online cyber police trojaner soweit entfernt.
 

Hallo,

ich hatte den BKA-Trojaner.
Habe mich hier informiert, und es mit den angegebenen Software Tipps usw
entfernt.

Vielen Dank für den Support hier echt Klasse!

Wollte jetzt nur kurz mal mein otl log und adwc log posten.

Vielleicht schaut jemand kurz drüber ob so alles richtig verlaufen ist bei mir!?

Sollte ich alle Viren Trojaner usw aus der Malware-Quarantäne löschen?

Vielen Dank für die Hilfe



All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Unable to set value : HKEY_USERS\S-1-5-21-2686764023-490896463-1507359050-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E!
Unable to set value : HKU\S-1-5-21-2686764023-490896463-1507359050-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IntelTBRunOnce not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate not found.
File C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe not found.
Registry key HKEY_USERS\S-1-5-21-2686764023-490896463-1507359050-1000\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop not found.
Registry key HKEY_USERS\S-1-5-21-2686764023-490896463-1507359050-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File D:\AUTORUN.INF not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32041104-cfbb-11e0-af78-b870f4837362}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32041104-cfbb-11e0-af78-b870f4837362}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32041104-cfbb-11e0-af78-b870f4837362}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32041104-cfbb-11e0-af78-b870f4837362}\ not found.
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{921a44bb-872d-11e0-ab35-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{921a44bb-872d-11e0-ab35-806e6f6e6963}\ not found.
File C:\ProgramData\00etadpu.pad not found.
Unable to delete ADS C:\ProgramData\Temp:5D458568 .
File C:\Users\Ole\Documents\cc_20120811_033845.reg not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Chris Gohl\Desktop\cmd.bat deleted successfully.
C:\Users\Chris Gohl\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Chris Gohl
->Temp folder emptied: 421751 bytes
->Temporary Internet Files folder emptied: 255013 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 14190243 bytes
->Flash cache emptied: 5975 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: tropico

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 14,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Chris Gohl
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: postgres

User: Public

User: tropico

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.57.0 log created on 08122012_102508

Files\Folders moved on Reboot...
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
C:\Users\Chris Gohl\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...
[2012.02.23 19:07:18 | 001,594,696 | R--- | M] () E:\AutoRun.exe : MD5=A4E3E2B0A1FE1F89CB8CE918FC60EDD8
File C:\Users\Chris Gohl\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...





# AdwCleaner v1.800 - Logfile created 08/12/2012 at 14:29:59
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Chris Gohl - CHRISGOHLPC
# Running from : C:\Users\Chris Gohl\Desktop\virenbekaepmfung\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Chris Gohl\AppData\Local\Babylon
Folder Found : C:\Users\Chris Gohl\AppData\Roaming\Babylon
Folder Found : C:\Users\Chris Gohl\AppData\Roaming\Mozilla\Firefox\Profiles\a5qv1086.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Found : C:\Program Files (x86)\DealPly
Folder Found : C:\Program Files (x86)\vShare.tv plugin
File Found : C:\Users\Chris Gohl\AppData\Roaming\Mozilla\Firefox\Profiles\a5qv1086.default\searchplugins\Startsear.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

Key Found : HKCU\Software\Ask.com.tmp
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\DealPly
Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Found : HKCU\Software\StartSearch
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\DealPly
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
[x64] Key Found : HKCU\Software\Ask.com.tmp
[x64] Key Found : HKCU\Software\BabylonToolbar
[x64] Key Found : HKCU\Software\DealPly
[x64] Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
[x64] Key Found : HKCU\Software\StartSearch
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[x64] Key Found : HKLM\SOFTWARE\Classes\b
[x64] Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
[x64] Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
[x64] Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
[x64] Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
[x64] Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
[x64] Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
[x64] Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
[x64] Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
[x64] Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?AF=109958&babsrc=HP_ss&mntrId=e01c78920000000000008c89a52cbb65

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Users\Chris Gohl\AppData\Roaming\Mozilla\Firefox\Profiles\a5qv1086.default\prefs.js

Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("browser.search.defaultengine", "Web Search");
Found : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109958");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "e01c78920000000000008c89a52cbb65");
Found : user_pref("extensions.BabylonToolbar_i.id", "e01c78920000000000008c89a52cbb65");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15460");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=100478&babsrc=NT_s[...]
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:18:57");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

*************************

AdwCleaner[R1].txt - [14390 octets] - [12/08/2012 14:29:59]

########## EOF - C:\AdwCleaner[R1].txt - [14519 octets] ##########

:hallo:

Warum fuehrst du Fixes aus die nicht fuer deinen PC sind?
Willst du dein Windows schrotten?



1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

2. Schritt

Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

• Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Wähle Scanne Alle Benuzer
• Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
• Unter Extra Registrierung, wähle bitte Benutze SafeList
• Klicke nun auf Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles hier in den Thread.

Hallo,
vielen Dank für die Anwort.
Leider bin Ich in dem Thema nicht so fit.
Habe das mit den Fixes, das es für jeden PC anders ist zu spät gelesen.

Hier mein Malwarebytes Bericht.
Besten Dank!

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.14.04

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Chris Gohl :: CHRISGOHLPC [Administrator]

Schutz: Deaktiviert

14.08.2012 18:46:57
mbam-log-2012-08-14 (19-17-10).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 398104
Laufzeit: 29 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Dateien: 8
C:\Program Files (x86)\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\terms.lnk.url (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\updater.ini (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Keine Aktion durchgeführt.

