37 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.05.11 14:28:34 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011.05.11 14:28:34 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011.05.06 23:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.05.01 14:05:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}
[2011.05.01 12:41:13 | 000,000,000 | ---D | C] -- C:\Users\Sebastian Batzke\Documents\Drakensang
[2011.05.01 12:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakensang
[2011.04.29 22:22:15 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011.04.29 22:21:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2011.04.29 22:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2011.04.27 16:43:12 | 000,000,000 | ---D | C] -- C:\Users\Sebastian Batzke\Desktop\Bearbeitungsprogramme
[2011.04.27 09:36:52 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.04.27 09:36:51 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.04.27 09:36:51 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.04.27 09:36:51 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.04.27 09:36:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011.04.27 09:36:51 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011.04.27 09:36:51 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.04.27 09:25:36 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.04.27 09:25:35 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.04.27 09:25:19 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.04.27 09:25:19 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.04.27 09:18:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.04.27 09:18:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.04.24 14:41:08 | 000,000,000 | ---D | C] -- C:\Users\Sebastian Batzke\.thumbnails
[2011.04.24 14:40:28 | 000,000,000 | ---D | C] -- C:\Users\Sebastian Batzke\.gimp-2.6
[2011.04.24 09:50:15 | 000,000,000 | ---D | C] -- C:\Users\Sebastian Batzke\Doodle
[2011.04.24 09:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011.04.24 09:47:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2011.04.21 22:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2009.11.26 19:31:51 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.05.15 10:00:45 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.15 10:00:45 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.15 10:00:00 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Acer Registration Data Sending.job
[2011.05.15 09:58:13 | 001,527,504 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.15 09:58:13 | 000,664,396 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.05.15 09:58:13 | 000,624,578 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.15 09:58:13 | 000,134,564 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.05.15 09:58:13 | 000,110,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.15 09:54:26 | 000,009,818 | -HS- | M] () -- C:\Users\Sebastian Batzke\AppData\Local\18dtw1026w4upkr74je32enok06e
[2011.05.15 09:53:47 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.15 09:53:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.15 09:53:10 | 3113,558,016 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.15 09:52:38 | 000,003,224 | ---- | M] () -- C:\bootsqm.dat
[2011.05.15 09:32:49 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011.05.14 22:16:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.14 20:14:48 | 000,000,793 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2011.05.14 19:28:22 | 000,009,826 | -HS- | M] () -- C:\ProgramData\18dtw1026w4upkr74je32enok06e
[2011.05.14 18:27:39 | 001,391,964 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011.05.14 17:56:53 | 000,512,992 | ---- | M] () -- C:\Users\Sebastian Batzke\Desktop\sdasetup_revwire207.exe
[2011.05.14 17:28:08 | 000,331,776 | -HS- | M] () -- C:\Users\Sebastian Batzke\AppData\Local\uok.exe
[2011.05.14 17:28:06 | 000,331,776 | -HS- | M] () -- C:\Users\Sebastian Batzke\AppData\Local\ydq.exe
[2011.05.14 09:26:31 | 003,165,770 | ---- | M] () -- C:\Users\Sebastian Batzke\Desktop\GameStop_5F00_aks74u_5F00_flat.jpg
[2011.05.12 21:42:40 | 008,120,448 | ---- | M] () -- C:\Users\Sebastian Batzke\Bass Bandits - BOOM! [FULL HQ + HD].mp3
[2011.05.12 21:40:04 | 006,893,696 | ---- | M] () -- C:\Users\Sebastian Batzke\Predator & Angerfist - S-Type Benz HQ.mp3
[2011.05.12 21:39:56 | 007,004,288 | ---- | M] () -- C:\Users\Sebastian Batzke\Coone & Scope DJ - Traveling [FULL HQ + HD VERSION].mp3
[2011.05.12 21:39:20 | 007,585,920 | ---- | M] () -- C:\Users\Sebastian Batzke\The Viper & Neophyte - Nothing To Lose.mp3
[2011.05.12 21:37:48 | 007,071,872 | ---- | M] () -- C:\Users\Sebastian Batzke\Dyprax - Fuck Your Pride (Full) [HD].mp3
[2011.05.12 21:33:26 | 006,133,888 | ---- | M] () -- C:\Users\Sebastian Batzke\Angerfist - Radical (GUITAR DJ INTRO).mp3
