Trojaner-Board - Malware im Systemordner

Hi,
eine Fundmeldung beim OTL-Scan:

Virus: Win32:Agent-AOYH [Trj]
Datei: basetp.dll
Verzeichnis: C:\Users\Mo\AppData\Roaming
Prozess: OTL.exe

und 2. Versuch vom OTL-Scan:OTL Logfile:

Code:

OTL logfile created on: 24.07.2012 17:41:03 - Run 3

OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\Mo\Downloads

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 59,00% Memory free

12,00 Gb Paging File | 9,00 Gb Available in Paging File | 76,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 455,95 Gb Total Space | 60,12 Gb Free Space | 13,18% Space Free | Partition Type: NTFS

Drive D: | 456,46 Gb Total Space | 269,09 Gb Free Space | 58,95% Space Free | Partition Type: NTFS

Drive E: | 6,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

 

Computer Name: MO-PC | User Name: Mo | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.07.23 01:06:42 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2012.06.27 12:29:26 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

PRC - [2012.06.20 13:05:32 | 000,529,232 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe

PRC - [2011.12.30 12:27:34 | 000,074,752 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

PRC - [2011.10.24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2011.09.14 22:50:09 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe

PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

PRC - [2011.07.13 16:07:18 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2011.03.07 15:33:08 | 000,089,456 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

PRC - [2011.02.09 17:01:15 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Mo\Downloads\OTL.exe

PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

PRC - [2009.12.07 15:38:02 | 001,128,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe

PRC - [2009.11.26 13:50:52 | 000,302,152 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe

PRC - [2009.09.18 15:49:08 | 000,924,232 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe

PRC - [2009.09.17 23:42:03 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2009.08.18 09:27:26 | 000,629,280 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

PRC - [2009.08.13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

PRC - [2009.08.12 23:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

PRC - [2009.08.08 12:33:28 | 000,397,896 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe

PRC - [2009.08.06 19:18:54 | 000,311,592 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe

PRC - [2009.08.06 19:18:42 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

PRC - [2009.08.04 22:46:12 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

PRC - [2009.08.04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

PRC - [2009.07.31 18:29:12 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

PRC - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe

PRC - [2009.06.05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

PRC - [2009.06.04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

PRC - [2009.02.03 23:53:00 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

PRC - [2009.01.07 13:08:18 | 000,319,488 | ---- | M] () -- C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe

PRC - [2008.09.19 15:52:42 | 000,339,968 | ---- | M] (North Star com.) -- C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe

 

 
 ========== Modules (SafeList) ==========

 

MOD - [2011.02.09 17:01:15 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Mo\Downloads\OTL.exe

MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2012.03.09 07:10:20 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2012.07.23 01:06:41 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.06.27 12:29:24 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2012.06.20 13:05:32 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012.05.03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2011.12.30 12:27:34 | 000,074,752 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)

SRV - [2011.10.24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2011.07.13 16:07:18 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.12.07 15:38:02 | 001,128,008 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)

SRV - [2009.11.26 13:50:52 | 000,302,152 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan)

SRV - [2009.11.25 03:07:32 | 001,731,504 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe -- (AVKWCtl)

SRV - [2009.08.13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)

SRV - [2009.08.08 12:33:28 | 000,397,896 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService)

SRV - [2009.08.06 19:18:54 | 000,311,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)

SRV - [2009.07.28 21:25:34 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)

SRV - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)

SRV - [2009.06.04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)

SRV - [2009.02.03 23:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)

SRV - [2008.08.07 19:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.04.06 20:15:10 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)

DRV:64bit: - [2012.03.09 08:28:08 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2012.03.09 08:28:08 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2012.03.09 05:58:02 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2011.08.02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.02.06 17:49:41 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)

DRV:64bit: - [2011.02.06 17:49:41 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)

DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)

DRV:64bit: - [2010.11.25 07:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)

DRV:64bit: - [2010.09.29 15:42:21 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)

DRV:64bit: - [2010.09.27 16:20:58 | 000,074,184 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)

DRV:64bit: - [2010.09.27 16:20:29 | 000,042,952 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)

DRV:64bit: - [2010.09.26 15:01:00 | 000,048,584 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)

DRV:64bit: - [2010.09.26 15:00:58 | 000,034,760 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)

DRV:64bit: - [2009.09.30 03:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009.09.23 11:11:04 | 000,283,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R)

DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009.07.18 07:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.20 00:56:08 | 000,712,704 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)

DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009.06.02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV:64bit: - [2009.06.02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV:64bit: - [2009.06.02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM)

DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)

DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)

DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

DRV - [2011.02.16 16:42:10 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD)

DRV - [2010.07.09 13:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys -- (cpuz134)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7810&r=17360910ln0597y363m85yh421cl41

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7810&r=17360910ln0597y363m85yh421cl41

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7810&r=17360910ln0597y363m85yh421cl41

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7810&r=17360910ln0597y363m85yh421cl41

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7810&r=17360910ln0597y363m85yh421cl41

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7810&r=17360910ln0597y363m85yh421cl41

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ftp=localhost:4001;http=localhost:4001

 
 ========== FireFox ==========

 

FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - prefs.js..network.proxy.type: 0

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.05.06 14:55:29 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.23 01:06:42 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.06 14:55:28 | 000,000,000 | ---D | M]

 

[2011.04.21 19:34:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mo\AppData\Roaming\mozilla\Extensions

[2012.07.04 03:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mo\AppData\Roaming\mozilla\Firefox\Profiles\kxhqe26x.default\extensions

[2012.02.15 14:02:09 | 000,000,000 | ---D | M] (Softonic Toolbar) -- C:\Users\Mo\AppData\Roaming\mozilla\Firefox\Profiles\kxhqe26x.default\extensions\ffxtlbra@softonic.com

[2012.05.17 03:02:32 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Mo\AppData\Roaming\mozilla\Firefox\Profiles\kxhqe26x.default\extensions\ich@maltegoetz.de

[2012.04.19 18:56:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

File not found (No name found) -- 

() (No name found) -- C:\USERS\MO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KXHQE26X.DEFAULT\EXTENSIONS\GOOGLEDICTIONARY@TOPTIP.CA.XPI

[2012.07.23 01:06:42 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.07.01 02:43:11 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.07.01 02:43:11 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.07.01 02:43:11 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.07.01 02:43:11 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.07.01 02:43:11 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.07.01 02:43:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2011.02.09 17:38:16 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\Webfilter\AVKWebIEx64.dll (G Data Software AG)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  File not found

O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\Webfilter\AVKWebIE.dll (G Data Software AG)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com)

O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\Webfilter\AVKWebIEx64.dll (G Data Software AG)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\Webfilter\AVKWebIE.dll (G Data Software AG)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com)

O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)

O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)

O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)

O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()

O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)

O4 - HKCU..\Run: [basetp] C:\Users\Mo\AppData\Roaming\basetp.dll ()

O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - Startup: C:\Users\Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: goatrance.de ([www] https in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{3b2ad082-50bf-11e0-8305-90fba6292b22}\Shell - "" = AutoRun

O33 - MountPoints2\{3b2ad082-50bf-11e0-8305-90fba6292b22}\Shell\AutoRun\command - "" = J:\Dungeon.EXE

O33 - MountPoints2\{3b2ad082-50bf-11e0-8305-90fba6292b22}\Shell\verb0\command - "" = SETUP.EXE -- [2011.08.17 15:36:18 | 000,807,720 | ---- | M] (Ubisoft)

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.07.23 15:28:07 | 000,000,000 | ---D | C] -- C:\Users\Mo\AppData\Local\ArmA 2 OA

[2012.07.23 15:28:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive

[2012.07.23 15:21:40 | 000,000,000 | ---D | C] -- C:\Users\Mo\Documents\ArmA 2

[2012.07.23 15:21:40 | 000,000,000 | ---D | C] -- C:\Users\Mo\AppData\Local\ArmA 2

[2012.07.23 15:21:35 | 000,000,000 | ---D | C] -- C:\Users\Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive

[2012.07.23 15:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive

[2012.07.17 19:38:44 | 000,000,000 | ---D | C] -- C:\Users\Mo\Documents\4A Games

[2012.07.17 19:36:11 | 000,000,000 | ---D | C] -- C:\Users\Mo\AppData\Local\4A Games

[2012.07.13 23:51:24 | 000,000,000 | ---D | C] -- C:\Users\Mo\Documents\Gaslamp Games

[2012.07.13 02:27:32 | 000,000,000 | ---D | C] -- C:\Users\Mo\Documents\Almost Human