(Ende)

Hier mein OTL BerichtOTL Logfile:
--- --- ---

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

• Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
• Starte die OTL.exe.
  Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
• Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:

• Schließe alle Programme.
• Klicke auf den Fix Button.
• Wenn OTL einen Neustart verlangt, bitte zulassen.
• Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
  Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0803229-B341-47BE-A6C0-04A9AA6F4BED}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0803229-B341-47BE-A6C0-04A9AA6F4BED}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKEY_USERS\S-1-5-21-2305627889-194127990-4041925611-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2305627889-194127990-4041925611-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2305627889-194127990-4041925611-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2305627889-194127990-4041925611-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4327FABE-3C22-4689-8DBF-D226CF777FE9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2305627889-194127990-4041925611-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FEEF2A39-2E1A-4467-874A-7D86993F273B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FEEF2A39-2E1A-4467-874A-7D86993F273B}\ not found.
HKU\S-1-5-21-2305627889-194127990-4041925611-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "Web Search" removed from browser.search.defaultengine
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "hxxp://search.softonic.com/?q=" removed from browser.startup.homepage
Prefs.js: "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}\ not found.
File C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}\ not found.
File C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry value HKEY_USERS\S-1-5-21-2305627889-194127990-4041925611-1000\Software\Microsoft\Windows\CurrentVersion\Run\\liadkdmducpgfww not found.
Registry key HKEY_USERS\S-1-5-21-2305627889-194127990-4041925611-1011\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
File move failed. C:\Users\Chris Gohl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk scheduled to be moved on reboot.
File C:\Users\Chris Gohl\AppData\Roaming\BrowserCompanion\tbhcn.exe not found.
Registry value HKEY_USERS\S-1-5-21-2305627889-194127990-4041925611-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74005528-e2ed-11e0-b886-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74005528-e2ed-11e0-b886-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74005528-e2ed-11e0-b886-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74005528-e2ed-11e0-b886-806e6f6e6963}\ not found.
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
C:\ProgramData\wfebcskpubwjsyn folder moved successfully.
File C:\Users\Chris Gohl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk not found.
C:\ProgramData\vryyzpmkislijnf moved successfully.
C:\Users\Chris Gohl\AppData\Roaming\mozilla\Firefox\Profiles\a5qv1086.default\extensions\bbrs_002@blabbers.com\components folder moved successfully.
C:\Users\Chris Gohl\AppData\Roaming\mozilla\Firefox\Profiles\a5qv1086.default\extensions\bbrs_002@blabbers.com\chrome\content\cache folder moved successfully.
C:\Users\Chris Gohl\AppData\Roaming\mozilla\Firefox\Profiles\a5qv1086.default\extensions\bbrs_002@blabbers.com\chrome\content folder moved successfully.
C:\Users\Chris Gohl\AppData\Roaming\mozilla\Firefox\Profiles\a5qv1086.default\extensions\bbrs_002@blabbers.com\chrome folder moved successfully.
C:\Users\Chris Gohl\AppData\Roaming\mozilla\Firefox\Profiles\a5qv1086.default\extensions\bbrs_002@blabbers.com folder moved successfully.
C:\Users\Chris Gohl\AppData\Local\Messenger_Plus_Live\CacheIcons folder moved successfully.
C:\Users\Chris Gohl\AppData\Local\Messenger_Plus_Live folder moved successfully.
C:\Users\Chris Gohl\AppData\Roaming\BrowserCompanion folder moved successfully.
C:\Users\Chris Gohl\AppData\Roaming\Babylon folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Chris Gohl\Desktop\virenbekaepmfung\cmd.bat deleted successfully.
C:\Users\Chris Gohl\Desktop\virenbekaepmfung\cmd.txt deleted successfully.

OTL by OldTimer - Version 3.2.57.0 log created on 08152012_134914

Files\Folders moved on Reboot...
File\Folder C:\Users\Chris Gohl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk not found!
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.

PendingFileRenameOperations files...
File C:\Users\Chris Gohl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk not found!
[2012.02.23 19:07:18 | 001,594,696 | R--- | M] () E:\AutoRun.exe : MD5=A4E3E2B0A1FE1F89CB8CE918FC60EDD8
[2012.02.23 18:51:58 | 000,000,080 | R--- | M] () E:\autorun.inf : MD5=1BC651E3291E1EFE1540052ED95ADD7E

Registry entries deleted on Reboot...

Sehr gut! :daumenhoc

Wie laeuft der Rechner?

1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Search.
• Nach Ende des Suchlaufs öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

:daumenhoc läuft vielen dank!


Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.16.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Chris Gohl :: CHRISGOHLPC [Administrator]

Schutz: Aktiviert

16.08.2012 13:52:51
mbam-log-2012-08-16 (13-52-51).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 407640
Laufzeit: 1 Stunde(n), 10 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

# AdwCleaner v1.800 - Logfile created 08/16/2012 at 15:08:16
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Chris Gohl - CHRISGOHLPC
# Running from : C:\Users\Chris Gohl\Desktop\virenbekaepmfung\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Chris Gohl\AppData\Local\Babylon
Folder Found : C:\Users\Chris Gohl\AppData\LocalLow\bbrs_002.tb
Folder Found : C:\Users\Chris Gohl\AppData\LocalLow\Softonic
Folder Found : C:\Users\Chris Gohl\AppData\Roaming\Mozilla\Firefox\Profiles\a5qv1086.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Found : C:\Program Files (x86)\DealPly
Folder Found : C:\Program Files (x86)\Softonic
Folder Found : C:\Program Files (x86)\vShare.tv plugin
File Found : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\DealPly
Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\StartSearch
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\BabylonToolbar
Key Found : HKLM\SOFTWARE\BrowserCompanion
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Key Found : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Key Found : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Key Found : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Key Found : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Key Found : HKLM\SOFTWARE\DealPly
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
[x64] Key Found : HKCU\Software\BabylonToolbar
[x64] Key Found : HKCU\Software\DealPly
[x64] Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
[x64] Key Found : HKCU\Software\Softonic
[x64] Key Found : HKCU\Software\StartSearch
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\b
[x64] Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
[x64] Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
[x64] Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
[x64] Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
[x64] Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
[x64] Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
[x64] Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
[x64] Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
[x64] Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
[x64] Key Found : HKLM\SOFTWARE\Classes\S
[x64] Key Found : HKLM\SOFTWARE\Classes\Softonic.dskBnd
[x64] Key Found : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
[x64] Key Found : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
[x64] Key Found : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
[x64] Key Found : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
[x64] Key Found : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
[x64] Key Found : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
[x64] Key Found : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Found : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Found : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchplusnetwork.com/?sp=vit4
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=15&cc=

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Users\Chris Gohl\AppData\Roaming\Mozilla\Firefox\Profiles\a5qv1086.default\prefs.js

Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109958");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "e01c78920000000000008c89a52cbb65");
Found : user_pref("extensions.BabylonToolbar_i.id", "e01c78920000000000008c89a52cbb65");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15460");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=100478&babsrc=NT_s[...]
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:18:57");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("extensions.Softonic.admin", false);
Found : user_pref("extensions.Softonic.aflt", "SD");
Found : user_pref("extensions.Softonic.autoRvrt", "false");
Found : user_pref("extensions.Softonic.cntry", "DE");
Found : user_pref("extensions.Softonic.cv", "cv5");
Found : user_pref("extensions.Softonic.dfltLng", "de");
Found : user_pref("extensions.Softonic.dfltSrch", true);
Found : user_pref("extensions.Softonic.dfltlng", "de");
Found : user_pref("extensions.Softonic.dfltsrch", true);
Found : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Found : user_pref("extensions.Softonic.dspOld", "");
Found : user_pref("extensions.Softonic.envrmnt", "production");
Found : user_pref("extensions.Softonic.excTlbr", false);
Found : user_pref("extensions.Softonic.hdrMd5", "1D47FA81969630BEC23F88EC0CB8BC20");
Found : user_pref("extensions.Softonic.hmpg", true);
Found : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=1[...]
Found : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&[...]
Found : user_pref("extensions.Softonic.hpOld", "");
Found : user_pref("extensions.Softonic.hrdid", "e01c78920000000000008c89a52cbb65");
Found : user_pref("extensions.Softonic.id", "e01c78920000000000008c89a52cbb65");
Found : user_pref("extensions.Softonic.instlDay", "15564");
Found : user_pref("extensions.Softonic.instlRef", "INF1205T01");
Found : user_pref("extensions.Softonic.instlday", "15564");
Found : user_pref("extensions.Softonic.instlref", "INF1205T01");
Found : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Found : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSourc[...]
Found : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSourc[...]
Found : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.414:56:44");
Found : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Found : user_pref("extensions.Softonic.newTab", true);
Found : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource[...]
Found : user_pref("extensions.Softonic.newtab", true);
Found : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource[...]
Found : user_pref("extensions.Softonic.prdct", "Softonic");
Found : user_pref("extensions.Softonic.propectorlck", 83655689);
Found : user_pref("extensions.Softonic.prtkhmpg", 1);
Found : user_pref("extensions.Softonic.prtnrId", "softonic");
Found : user_pref("extensions.Softonic.prtnrid", "softonic");
Found : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Found : user_pref("extensions.Softonic.savedVrsnTs", "1");
Found : user_pref("extensions.Softonic.sg", "tz");
Found : user_pref("extensions.Softonic.similarsitesstorage-pid2", "981a1cf3e2287e10");
Found : user_pref("extensions.Softonic.smplGrp", "none");
Found : user_pref("extensions.Softonic.smplgrp", "none");
Found : user_pref("extensions.Softonic.srch", "");
Found : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Found : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");
Found : user_pref("extensions.Softonic.tlbrId", "base");
Found : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSour[...]
Found : user_pref("extensions.Softonic.tlbrid", "base");
Found : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSour[...]
Found : user_pref("extensions.Softonic.vrsn", "1.6.7.4");
Found : user_pref("extensions.Softonic.vrsnTs", "1.6.7.414:56:44");
Found : user_pref("extensions.Softonic.vrsni", "1.6.7.4");
Found : user_pref("extensions.Softonic.vrsnts", "1.6.7.414:56:44");
Found : user_pref("extensions.Softonic_i.dnsErr", true);
Found : user_pref("extensions.Softonic_i.hmpg", true);
Found : user_pref("extensions.Softonic_i.newTab", true);
Found : user_pref("extensions.Softonic_i.smplGrp", "none");
Found : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.414:56:44");