[2011.05.12 21:23:38 | 004,247,680 | ---- | M] () -- C:\Users\Sebastian Batzke\Alphaverb - F_ck The Nice Guys.mp3
[2011.05.12 21:22:50 | 004,706,432 | ---- | M] () -- C:\Users\Sebastian Batzke\[HQ] The Pitcher - I Just Cant Stop [Hardstyle].mp3
[2011.05.09 16:58:50 | 005,464,108 | ---- | M] () -- C:\Users\Sebastian Batzke\Desktop\Finger__Kadel_-_Wahnsinn_official.mp3
[2011.05.09 16:58:46 | 012,115,307 | ---- | M] () -- C:\Users\Sebastian Batzke\Desktop\Duck Sauce - Barbra Streisand.mp3
[2011.05.08 20:12:52 | 000,130,221 | ---- | M] () -- C:\Users\Sebastian Batzke\Snickers.mp3
[2011.05.08 20:11:37 | 000,718,382 | ---- | M] () -- C:\Users\Sebastian Batzke\In Belsen....mp3
[2011.05.06 20:53:51 | 000,001,518 | ---- | M] () -- C:\Users\Sebastian Batzke\.recently-used.xbel
[2011.05.03 14:25:33 | 000,001,395 | ---- | M] () -- C:\Users\Sebastian Batzke\Desktop\cstrike - Verknüpfung.lnk
[2011.05.01 14:05:19 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.05.01 14:05:13 | 000,669,184 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.05.01 14:05:13 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.01 14:05:03 | 000,001,221 | ---- | M] () -- C:\Users\Public\Desktop\Crysis Wars.lnk
[2011.05.01 12:21:37 | 000,000,842 | ---- | M] () -- C:\Users\Sebastian Batzke\Desktop\Drakensang.lnk
[2011.04.29 22:22:15 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011.04.27 16:38:10 | 404,119,505 | ---- | M] () -- C:\Users\Sebastian Batzke\New.Kids.Turbo.BDRip.MD.RSVCD.BY.SBWC-2.mp4
[2011.04.23 22:13:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_silabser_01009.Wdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.05.15 09:52:38 | 000,003,224 | ---- | C] () -- C:\bootsqm.dat
[2011.05.15 09:32:49 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011.05.14 20:14:48 | 000,000,793 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2011.05.14 18:27:21 | 001,391,964 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011.05.14 17:57:05 | 000,512,992 | ---- | C] () -- C:\Users\Sebastian Batzke\Desktop\sdasetup_revwire207.exe
[2011.05.14 17:28:13 | 000,009,826 | -HS- | C] () -- C:\ProgramData\18dtw1026w4upkr74je32enok06e
[2011.05.14 17:28:13 | 000,009,818 | -HS- | C] () -- C:\Users\Sebastian Batzke\AppData\Local\18dtw1026w4upkr74je32enok06e
[2011.05.14 17:28:08 | 000,331,776 | -HS- | C] () -- C:\Users\Sebastian Batzke\AppData\Local\uok.exe
[2011.05.14 17:28:06 | 000,331,776 | -HS- | C] () -- C:\Users\Sebastian Batzke\AppData\Local\ydq.exe
[2011.05.14 09:34:39 | 008,120,448 | ---- | C] () -- C:\Users\Sebastian Batzke\Bass Bandits - BOOM! [FULL HQ + HD].mp3
[2011.05.14 09:34:39 | 006,133,888 | ---- | C] () -- C:\Users\Sebastian Batzke\Angerfist - Radical (GUITAR DJ INTRO).mp3
[2011.05.14 09:34:38 | 007,585,920 | ---- | C] () -- C:\Users\Sebastian Batzke\The Viper & Neophyte - Nothing To Lose.mp3
[2011.05.14 09:34:38 | 004,706,432 | ---- | C] () -- C:\Users\Sebastian Batzke\[HQ] The Pitcher - I Just Cant Stop [Hardstyle].mp3
[2011.05.14 09:34:38 | 004,247,680 | ---- | C] () -- C:\Users\Sebastian Batzke\Alphaverb - F_ck The Nice Guys.mp3
[2011.05.14 09:34:37 | 007,071,872 | ---- | C] () -- C:\Users\Sebastian Batzke\Dyprax - Fuck Your Pride (Full) [HD].mp3
[2011.05.14 09:34:37 | 007,004,288 | ---- | C] () -- C:\Users\Sebastian Batzke\Coone & Scope DJ - Traveling [FULL HQ + HD VERSION].mp3
[2011.05.14 09:34:37 | 006,893,696 | ---- | C] () -- C:\Users\Sebastian Batzke\Predator & Angerfist - S-Type Benz HQ.mp3
[2011.05.14 09:23:02 | 003,165,770 | ---- | C] () -- C:\Users\Sebastian Batzke\Desktop\GameStop_5F00_aks74u_5F00_flat.jpg
[2011.05.11 13:57:32 | 733,480,960 | ---- | C] () -- C:\Users\Sebastian Batzke\The Social Network (2010).avi
[2011.05.11 13:56:14 | 2011,134,888 | ---- | C] () -- C:\Users\Sebastian Batzke\Shooter.avi
[2011.05.11 13:55:59 | 404,119,505 | ---- | C] () -- C:\Users\Sebastian Batzke\New.Kids.Turbo.BDRip.MD.RSVCD.BY.SBWC-2.mp4
[2011.05.09 17:59:22 | 005,464,108 | ---- | C] () -- C:\Users\Sebastian Batzke\Desktop\Finger__Kadel_-_Wahnsinn_official.mp3
[2011.05.09 17:59:20 | 012,115,307 | ---- | C] () -- C:\Users\Sebastian Batzke\Desktop\Duck Sauce - Barbra Streisand.mp3
[2011.05.08 20:12:42 | 000,130,221 | ---- | C] () -- C:\Users\Sebastian Batzke\Snickers.mp3
[2011.05.08 20:11:12 | 000,718,382 | ---- | C] () -- C:\Users\Sebastian Batzke\In Belsen....mp3
[2011.05.06 20:53:51 | 000,001,518 | ---- | C] () -- C:\Users\Sebastian Batzke\.recently-used.xbel
[2011.05.03 14:25:37 | 000,001,395 | ---- | C] () -- C:\Users\Sebastian Batzke\Desktop\cstrike - Verknüpfung.lnk
[2011.05.02 19:36:14 | 000,001,822 | ---- | C] () -- C:\Users\Sebastian Batzke\Desktop\XTCS Counter-Strike 1.6 Final Release.lnk
[2011.05.01 14:05:13 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.05.01 14:05:03 | 000,001,221 | ---- | C] () -- C:\Users\Public\Desktop\Crysis Wars.lnk