[2012.07.13 01:28:19 | 000,000,000 | ---D | C] -- C:\Users\Mo\AppData\Local\Zachtronics Industries

[2012.07.04 12:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator

[2012.07.04 12:28:00 | 000,000,000 | ---D | C] -- C:\Users\Mo\AppData\Roaming\pdfforge

[2012.07.04 12:27:57 | 000,095,232 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll

[2012.07.04 12:27:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator

[2012.07.01 01:16:28 | 000,000,000 | ---D | C] -- C:\Users\Mo\AppData\Local\THQ

[2012.06.29 00:22:13 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys

[2012.06.29 00:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

[2012.06.29 00:22:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi

[2009.09.17 23:20:06 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.07.24 17:34:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.07.24 15:43:45 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.07.24 15:43:45 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.07.24 15:36:38 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.07.24 15:36:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.07.24 15:36:27 | 529,854,463 | -HS- | M] () -- C:\hiberfil.sys

[2012.07.24 15:35:31 | 000,000,380 | ---- | M] () -- C:\Users\Mo\defogger_reenable

[2012.07.16 17:52:44 | 006,435,010 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.07.16 17:52:44 | 002,350,134 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.07.16 17:52:44 | 001,934,088 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.07.16 17:52:44 | 001,724,460 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.07.16 17:52:44 | 000,006,454 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.07.16 17:49:20 | 001,096,362 | ---- | M] () -- C:\Users\Mo\Documents\c90bf01290437f37321711004a146728c8ef168d4788a95c75e571969119c462.pdf

[2012.07.12 00:23:10 | 000,368,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.07.10 01:21:57 | 001,096,339 | ---- | M] () -- C:\Users\Mo\Documents\9e6a3cb6d838879f65e19784f29d89d4e581a05fe616d5fb0116bd1f702af656.pdf

[2012.07.04 12:28:01 | 000,001,208 | ---- | M] () -- C:\Users\Public\Desktop\PDFArchitect.lnk

[2012.07.04 12:28:01 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk

[2012.07.03 18:05:22 | 000,016,435 | ---- | M] () -- C:\Users\Mo\Desktop\Motivation.odt

[2012.07.03 18:02:25 | 000,017,584 | ---- | M] () -- C:\Users\Mo\Desktop\Bewerbung FSJ.odt

[2012.07.02 18:10:49 | 000,043,605 | ---- | M] () -- C:\Users\Mo\Documents\FSJ-Bewerbungs-Fragebogen.pdf

[2012.07.02 18:07:31 | 000,061,763 | ---- | M] () -- C:\Users\Mo\Documents\Bewerbung EOS.pdf

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.07.24 15:35:31 | 000,000,380 | ---- | C] () -- C:\Users\Mo\defogger_reenable

[2012.07.16 17:49:40 | 001,096,362 | ---- | C] () -- C:\Users\Mo\Documents\c90bf01290437f37321711004a146728c8ef168d4788a95c75e571969119c462.pdf

[2012.07.10 01:21:56 | 001,096,339 | ---- | C] () -- C:\Users\Mo\Documents\9e6a3cb6d838879f65e19784f29d89d4e581a05fe616d5fb0116bd1f702af656.pdf

[2012.07.04 12:28:01 | 000,001,208 | ---- | C] () -- C:\Users\Public\Desktop\PDFArchitect.lnk

[2012.07.04 12:28:01 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk

[2012.07.03 17:44:10 | 000,016,435 | ---- | C] () -- C:\Users\Mo\Desktop\Motivation.odt

[2012.07.03 16:58:31 | 000,017,584 | ---- | C] () -- C:\Users\Mo\Desktop\Bewerbung FSJ.odt

[2012.07.02 18:10:49 | 000,043,605 | ---- | C] () -- C:\Users\Mo\Documents\FSJ-Bewerbungs-Fragebogen.pdf

[2012.07.02 18:07:31 | 000,061,763 | ---- | C] () -- C:\Users\Mo\Documents\Bewerbung EOS.pdf

[2012.06.17 20:53:09 | 000,000,090 | ---- | C] () -- C:\Users\Mo\AppData\Local\fusioncache.dat

[2012.03.29 23:51:01 | 000,006,438 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012.03.09 01:26:20 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll

[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

[2012.01.03 20:05:03 | 000,003,584 | ---- | C] () -- C:\Users\Mo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll

[2011.06.12 13:41:42 | 000,000,000 | ---- | C] () -- C:\Users\Mo\AppData\Local\{5B2FB0BE-9648-4D49-BA53-3EA4C3CEC30E}

[2011.04.21 20:01:56 | 000,000,320 | ---- | C] () -- C:\Windows\wininit.ini

[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2011.01.15 13:43:47 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2011.01.15 13:43:47 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2011.01.15 13:43:46 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2011.01.15 13:43:46 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2011.01.15 13:43:46 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

[2010.10.26 17:29:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010.01.18 15:24:43 | 000,008,031 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log

[2009.09.17 23:26:54 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll

[2009.09.17 23:26:53 | 000,007,283 | ---- | C] () -- C:\Windows\mgxoschk.ini

[2009.09.17 23:19:46 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

 
 ========== LOP Check ==========

 

[2011.10.13 10:50:15 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\.minecraft

[2012.06.03 01:54:30 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\Amazon

[2011.09.14 20:47:29 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\Bioshock

[2012.06.13 17:34:08 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\Braid

[2011.05.03 19:06:33 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2012.02.15 17:18:50 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\DAEMON Tools Pro

[2012.02.29 13:56:08 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\DarknessII

[2012.01.03 18:10:45 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\DesktopIconForAmazon

[2012.05.12 19:59:14 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\Kalypso Media

[2010.10.20 16:47:42 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\LolClient

[2012.05.31 20:37:50 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\LolClient2

[2011.11.25 19:16:58 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\LucasArts

[2011.10.04 19:42:31 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\Might & Magic Heroes VI - Game Official Demo

[2011.08.23 21:34:45 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\Notepad++

[2011.04.28 15:42:26 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\OpenOffice.org

[2012.07.04 12:30:14 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\pdfforge

[2010.09.24 18:20:22 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\PowerCinema

[2010.09.24 18:20:28 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\SoftDMA

[2012.03.29 23:51:27 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\System

[2011.02.23 15:37:29 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\The Creative Assembly

[2011.07.05 18:45:17 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\Thinstall

[2012.05.12 20:44:42 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\Tropico 4

[2010.10.22 17:02:25 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\TS3Client

[2012.01.14 15:31:38 | 000,000,000 | ---D | M] -- C:\Users\Mo\AppData\Roaming\Ubisoft

[2012.03.29 23:52:30 | 000,000,000 | -HSD | M] -- C:\Users\Mo\AppData\Roaming\wyUpdate AU

[2012.05.07 15:43:54 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 
 

< End of report >

--- --- ---

Ok hab in meinem Virenprogramm mal das Protokoll abgerufen:

Virenprüfung mit G Data AntiVirus
Version 20.2.4.2 (20.04.2010)
Virensignaturen vom
Startzeit: 24.07.2012 13:21:37
Virensignaturen:
Heuristik: Ein
Archive: Ein
Systembereiche: Ein
RootKits prüfen: Ein