*************************

AdwCleaner[R1].txt - [14405 octets] - [12/08/2012 14:29:59]
AdwCleaner[R2].txt - [24795 octets] - [16/08/2012 01:45:05]
AdwCleaner[R3].txt - [24593 octets] - [16/08/2012 15:08:16]

########## EOF - C:\AdwCleaner[R3].txt - [24722 octets] ##########

Sehr gut! :daumenhoc

• Schließe alle offenen Programme und Browser.
• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Delete.
• Bestätige jeweils mit Ok.
• Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

danach:


Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html

Ich hatte mir mal alle möglichen Boni geholt von den Pokerseiten.
Gibts mit denen Probleme, da kann ich einige löschen!?

# AdwCleaner v1.800 - Logfile created 08/17/2012 at 08:12:16
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Chris Gohl - CHRISGOHLPC
# Running from : C:\Users\Chris Gohl\Desktop\virenbekaepmfung\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Chris Gohl\AppData\Local\Babylon
Folder Deleted : C:\Users\Chris Gohl\AppData\LocalLow\bbrs_002.tb
Folder Deleted : C:\Users\Chris Gohl\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Chris Gohl\AppData\Roaming\Mozilla\Firefox\Profiles\a5qv1086.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\Softonic
Folder Deleted : C:\Program Files (x86)\vShare.tv plugin
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\DealPly
Key Deleted : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Key Deleted : HKLM\SOFTWARE\DealPly
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=15&cc= --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Users\Chris Gohl\AppData\Roaming\Mozilla\Firefox\Profiles\a5qv1086.default\prefs.js

C:\Users\Chris Gohl\AppData\Roaming\Mozilla\Firefox\Profiles\a5qv1086.default\user.js ... Deleted !

Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109958");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "e01c78920000000000008c89a52cbb65");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "e01c78920000000000008c89a52cbb65");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15460");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=100478&babsrc=NT_s[...]
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:18:57");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.Softonic.admin", false);
Deleted : user_pref("extensions.Softonic.aflt", "SD");
Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Deleted : user_pref("extensions.Softonic.cntry", "DE");
Deleted : user_pref("extensions.Softonic.cv", "cv5");
Deleted : user_pref("extensions.Softonic.dfltLng", "de");
Deleted : user_pref("extensions.Softonic.dfltSrch", true);
Deleted : user_pref("extensions.Softonic.dfltlng", "de");
Deleted : user_pref("extensions.Softonic.dfltsrch", true);
Deleted : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Deleted : user_pref("extensions.Softonic.dspOld", "");
Deleted : user_pref("extensions.Softonic.envrmnt", "production");
Deleted : user_pref("extensions.Softonic.excTlbr", false);
Deleted : user_pref("extensions.Softonic.hdrMd5", "1D47FA81969630BEC23F88EC0CB8BC20");
Deleted : user_pref("extensions.Softonic.hmpg", true);
Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=1[...]
Deleted : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&[...]
Deleted : user_pref("extensions.Softonic.hpOld", "");
Deleted : user_pref("extensions.Softonic.hrdid", "e01c78920000000000008c89a52cbb65");
Deleted : user_pref("extensions.Softonic.id", "e01c78920000000000008c89a52cbb65");
Deleted : user_pref("extensions.Softonic.instlDay", "15564");
Deleted : user_pref("extensions.Softonic.instlRef", "INF1205T01");
Deleted : user_pref("extensions.Softonic.instlday", "15564");
Deleted : user_pref("extensions.Softonic.instlref", "INF1205T01");
Deleted : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Deleted : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSourc[...]
Deleted : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSourc[...]
Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.414:56:44");
Deleted : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Deleted : user_pref("extensions.Softonic.newTab", true);
Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource[...]
Deleted : user_pref("extensions.Softonic.newtab", true);
Deleted : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource[...]
Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Deleted : user_pref("extensions.Softonic.propectorlck", 83655689);
Deleted : user_pref("extensions.Softonic.prtkhmpg", 1);
Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Deleted : user_pref("extensions.Softonic.prtnrid", "softonic");
Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Deleted : user_pref("extensions.Softonic.savedVrsnTs", "1");
Deleted : user_pref("extensions.Softonic.sg", "tz");
Deleted : user_pref("extensions.Softonic.similarsitesstorage-pid2", "981a1cf3e2287e10");
Deleted : user_pref("extensions.Softonic.smplGrp", "none");
Deleted : user_pref("extensions.Softonic.smplgrp", "none");
Deleted : user_pref("extensions.Softonic.srch", "");
Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Deleted : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");
Deleted : user_pref("extensions.Softonic.tlbrId", "base");
Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSour[...]
Deleted : user_pref("extensions.Softonic.tlbrid", "base");
Deleted : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSour[...]
Deleted : user_pref("extensions.Softonic.vrsn", "1.6.7.4");
Deleted : user_pref("extensions.Softonic.vrsnTs", "1.6.7.414:56:44");
Deleted : user_pref("extensions.Softonic.vrsni", "1.6.7.4");
Deleted : user_pref("extensions.Softonic.vrsnts", "1.6.7.414:56:44");
Deleted : user_pref("extensions.Softonic_i.dnsErr", true);
Deleted : user_pref("extensions.Softonic_i.hmpg", true);
Deleted : user_pref("extensions.Softonic_i.newTab", true);
Deleted : user_pref("extensions.Softonic_i.smplGrp", "none");
Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.414:56:44");