[2011.05.01 12:21:37 | 000,000,842 | ---- | C] () -- C:\Users\Sebastian Batzke\Desktop\Drakensang.lnk
[2011.04.23 22:13:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_silabser_01009.Wdf
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.02.20 10:48:56 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.02.16 14:53:55 | 000,001,339 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\Roaming - Verknüpfung (2).lnk
[2011.02.16 14:53:53 | 000,001,339 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\Roaming - Verknüpfung.lnk
[2011.01.24 19:09:13 | 000,000,760 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\setup_ldm.iss
[2011.01.23 21:30:35 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011.01.23 21:30:34 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011.01.23 21:30:34 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011.01.23 21:30:34 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011.01.23 21:30:34 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011.01.23 21:30:34 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011.01.23 21:30:34 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011.01.23 21:30:34 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011.01.23 21:30:34 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011.01.23 21:30:34 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011.01.23 21:30:34 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011.01.23 21:30:34 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011.01.23 21:30:34 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011.01.23 21:30:34 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011.01.23 21:30:34 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011.01.23 21:30:34 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011.01.23 21:30:34 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011.01.23 21:30:34 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011.01.23 21:30:34 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011.01.23 21:02:43 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX5000EFDG.ini
[2011.01.14 20:48:06 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.01.14 20:48:00 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.01.09 13:59:18 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.12.23 16:16:22 | 000,000,104 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Local\fusioncache.dat
[2010.11.27 14:29:50 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.11.22 18:41:52 | 000,000,127 | ---- | C] () -- C:\Windows\wininit.ini
[2010.11.14 20:25:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.19 14:55:01 | 000,003,284 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\ANIWZCS{ACA9B0D7-8EB3-4C3E-98DB-450C5CAC82C5}
[2010.10.11 13:19:16 | 000,003,284 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\ANIWZCS{52D3BA0F-193F-4681-B731-0B6E3A07CEF4}
[2010.10.11 09:27:31 | 000,003,284 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\ANIWZCS{0C9BA7A8-6DFE-4CBB-A58D-F5C25E44CFFD}
[2010.10.05 18:00:04 | 000,003,284 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\ANIWZCS{068CF76A-C081-4657-A13F-F5E88F8E1196}
[2010.10.04 17:01:39 | 000,003,284 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\ANIWZCS{DFDAE69B-8DEF-4C75-8D38-280FD96BEF9D}
[2010.10.03 12:09:34 | 000,000,253 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\ANICONFIG_{57014E8B-106E-43E8-84FE-119B41D3C600}.ini
[2010.09.23 20:21:24 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.08.04 15:49:01 | 000,011,264 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.03 11:45:15 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.08.01 18:01:47 | 000,003,284 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\ANIWZCS{ED2DD1C7-8B9E-4BD5-BCA9-8611B0609EB4}
[2010.06.01 17:40:49 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.05.16 13:47:09 | 000,003,284 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\ANIWZCS{57014E8B-106E-43E8-84FE-119B41D3C600}
[2010.05.10 14:28:18 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.10 09:45:41 | 000,000,000 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\wklnhst.dat
[2010.05.09 11:02:36 | 000,003,284 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\ANIWZCS{4164846C-E5C0-4B69-BC2F-849DD57FCB05}
[2010.05.09 09:40:45 | 001,577,290 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.05.08 18:08:45 | 000,003,284 | ---- | C] () -- C:\Users\Sebastian Batzke\AppData\Roaming\ANIWZCS{BB5ABF49-CE43-479B-9B2F-4ED2A5FED50A}
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.11.07 05:19:28 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2007.10.25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 149 bytes -> C:\ProgramData\TempFC5A2B2
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D