Prüfung der Systembereiche...
Prüfung auf RootKits...
Prüfung aller lokalen Festplatten...
Objekt: MovedFiles\02092011_163755\C_Users\Mo\AppData\Local\Temp\Nhk.exe
In Archiv: C:\_OTL\MovedFiles.rar
Status: Virus gefunden
Virus: Win32:MalOb-EM [Cryp]
Objekt: MovedFiles\02092011_163755\C_Users\Mo\AppData\Local\Temp\Nhl.exe
In Archiv: C:\_OTL\MovedFiles.rar
Status: Virus gefunden
Virus: Win32:MalOb-EM [Cryp]
Objekt: MovedFiles\02092011_163755\C_Windows\Nkesaa.exe
In Archiv: C:\_OTL\MovedFiles.rar
Status: Virus gefunden
Virus: Win32:MalOb-EM [Cryp]
Objekt: MovedFiles.rar
Pfad: C:\_OTL
Status: Virus gefunden
Virus: Win32:MalOb-EM [Cryp] (3x)
Objekt: 000000cb.@
Pfad: C:\Windows\Installer\{82d09f8d-b196-7343-56b3-169c51a1ec60}\U
Status: Virus gefunden
Virus: Win32:Malware-gen
Objekt: 00000004.@
Pfad: C:\Windows\Installer\{82d09f8d-b196-7343-56b3-169c51a1ec60}\U
Status: Virus gefunden
Virus: Win32:Malware-gen
Objekt: n
Pfad: C:\Windows\Installer\{82d09f8d-b196-7343-56b3-169c51a1ec60}
Status: Virus gefunden
Virus: Win32:Sirefef-PL [Rtk] (3x)
Objekt: 80000032.@
Pfad: C:\Windows\Installer\{82d09f8d-b196-7343-56b3-169c51a1ec60}\U
Status: Virus gefunden
Virus: Win32:Downloader-PKU [Trj]
Objekt: [Embedded_R#00310]\[UPX]
In Archiv: C:\Windows\Installer\{82d09f8d-b196-7343-56b3-169c51a1ec60}\U\00000008.@
Status: Virus gefunden
Virus: Win32:Trojan-gen
Objekt: 00000008.@
Pfad: C:\Windows\Installer\{82d09f8d-b196-7343-56b3-169c51a1ec60}\U
Status: Virus gefunden
Virus: Win32:Trojan-gen
Objekt: 80000064.@
Pfad: C:\Windows\Installer\{82d09f8d-b196-7343-56b3-169c51a1ec60}\U
Status: Virus gefunden
Virus: Win32:Malware-gen
Objekt: 80000000.@
Pfad: C:\Windows\Installer\{82d09f8d-b196-7343-56b3-169c51a1ec60}\U
Status: Virus gefunden
Virus: Win32:Malware-gen
Objekt: OTL.exe
Pfad: C:\Users\Mo\Downloads
Status: Virus gefunden
Virus: Win32:Malware-gen
Objekt: basetp.dll
Pfad: C:\Users\Mo\AppData\Roaming
Status: Virus gefunden
Virus: Win32:Agent-AOYH [Trj]
Objekt: ba\ba.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\59627f11-2a03f051
Status: Virus gefunden
Virus: Java:CVE-2012-0507-CT [Expl]
Objekt: ba\bb.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\59627f11-2a03f051
Status: Virus gefunden
Virus: Java:CVE-2012-0507-BT [Expl]
Objekt: ba\T.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\59627f11-2a03f051
Status: Virus gefunden
Virus: Java:CVE-2012-0507-F [Expl]
Objekt: 59627f11-2a03f051
Pfad: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17
Status: Virus gefunden
Virus: Java:CVE-2012-0507-CT [Expl], Java:CVE-2012-0507-BT [Expl], Java:CVE-2012-0507-F [Expl]
Objekt: json\Option.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\e7c0aaa-16b1c6fc
Status: Virus gefunden
Virus: Java:Agent-ABT [Expl]
Objekt: json\Search.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\e7c0aaa-16b1c6fc
Status: Virus gefunden
Virus: Java:Agent-ABS [Expl]
Objekt: json\SP.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\e7c0aaa-16b1c6fc
Status: Virus gefunden
Virus: Java:Agent-AEA [Expl]
Objekt: json\ThreadParser.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\e7c0aaa-16b1c6fc
Status: Virus gefunden
Virus: Java:Agent-AEH [Expl]
Objekt: json\XSLT.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\e7c0aaa-16b1c6fc
Status: Virus gefunden
Virus: Java:Agent-ABQ [Expl]
Objekt: e7c0aaa-16b1c6fc
Pfad: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42
Status: Virus gefunden
Virus: Java:Agent-ABT [Expl], Java:Agent-ABS [Expl], Java:Agent-AEA [Expl], Java:Agent-AEH [Expl], Java:Agent-ABQ [Expl]
Objekt: a\a1.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\568462d2-52d7f2dd
Status: Virus gefunden
Virus: Java:CVE-2012-0507-DU [Expl]
Objekt: a\a2.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\568462d2-52d7f2dd
Status: Virus gefunden
Virus: Java:Agent-BAK [Expl]
Objekt: a\C.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\568462d2-52d7f2dd