*************************

AdwCleaner[R1].txt - [14405 octets] - [12/08/2012 14:29:59]
AdwCleaner[R2].txt - [24795 octets] - [16/08/2012 01:45:05]
AdwCleaner[R3].txt - [24532 octets] - [16/08/2012 15:08:16]
AdwCleaner[S1].txt - [18980 octets] - [17/08/2012 08:12:16]

########## EOF - C:\AdwCleaner[S1].txt - [19109 octets] ##########

Emsisoft Anti-Malware - Version 6.6
Letztes Update: 17.08.2012 08:22:56

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
Archiv Scan: An
ADS Scan: An

Scan Beginn: 17.08.2012 08:23:05

c:\program files (x86)\gamespy arcade gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\pacificpoker gefunden: Trace.File.pacific poker!E1
c:\poker\titan poker gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\lobby\buttons gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\lobby\dialogs gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\blackjack gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\lobby\sidegames gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\lobby\tables gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\lobby\waitinglist gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\buttons gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\history gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\history\cards gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\html gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\html\chat gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\html\chat\emoticons gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\sounds gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\table gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\table\topview gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\table\topview\anim gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\table\topview\buttons gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\table\topview\cards gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\table\topview\chat gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\lobby gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\lobby\login gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\table\topview\chat\chat_bottom gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\table\topview\coins gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\table\topview\dialogs gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\table\topview\history gefunden: Trace.File.titan poker!E1
c:\microgaming gefunden: Trace.File.ruby fortune casino!E1
c:\poker gefunden: Trace.File.club dice poker!E1
c:\program files (x86)\pacificpoker\ gefunden: Trace.File.pacificpoker!E1
c:\program files (x86)\everest poker\data\mp-poker\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\startup\ gefunden: Trace.File.everestpoker!E1
c:\users\chris gohl\appdata\roaming\pacificpoker\ gefunden: Trace.File.pacificpoker!E1
c:\program files (x86)\everest poker\data\shared\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\fonts\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\mp-lobby\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\mp-poker\background\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\shared\shared\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\shared\shared\bitmaps\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\shared\shared\sounds\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\startup\en\ gefunden: Trace.File.everestpoker!E1
c:\poker\poker 770\ gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\ gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\baccarat_ln\ gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\blackjack\ gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\blackjack_ln\ gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\lobby\ gefunden: Trace.File.poker770!E1
c:\program files (x86)\everest poker\data\startup\shared\sounds\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\startup\shared\ gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\startup\shared\icons\ gefunden: Trace.File.everestpoker!E1
c:\poker\poker 770\data\sicbo_ln\ gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\table\ gefunden: Trace.File.poker770!E1
c:\poker\william hill poker\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\poker_caribbean\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\poker 770\data\shared\ gefunden: Trace.File.poker770!E1
c:\poker\william hill poker\data\roulette\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\roulette_ln\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\poker_holdem\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\sicbo_ln\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\table\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\baccarat_ln\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\blackjack\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\blackjack_ln\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\lobby\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\mahjong_paigow_ln\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\poker 770\data\roulette_ln\ gefunden: Trace.File.poker770!E1
c:\poker\mybet poker\data\ gefunden: Trace.File.mybetpoker!E1
c:\poker\poker 770\data\mahjong_paigow_ln\ gefunden: Trace.File.poker770!E1
c:\poker\mybet poker\ gefunden: Trace.File.mybetpoker!E1
c:\poker\william hill poker\data\shared\ gefunden: Trace.File.williamhillpoker!E1
c:\poker\mybet poker\data\poker_holdem\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\roulette\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\poker_caribbean\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\dialogs\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\login\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\buttons\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\waitinglist\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\sidegames\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\tables\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\blackjack\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\roulette\zoom\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\roulette\sounds\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\roulette\buttons\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\options\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\html\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\interface\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\5reel\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\sounds\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\roulette\3d\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\fonts\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\9line\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\buttons\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\ui\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\history\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\anim\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\chat\ gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\topview\ gefunden: Trace.File.mybetpoker!E1
c:\program files (x86)\gamespy arcade\install.log gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\pacificpoker\processlist.txt gefunden: Trace.File.pacific poker!E1
c:\program files (x86)\pacificpoker\listproc.exe gefunden: Trace.File.pacific poker!E1
c:\program files (x86)\pacificpoker\install.log gefunden: Trace.File.pacific poker!E1
c:\program files (x86)\pacificpoker\pv.exe gefunden: Trace.File.pacific poker!E1
c:\users\chris gohl\appdata\roaming\microsoft\internet explorer\quick launch\partypoker.lnk gefunden: Trace.File.partypoker!E1
c:\users\chris gohl\desktop\partypoker.lnk gefunden: Trace.File.partypoker!E1
c:\users\chris gohl\appdata\roaming\microsoft\internet explorer\quick launch\titan poker.lnk gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\casino.ico gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\cactivex.dll gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\casino.exe gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\casino.hlp gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\cashier.gam gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\blackjack.gam gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\blackjack.dll gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\common.gam gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\loader.gam gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\loader.dll gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\cashier.dll gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\poker_common.gam gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\common.dll gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\poker_common.dll gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\html\cashier_offline.css gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\html\cashier_offline.js gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\html\cashier_offline_functions.js gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\html\chat\chat.html gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\html\chat\colors.html gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\html\chat\edit.html gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\shared\html\chat\emoticons.html gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\table\topview\chat\chat.html gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\directsounddriver.dll gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\poker_lobby.gam gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\fileinfo2.dat gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\gdigraphdriver.dll gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\fileinfo2r.dat gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\ptsetup.lang gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\poker_lobby.dll gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\ptsetup.log gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\replace.exe gefunden: Trace.File.titan poker!E1