< End of report >

Alt 15.05.2011, 10:14   #2
markusg
/// Malware-holic
 
Win 7 security 2011 - Standard

Win 7 security 2011



hi,
wieso hast du eig so viele antimalware programme laufen ist eig quatsch und bei ner vernünftigen konfiguratio n überhaupt nicht nötig.
tipps gebe ich dir am ende.

• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

:OTL
PRC - C:\Users\Sebastian Batzke\AppData\Local\uok.exe ()
O2 - BHO: (no name) - {c9508125-4747-4733-b048-e4b82dc9716d} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {c9508125-4747-4733-b048-e4b82dc9716d} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (no name) - {C9508125-4747-4733-B048-E4B82DC9716D} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [NPSStartup] File not found
[2011.05.14 17:28:08 | 000,331,776 | -HS- | M] () -- C:\Users\Sebastian Batzke\AppData\Local\uok.exe
[2011.05.14 17:28:06 | 000,331,776 | -HS- | M] () -- C:\Users\Sebastian Batzke\AppData\Local\ydq.exe
:Files
C:\Users\Sebastian Batzke\AppData\Local\uok.exe
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.

öffne computer, öffne C: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
http://www.trojaner-board.de/54791-a...ner-board.html
__________________

__________________

Alt 15.05.2011, 10:50   #3
Batzke
 
Win 7 security 2011 - Standard

Win 7 security 2011



ich habe jetzt computer geöffnet und bis zu moved files.Aber wenn ich dort mit rechtsklick raufklicke erscheint kein zumoved files.rar oder zip hinzufügen
__________________

Alt 15.05.2011, 10:53   #4
Batzke
 
Win 7 security 2011 - Standard

Win 7 security 2011



wenn ich auf moved files mit rechtsklick raufklicke erscheint dort kein : zu moved files.rar oder zip hinzufügen........?

und auf meinem desktop befinden sich jetzt 3 dokumente:
desktop.ini 2x
und thumbs.db

Alt 15.05.2011, 10:57   #5
markusg
/// Malware-holic
 
Win 7 security 2011 - Standard

Win 7 security 2011



du brauchst nicht 2 mal zu posten, du kommst drann, wenns so weit ist, hab noch andere user hier die hilfe benötigen.
Download
lade 7zip instaliere es, navigiere zu moved files, rechtsklick 7zip menü aufklappen, add to movedfiles.7zip bzw zu movedfiles.7zip hinzufügen, archiv hochladen.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.05.2011, 11:03   #6
Batzke
 
Win 7 security 2011 - Standard

Win 7 security 2011



oh sorry ich wollte nicht 2x posten mein internet is bloß so langsam und ich dachte das erste mal ist nich angekommen

das problem mit 7zip ist dass wenn ich es öffnen will erscheint die frage mit welchen programm ich es öffnen will

Alt 15.05.2011, 11:05   #7
markusg
/// Malware-holic
 
Win 7 security 2011 - Standard

Win 7 security 2011



na ok erst mal anders weiter:

bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.05.2011, 11:16   #8
Batzke
 
Win 7 security 2011 - Standard

Win 7 security 2011



ich habe jetzt dass moved files.7z hochgeladen

Alt 15.05.2011, 11:42   #9
markusg
/// Malware-holic
 
Win 7 security 2011 - Standard

Win 7 security 2011



man dankt.
mach bitte weiter mit combofix.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.05.2011, 11:52   #10
Batzke
 