Status: Virus gefunden
Virus: Java:Agent-BEE [Expl]
Objekt: a\a.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\568462d2-52d7f2dd
Status: Virus gefunden
Virus: Java:Agent-BLN [Expl]
Objekt: a\b.class
In Archiv: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\568462d2-52d7f2dd
Status: Virus gefunden
Virus: Java:Agent-BAN [Expl]
Objekt: 568462d2-52d7f2dd
Pfad: C:\Users\Mo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18
Status: Virus gefunden
Virus: Java:CVE-2012-0507-DU [Expl], Java:Agent-BAK [Expl], Java:Agent-BEE [Expl], Java:Agent-BLN [Expl], Java:Agent-BAN [Expl]
Objekt: n
Pfad: C:\Users\Mo\AppData\Local\{82d09f8d-b196-7343-56b3-169c51a1ec60}
Status: Virus gefunden
Virus: Win32:Sirefef-PL [Rtk] (3x)
Objekt: photo\Crop.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache2625247440577961331.tmp
Status: Virus gefunden
Virus: Java:Agent-ARC [Expl]
Objekt: photo\ExtResolution.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache2625247440577961331.tmp
Status: Virus gefunden
Virus: Java:Agent-ACQ [Expl]
Objekt: photo\Image.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache2625247440577961331.tmp
Status: Virus gefunden
Virus: Java:Agent-ADX [Expl]
Objekt: photo\MultiZoom.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache2625247440577961331.tmp
Status: Virus gefunden
Virus: Java:Agent-AGC [Expl]
Objekt: photo\Zoom.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache2625247440577961331.tmp
Status: Virus gefunden
Virus: Java:Agent-AGE [Expl]
Objekt: jar_cache2625247440577961331.tmp
Pfad: C:\Users\Mo\AppData\Local\Temp
Status: Virus gefunden
Virus: Java:Agent-ARC [Expl], Java:Agent-ACQ [Expl], Java:Agent-ADX [Expl], Java:Agent-AGC [Expl], Java:Agent-AGE [Expl]
Objekt: ole.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache188987741129100745.tmp
Status: Virus gefunden
Virus: Java:CVE-2011-3544-DZ [Expl]
Objekt: peg.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache188987741129100745.tmp
Status: Virus gefunden
Virus: Java:Agent-APE [Expl]
Objekt: jar_cache188987741129100745.tmp
Pfad: C:\Users\Mo\AppData\Local\Temp
Status: Virus gefunden
Virus: Java:CVE-2011-3544-DZ [Expl], Java:Agent-APE [Expl]
Objekt: tam.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache226331486231471150.tmp
Status: Virus gefunden
Virus: Java:Agent-APN [Expl]
Objekt: tyv44tc3.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache226331486231471150.tmp
Status: Virus gefunden
Virus: Java:Agent-AUM [Expl]
Objekt: b7ub5yc.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache226331486231471150.tmp
Status: Virus gefunden
Virus: Java:Agent-AUK [Expl]
Objekt: g4v5htsd.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache226331486231471150.tmp
Status: Virus gefunden
Virus: Java:Agent-AUL [Expl]
Objekt: jar_cache226331486231471150.tmp
Pfad: C:\Users\Mo\AppData\Local\Temp
Status: Virus gefunden
Virus: Java:Agent-APN [Expl], Java:Agent-AUM [Expl], Java:Agent-AUK [Expl], Java:Agent-AUL [Expl]
Objekt: ole.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache6551969422699829837.tmp
Status: Virus gefunden
Virus: Java:CVE-2011-3544-DZ [Expl]
Objekt: peg.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache6551969422699829837.tmp
Status: Virus gefunden
Virus: Java:Agent-APE [Expl]
Objekt: jar_cache6551969422699829837.tmp
Pfad: C:\Users\Mo\AppData\Local\Temp
Status: Virus gefunden
Virus: Java:CVE-2011-3544-DZ [Expl], Java:Agent-APE [Expl]
Objekt: tam.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache7258712705719642603.tmp
Status: Virus gefunden
Virus: Java:Agent-APN [Expl]
Objekt: tyv44tc3.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache7258712705719642603.tmp
Status: Virus gefunden
Virus: Java:Agent-AUM [Expl]
Objekt: b7ub5yc.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache7258712705719642603.tmp
Status: Virus gefunden
Virus: Java:Agent-AUK [Expl]