c:\poker\titan poker\data\poker_table.dll gefunden: Trace.File.titan poker!E1
c:\program files (x86)\everest poker\gvmain.exe gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\gvnetwork.dll gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\gvsound.dll gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\init.ini gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\log.dat gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\settings.ini gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\casino.exe gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\cstart.exe gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\everest poker.exe gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\gvbase.dll gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\gvcrt.dll gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\gvgfx-dib.dll gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\gvgfx.dll gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\mp-lobby\shared.gvt gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\shared\shared\bitmaps\check.art gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\mp-poker\shared.gvt gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\shared\shared\bitmaps\chips.art gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\mp-poker\background\default.gvt gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\shared\shared\bitmaps\btn_scroll.gvt gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\shared\shared\sounds\button.ogg gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\shared\shared\sounds\carddeal.ogg gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\shared\shared\sounds\cardflip.ogg gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\gvmain.dll gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\shared\shared\sounds\chipclick.ogg gefunden: Trace.File.everestpoker!E1
c:\program files (x86)\everest poker\data\startup\en\startup_strings.txt gefunden: Trace.File.everestpoker!E1
c:\poker\poker 770\ptsetup.log gefunden: Trace.File.poker770!E1
c:\program files (x86)\everest poker\data\startup\shared\sounds\alert.ogg gefunden: Trace.File.everestpoker!E1
c:\poker\poker 770\ptsetup.lang gefunden: Trace.File.poker770!E1
c:\program files (x86)\everest poker\data\startup\shared\icons\ep.ico gefunden: Trace.File.everestpoker!E1
c:\poker\poker 770\casino.hlp gefunden: Trace.File.poker770!E1
c:\poker\poker 770\cactivex.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\h264dec.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\gdigraphdriver.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\directsounddriver.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\replace.exe gefunden: Trace.File.poker770!E1
c:\poker\poker 770\casino.ico gefunden: Trace.File.poker770!E1
c:\poker\poker 770\casino.exe gefunden: Trace.File.poker770!E1
c:\poker\poker 770\fileinfo2.dat gefunden: Trace.File.poker770!E1
c:\poker\poker 770\nvssd450.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\fileinfo2r.dat gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\live_common.gam gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\loader.gam gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\loader.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\poker_common.gam gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\poker_common.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\blackjack.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\poker_lobby.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\poker_table.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\poker_lobby.gam gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\blackjack.gam gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\cards.swf gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\blackjack_video_ln.gam gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\cashier.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\blackjackln.dll gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\cashier.gam gefunden: Trace.File.poker770!E1
c:\poker\william hill poker\ptsetup.log gefunden: Trace.File.williamhillpoker!E1
c:\poker\poker 770\data\common.gam gefunden: Trace.File.poker770!E1
c:\poker\poker 770\data\live_common.dll gefunden: Trace.File.poker770!E1
c:\poker\william hill poker\replace.exe gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\casino.hlp gefunden: Trace.File.williamhillpoker!E1
c:\poker\poker 770\data\common.dll gefunden: Trace.File.poker770!E1
c:\poker\william hill poker\casino.ico gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\directsounddriver.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\fileinfo2.dat gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\cactivex.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\casino.exe gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\fileinfo2r.dat gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\gdigraphdriver.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\nvssd450.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\h264dec.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\ptsetup.lang gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\blackjack_5h.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\cards.swf gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\blackjack.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\blackjack_video_ln.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\cashier.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\cashier.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\common.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\blackjackln.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\live_common.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\live_common.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\loader.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\loader.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\poker_caribbean.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\poker_common.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\poker_holdem.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\common.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\poker_common.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\pokergames.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\poker_lobby.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\poker_lobby.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\roulette_french.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\poker_table.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\william hill poker\data\roulette.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\mybet poker\fileinfo2r.dat gefunden: Trace.File.mybetpoker!E1
c:\poker\william hill poker\data\roulette_video_ln.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\mybet poker\ptsetup.lang gefunden: Trace.File.mybetpoker!E1
c:\poker\william hill poker\data\roulettepro_video_ln.gam gefunden: Trace.File.williamhillpoker!E1
c:\poker\mybet poker\ptsetup.log gefunden: Trace.File.mybetpoker!E1
c:\poker\william hill poker\data\rouletteln.dll gefunden: Trace.File.williamhillpoker!E1
c:\poker\mybet poker\gdigraphdriver.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\directsounddriver.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\casino.hlp gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\replace.exe gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\cactivex.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\casino.ico gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\fileinfo2.dat gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\cashier.gam gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\casino.exe gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\cashier.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\common.gam gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\loader.gam gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\loader.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\poker_caribbean.gam gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\poker_common.gam gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\poker_holdem.gam gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\poker_common.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\common.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\poker_lobby.gam gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\pokergames.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\roulette.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\roulette_french.gam gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\blackjack.gam gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\blackjack\texture.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\poker_lobby.