Win 7 security 2011 - Standard

Win 7 security 2011



ich habe jetzt ein problem mit combofix und zwar will ich dass programm öffnen und dann erscheint wieder die frge mit was ich das programm öffnen soll

Alt 15.05.2011, 14:57   #11
markusg
/// Malware-holic
 
Win 7 security 2011 - Standard

Win 7 security 2011



wie siehts im abgesicherten modus ohne netzwerk aus, bei pc start mit f8 zu erreichen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.05.2011, 16:03   #12
Batzke
 
Win 7 security 2011 - Standard

Win 7 security 2011



combifix öffnet jetz zwar aber es zeigt mir an dass antivir desktop noch aktiv ist und ich habe keine ahnung wie ich es auschalten soll

Alt 15.05.2011, 16:14   #13
markusg
/// Malware-holic
 
Win 7 security 2011 - Standard

Win 7 security 2011



klicke ok dann überspringts die meldung
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.05.2011, 16:22   #14
Batzke
 
Win 7 security 2011 - Standard

Win 7 security 2011



kannst du mir vielleict einen link senden bei dem ich OTL runterladen kann

Alt 15.05.2011, 16:34   #15
markusg
/// Malware-holic
 
Win 7 security 2011 - Standard

Win 7 security 2011



wieso otl du sollst combofix nutzen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Win 7 security 2011
0x00000001, adobe, alternate, autorun, avgntflt.sys, avira, bho, browser, c:\windows\system32\rundll32.exe, converter, desktop, downloader, error, explorer, format, ftp, google, home, install.exe, locker, mozilla, mp3, mywinlocker, oldtimer, otl logfile, plug-in, programm, realtek, registry, rundll, scan, sched.exe, searchplugins, security, shell32.dll, shortcut, software, spyware terminator, start menu, studio, syswow64, t-mobile, viren, webcheck, windows, youtube downloader, {dfefcdee-cf1a-4fc8-88ad-48514e463b27}




Ähnliche Themen: Win 7 security 2011


  1. System Security 2011 entfernen
    Anleitungen, FAQs & Links - 24.10.2011 (2)
  2. Win 7 Internet Security 2011 -Virus
    Log-Analyse und Auswertung - 21.06.2011 (15)
  3. Vista Security 2011
    Plagegeister aller Art und deren Bekämpfung - 18.06.2011 (2)
  4. Avg Free Edition 2011 vs. AVG Internet Security 2011
    Antiviren-, Firewall- und andere Schutzprogramme - 24.05.2011 (8)
  5. xp security 2011 eingefangen
    Plagegeister aller Art und deren Bekämpfung - 21.05.2011 (13)
  6. Vista Security 2011 und Kaspersky
    Plagegeister aller Art und deren Bekämpfung - 17.05.2011 (8)
  7. Vista Security 2011 Problem
    Log-Analyse und Auswertung - 07.05.2011 (9)
  8. kaspersky internet security 2011
    Plagegeister aller Art und deren Bekämpfung - 05.05.2011 (13)
  9. Win 7 Security 2011 Trojaner
    Plagegeister aller Art und deren Bekämpfung - 03.05.2011 (12)
  10. Vista Security 2011
    Log-Analyse und Auswertung - 28.04.2011 (4)
  11. Windows Security 2011: Sicherheitsvorkehrungen
    Plagegeister aller Art und deren Bekämpfung - 21.04.2011 (2)
  12. XP Internet Security 2011
    Plagegeister aller Art und deren Bekämpfung - 21.04.2011 (13)
  13. XP Anti-Spyware 2011, Vista Security 2011, Win 7 Internet Security 2011 entfernen
    Anleitungen, FAQs & Links - 18.02.2011 (2)
  14. PC Security 2011 entfernen
    Anleitungen, FAQs & Links - 09.02.2011 (2)
  15. Internet Security 2011 entfernen
    Anleitungen, FAQs & Links - 20.12.2010 (2)
  16. Win 7 Security 2011
    Log-Analyse und Auswertung - 19.11.2010 (33)
  17. Security Essentials 2011 entfernen
    Anleitungen, FAQs & Links - 08.11.2010 (2)

Zum Thema Win 7 security 2011 - Ich habe mir vor ein paar tagen etwas runtergeladen und als ich es dann installieren wollte ging auf einmal mein Browser aus und ich erhielt eine virennachricht von win 7 - Win 7 security 2011...
Archiv
Du betrachtest: Win 7 security 2011 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.