Objekt: g4v5htsd.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache7258712705719642603.tmp
Status: Virus gefunden
Virus: Java:Agent-AUL [Expl]
Objekt: jar_cache7258712705719642603.tmp
Pfad: C:\Users\Mo\AppData\Local\Temp
Status: Virus gefunden
Virus: Java:Agent-APN [Expl], Java:Agent-AUM [Expl], Java:Agent-AUK [Expl], Java:Agent-AUL [Expl]
Objekt: json\Option.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache5004338293873325031.tmp
Status: Virus gefunden
Virus: Java:Agent-ABT [Expl]
Objekt: json\Search.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache5004338293873325031.tmp
Status: Virus gefunden
Virus: Java:Agent-ABS [Expl]
Objekt: json\SP.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache5004338293873325031.tmp
Status: Virus gefunden
Virus: Java:Agent-AEA [Expl]
Objekt: json\ThreadParser.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache5004338293873325031.tmp
Status: Virus gefunden
Virus: Java:Agent-AEH [Expl]
Objekt: json\XSLT.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache5004338293873325031.tmp
Status: Virus gefunden
Virus: Java:Agent-ABQ [Expl]
Objekt: jar_cache5004338293873325031.tmp
Pfad: C:\Users\Mo\AppData\Local\Temp
Status: Virus gefunden
Virus: Java:Agent-ABT [Expl], Java:Agent-ABS [Expl], Java:Agent-AEA [Expl], Java:Agent-AEH [Expl], Java:Agent-ABQ [Expl]
Objekt: kota\kotc.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache6911293353052314864.tmp
Status: Virus gefunden
Virus: Java:CVE-2012-0507-JR [Expl]
Objekt: q_a\q_c.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache6332257902848685756.tmp
Status: Virus gefunden
Virus: Java:CVE-2012-0507-LK [Expl]
Objekt: q_a\q_b.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache6332257902848685756.tmp
Status: Virus gefunden
Virus: Java:CVE-2012-0507-JS [Expl]
Objekt: q_a\q_a.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache6332257902848685756.tmp
Status: Virus gefunden
Virus: Java:CVE-2012-0507-JR [Expl]
Objekt: jar_cache6332257902848685756.tmp
Pfad: C:\Users\Mo\AppData\Local\Temp
Status: Virus gefunden
Virus: Java:CVE-2012-0507-LK [Expl], Java:CVE-2012-0507-JS [Expl], Java:CVE-2012-0507-JR [Expl]
Objekt: kota\kota.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache6911293353052314864.tmp
Status: Virus gefunden
Virus: Java:CVE-2012-0507-JS [Expl]
Objekt: jar_cache6911293353052314864.tmp
Pfad: C:\Users\Mo\AppData\Local\Temp
Status: Virus gefunden
Virus: Java:CVE-2012-0507-JR [Expl], Java:CVE-2012-0507-JS [Expl]
Objekt: tor.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache4010559603308580943.tmp
Status: Virus gefunden
Virus: Java:CVE-2010-0842-M [Expl]
Objekt: jar_cache4010559603308580943.tmp
Pfad: C:\Users\Mo\AppData\Local\Temp
Status: Virus gefunden
Virus: Java:CVE-2010-0842-M [Expl]
Objekt: kota\kotc.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache8198581322510284185.tmp
Status: Virus gefunden
Virus: Java:CVE-2012-0507-JR [Expl]
Objekt: kota\kota.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache8198581322510284185.tmp
Status: Virus gefunden
Virus: Java:CVE-2012-0507-JS [Expl]
Objekt: jar_cache8198581322510284185.tmp
Pfad: C:\Users\Mo\AppData\Local\Temp
Status: Virus gefunden
Virus: Java:CVE-2012-0507-JR [Expl], Java:CVE-2012-0507-JS [Expl]
Objekt: tor.class
In Archiv: C:\Users\Mo\AppData\Local\Temp\jar_cache8645537323246022606.tmp
Status: Virus gefunden
Virus: Java:CVE-2010-0842-M [Expl]
Objekt: jar_cache8645537323246022606.tmp
Pfad: C:\Users\Mo\AppData\Local\Temp
Status: Virus gefunden
Virus: Java:CVE-2010-0842-M [Expl]
Objekt: candyflip-lsd-und-ecstasy[1].html
Pfad: C:\Users\Mo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J7HE7R6E
Status: Virus gefunden
Virus: JS:Redirector-NZ [Trj]

Analyse vollständig durchgeführt: 24.07.2012 15:13:58
452601 Dateien überprüft
26 infizierte Dateien gefunden
0 verdächtige Dateien gefunden

Was soll ich jetzt tun?