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\poker_table.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\blackjack.dll gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\back.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\div_line.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\ipoker.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\ipoker-alpha.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\key.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\loading_info.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\padlock.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\playtech.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\quickseat_back.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\treeview_down.bmp gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\treeview_minus.bmp gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\treeview_plus.bmp gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\treeview_right.bmp gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\asian_view_stakes_back.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\lobby\attributes_icons.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\poker_caribbean\texture.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\poker_holdem\texture.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\roulette\ball.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\roulette\marker.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\roulette\texture.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\black100x100.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\loading.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\shared\loading_anim.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\empty.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\empty-alpha.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\hilo_arrow.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\pin.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\player_rank.png gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\plnote_scroll_indicator.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\plnote_scrollbuttons.jpg gefunden: Trace.File.mybetpoker!E1
c:\poker\mybet poker\data\table\plnote_scrollbuttons-alpha.jpg gefunden: Trace.File.mybetpoker!E1
Key: hkey_current_user\software\cain\settings gefunden: Trace.Registry.cain!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> ip gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> reconnection_not_response gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> reconnection_timeout gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> serial gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> ip1 gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> curr_ver gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> s_ip gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> test_data gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> upd_ver gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> upg_date gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> upd_flag gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> mediapath gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pokerinstaller --> url_casino_2 gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pokerinstaller --> fullpath gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pokerinstaller --> installer_guid gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> reconnection_elapse gefunden: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\partygaming\partypoker --> 4 gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> 5 gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> 2 gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> 7 gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> 9 gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> adslastknownstate gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> 1 gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> 10 gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> id gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> initialport gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> sl gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> apppath gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> installstate gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming --> cfdialogshown gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming --> freshinstall gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> usecount gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> 6 gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\partygaming\partypoker --> tabletype gefunden: Trace.Registry.partypoker!E1
Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\partypoker --> displayicon gefunden: Trace.Registry.partypoker!E1
Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\partypoker --> displayname gefunden: Trace.Registry.partypoker!E1
Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\partypoker --> installlocation gefunden: Trace.Registry.partypoker!E1
Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\partypoker --> publisher gefunden: Trace.Registry.partypoker!E1
Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\partypoker --> uninstallstring gefunden: Trace.Registry.partypoker!E1
Value: hkey_current_user\software\titan poker --> global_login_hint gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> options_dealervoices gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> options_music gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> options_poker_avatar_num gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> options-fullscreen gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> options_sounds gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> options_xlslots gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> poker_nickname gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> ptdevm gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> selected_node gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> options_poker_showsidegames gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> username gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\titan poker --> displayname gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> tribeca_playernotes gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\titan poker --> account gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\titan poker --> advertisercode gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\titan poker --> uninstallstring gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\titan poker --> creferer gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\titan poker --> homedir gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\titan poker --> banner gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> options-volume gefunden: Trace.Registry.titan poker!E1
Value: hkey_current_user\software\titan poker --> poker_login_type gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\titan poker --> profile gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\titan poker --> referer gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\titan poker --> safemode gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\titan poker --> uninstall gefunden: Trace.Registry.titan poker!E1
Value: hkey_local_machine\software\titan poker --> uninstall_lang gefunden: Trace.Registry.titan poker!E1
Key: hkey_current_user\software\pacificpoker gefunden: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker gefunden: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\poker gefunden: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\poker\init gefunden: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker\casino\sdl gefunden: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker\casino gefunden: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker\casino\init gefunden: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\poker\sdl gefunden: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pokerinstaller gefunden: Trace.Registry.pacificpoker!E1
Key: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\everest poker gefunden: Trace.Registry.everestpoker!E1
Key: hkey_current_user\software\grand virtual gefunden: Trace.Registry.everestpoker!E1
Key: hkey_current_user\software\mgs\thumper\casino gefunden: Trace.Registry.casinoaction!E1
Key: hkey_current_user\software\microgaming gefunden: Trace.Registry.casinoaction!E1
Key: hkey_current_user\software\microgaming\thumper gefunden: Trace.Registry.casinoaction!E1
Key: hkey_current_user\software\microgaming\thumper\casino gefunden: Trace.Registry.casinoaction!E1
Key: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\william hill poker gefunden: Trace.Registry.williamhillpoker!E1
Key: hkey_local_machine\software\william hill poker gefunden: Trace.Registry.williamhillpoker!E1
Key: hkey_current_user\software\william hill poker gefunden: Trace.Registry.williamhillpoker!E1
Key: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\mybet poker gefunden: Trace.Registry.mybetpoker!E1
Key: hkey_local_machine\software\mybet poker gefunden: Trace.Registry.mybetpoker!E1
Key: hkey_current_user\software\mybet poker gefunden: Trace.Registry.mybetpoker!E1
Key: hkey_current_user\software\mybet poker\columnsets gefunden: Trace.Registry.mybetpoker!E1
C:\Poker\Poker 770\_SetupCasino_238a31_de.exe gefunden: Riskware.Casino!E2

Gescannt 653030
Gefunden 394

Scan Ende: 17.08.2012 09:15:38
Scan Zeit: 0:52:33

Sehr gut! :daumenhoc

Lasse die Funde loeschen, dann:

Deinstalliere:
Emsisoft Anti-Malware


ESET Online Scanner

Vorbereitung

• Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
• Bitte während des Online-Scans Anti-Virus-Programm und Firewall deaktivieren.
• Vista/Win7-User: Bitte den Browser unbedingt als Administrator starten.

Los geht's

• Lade und starte Eset Smartinstaller
• Haken setzen bei YES, I accept the Terms of Use.
• Klick auf Start.
• Haken setzen bei Remove found threads und Scan archives.
• Klick auf Start.
• Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Finish drücken.
• Browser schließen.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=fdcbb264c1a6864a8153a39f63bb2cb4
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-17 03:59:19
# local_time=2012-08-17 05:59:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 12195120 12195120 0 0
# compatibility_mode=5893 16776573 100 94 13599 96848935 0 0
# compatibility_mode=8192 67108863 100 0 157 157 0 0
# scanned=1128
# found=0
# cleaned=0
# scan_time=73
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=fdcbb264c1a6864a8153a39f63bb2cb4
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-17 09:05:37
# local_time=2012-08-17 11:05:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 12211196 12211196 0 0
# compatibility_mode=5893 16776573 100 94 29675 96865011 0 0
# compatibility_mode=8192 67108863 100 0 16233 16233 0 0
# scanned=155388
# found=4
# cleaned=4
# scan_time=2375
C:\Users\Chris Gohl\AppData\Local\Temp\FreeTwitTube-S-Setup_Suite1.exe Win32/Adware.Yontoo application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Chris Gohl\AppData\Local\Temp\softonic_ggl_1.6.7.4.exe Win32/Toolbar.Funmoods application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\08152012_132827\C_Users\Chris Gohl\AppData\Roaming\BrowserCompanion\tbhcn.exe Win32/BrowserCompanion application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\08152012_134914\C_ProgramData\wfebcskpubwjsyn\main.html HTML/Ransom.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Java aktualisieren

Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.

• Downloade dir bitte die neueste Java-Version von hier
• Speichere die jxpiinstall.exe
• Schließe alle laufenden Programme. Speziell deinen Browser.
• Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 6 ) herunter laden.
• Wenn die Installation beendet wurde
  Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
• Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.

Nach dem Neustart

• Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
• Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
• Klicke auf Dateien löschen....
• Gehe sicher das überall ein Hacken gesetzt ist und klicke OK.
• Klicke erneut OK.

Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html

Danach poste (kopieren und einfuegen) mir, was du hier angezeigt bekommst: PluginCheck

Unity Player
Unity Player 2.6.1f3 Unknown plugin Research
Plugin Icon


Windows Live™ Photo Gallery
NPWLPG Unknown plugin Research
Plugin Icon


Silverlight Plug-In
4.1.10329.0 Outdated Version Update
Plugin Icon


Adobe Acrobat
Adobe PDF Plug-In For Firefox and Netscape 10.1.4 10.1.4.38 Up to Date
Plugin Icon


Shockwave Flash
Shockwave Flash 11.3 r300 11.3.300.271 Up to Date
Plugin Icon


Java Deployment Toolkit 7.0.60.24
NPRuntime Script Plug-in Library for Java(TM) Deploy 1.7.0.6 Up to Date
Plugin Icon


Java(TM) Platform SE 7 U6
Next Generation Java Plug-in 10.6.2 for Mozilla browsers 1.7.0.6 Up to Date

Sehr gut! :daumenhoc

damit bist Du sauber und entlassen! :)

adwCleaner entfernen

• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Uninstall.
• Bestätige mit Ja.

Tool-Bereinigung mit OTL


Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.

• Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
• Speichere es auf Deinem Desktop.
• Doppelklick auf OTL.exe um das Programm auszuführen.
  Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
• Klicke auf den Button "Bereinigung"
• OTL fragt eventuell nach einem Neustart.
  Sollte es dies tun, so lasse dies bitte zu.

Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.


Zurücksetzen der Sicherheitszonen

Lasse die Sicherheitszonen wieder zurücksetzen, da diese manipuliert wurden um den Browser für weitere Angriffe zu öffnen.
Gehe dabei so vor: http://www.trojaner-board.de/111805-...ecksetzen.html


Systemwiederherstellungen leeren

Damit der Rechner nicht mit einer infizierten Systemwiederherstellung erneut infiziert werden kann, muessen wir diese leeren. Dazu schalten wir sie einmal aus und dann wieder ein:
Systemwiederherstellung deaktivieren Tutorial fuer Windows XP, Windows Vista, Windows 7
Danach wieder aktivieren.


Aufräumen mit CCleaner

Lasse mit CCleaner (Download) (Anleitung) Fehler in der

• Registry beheben (mehrmals, solange bis keine Fehler mehr gefunden werden) und
• temporäre Dateien löschen.

Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html
PC wird immer langsamer - was tun?

:daumenhoc:taenzer:

Super, ich danke dir vielmals!
Super Seite super Support!

Beste Grüße
Chris