Mein Problem handelt sich um einen Virus, der mich dauerhaft auf die Seite www.abnow.com leitet, wenn ich per Google Links anklicke.

Habe von einem anderem Thread hier auf Trojaner-board schon erfahren das es mehrere mit diesem Problem gibt und auch eine Anleitung entdeckt die ich schon mal befolgt habe.

DDS:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7600.16385
Run by Makatosh at 18:19:17 on 2012-02-04
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.2047.886 [GMT 1:00]
.
AV: Kaspersky Security Suite CBE 11 *Enabled/Outdated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Security Suite CBE 11 *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Security Suite CBE 11 *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
C:\Windows\System32\alg.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 11\avp.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHJE.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchqu.com//406
uURLSearchHooks: NCH DE Toolbar: {b106b661-3e1b-4015-af5c-195e909f35c6} - c:\program files\nch_de\prxtbNCH_.dll
mURLSearchHooks: NCH DE Toolbar: {b106b661-3e1b-4015-af5c-195e909f35c6} - c:\program files\nch_de\prxtbNCH_.dll
uWinlogon: Shell=c:\users\makatosh\appdata\local\707b751c\X
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky security suite cbe 11\ievkbd.dll
BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~2\wi3c8a~1\datamngr\toolbar\searchqudtx.dll
BHO: Loader Class: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~2\wi3c8a~1\datamngr\BROWSE~1.DLL
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: NCH DE Toolbar: {b106b661-3e1b-4015-af5c-195e909f35c6} - c:\program files\nch_de\prxtbNCH_.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky security suite cbe 11\klwtbbho.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~2\wi3c8a~1\datamngr\toolbar\searchqudtx.dll
TB: toolplugin: {dfefcdee-cf1a-4fc8-89af-189327213627} - c:\users\makatosh\appdata\roaming\toolplugin\toolbar.dll
TB: NCH DE Toolbar: {b106b661-3e1b-4015-af5c-195e909f35c6} - c:\program files\nch_de\prxtbNCH_.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [PlayNC Launcher]
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [ICQ] "c:\program files\icq7.5\ICQ.exe" silent loginmode=4
uRun: [EPSON SX130 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatihje.exe /fu "c:\windows\temp\E_S26CA.tmp" /EF "HKCU"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [DATAMNGR] c:\progra~2\wi3c8a~1\datamngr\DATAMN~1.EXE
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky security suite cbe 11\avp.exe"
mRun: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
mRun: [Launch LGDCore] "c:\program files\common files\logitech\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [Launch LCDMon] "c:\program files\common files\logitech\lcd manager\lcdmon.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Hinzufügen zu Anti-Banner - c:\program files\kaspersky lab\kaspersky security suite cbe 11\ie_banner_deny.htm
IE: {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\icq7.5\ICQ.exe
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky security suite cbe 11\klwtbbho.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky security suite cbe 11\klwtbbho.dll
LSP: mswsock.dll
TCP: Interfaces\{D88E2E26-C370-403D-A989-91ACF1772006} : NameServer = 139.7.30.125 139.7.30.126
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~2\wi3c8a~1\datamngr\datamngr.dll c:\progra~2\wi3c8a~1\datamngr\iebho.dll ,c:\progra~2\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~2\kasper~1\kasper~1\kloehk.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\makatosh\appdata\roaming\mozilla\firefox\profiles\4t27acoj.default\
FF - prefs.js: browser.search.selectedEngine - Search the web
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - component: c:\users\makatosh\appdata\roaming\mozilla\firefox\profiles\4t27acoj.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\users\makatosh\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.search.selectedEngine - Search the web
FF - user.js: browser.search.order.1 - Search the web
FF - user.js: browser.search.defaultenginename - Search the web
FF - user.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: privacy.item.cookies - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
.
============= SERVICES / DRIVERS ===============
.
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 22104]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AVP;Kaspersky Security Suite CBE 11 Service;c:\program files\kaspersky lab\kaspersky security suite cbe 11\avp.exe [2011-4-13 387696]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2008-3-13 24576]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2010-7-1 34896]
.
=============== Created Last 30 ================
.
2012-02-04 12:39:51 -------- d-----r- c:\program files\Skype
2012-02-02 19:17:45 -------- d-----w- c:\users\makatosh\appdata\local\Logitech
2012-02-02 19:17:35 -------- d-----w- c:\program files\common files\Logitech
2012-01-21 16:47:36 -------- d-----w- c:\programdata\Vodafone
2012-01-18 16:51:58 110992 ----a-w- c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll
2012-01-18 16:51:57 151952 ----a-w- c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
2012-01-18 16:51:51 97859 ----a-w- c:\windows\system32\drivers\klick.dat
2012-01-18 16:51:51 115267 ----a-w- c:\windows\system32\drivers\klin.dat
2012-01-18 16:50:57 -------- d-----w- c:\programdata\Kaspersky Lab
2012-01-18 16:50:57 -------- d-----w- c:\program files\Kaspersky Lab
2012-01-14 16:13:07 -------- d-----w- c:\program files\common files\EPSON
2012-01-14 11:26:42 -------- d-----w- c:\users\makatosh\appdata\local\ABBYY
2012-01-14 11:24:39 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint
2012-01-14 11:24:38 -------- d-----w- c:\programdata\ABBYY
2012-01-14 11:24:38 -------- d-----w- c:\program files\common files\ABBYY
2012-01-14 11:22:15 -------- d-----w- c:\programdata\UDL
2012-01-14 11:20:19 -------- d-----w- c:\program files\Epson Software
2012-01-14 11:19:29 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2012-01-14 11:19:23 93696 ----a-w- c:\windows\system32\E_FLBHJE.DLL
2012-01-14 11:19:20 63488 ----a-w- c:\windows\system32\E_FD4BHJE.DLL
2012-01-14 11:19:08 -------- d-----w- c:\programdata\EPSON
2012-01-14 11:18:55 341504 ----a-w- c:\windows\system32\esw2ud.dll
2012-01-14 11:18:55 132560 ----a-w- c:\windows\system32\esdevapp.exe
2012-01-14 11:18:55 12800 ----a-w- c:\windows\system32\escdev.dll
2012-01-14 11:18:49 -------- d-----w- c:\program files\epson
2012-01-13 06:52:09 0 --sha-w- c:\windows\system32\dds_log_trash.cmd
.
==================== Find3M ====================
.
2011-11-30 02:14:50 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 18:20:35,14 ===============

Attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 08.03.2011 18:31:01
System Uptime: 04.02.2012 15:16:50 (3 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5N-D
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz | Socket 775 | 3401/378mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 326,787 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
F: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\ATK0110\1010110
Manufacturer:
Name:
PNP Device ID: ACPI\ATK0110\1010110
Service:
.
Class GUID:
Description: OC GEAR
Device ID: USB\VID_04B4&PID_1737\5&284A1E07&0&5
Manufacturer:
Name: OC GEAR
PNP Device ID: USB\VID_04B4&PID_1737\5&284A1E07&0&5
Service:
.
==== System Restore Points ===================
.
RP84: 14.01.2012 12:19:46 - Installed Epson Event Manager
RP86: 14.01.2012 12:20:59 - Installiert Easy Photo Print Plug-in for PMB(Picture Motion Brow”zMw
RP87: 14.01.2012 12:22:37 - Installed ABBYY FineReader 9.0 Sprint
RP90: 18.01.2012 17:50:00 - Installierte(s) Kaspersky Security Suite CBE 11.
RP91: 21.01.2012 17:43:58 - Removed Vodafone Mobile Connect Lite Huawei.
RP92: 21.01.2012 17:47:13 - Installed Vodafone Mobile Connect Lite Huawei.
RP93: 02.02.2012 20:17:16 - Installed Logitech G11 Keyboard Software 1.03
.
==== Installed Programs ======================
.
ABBYY FineReader 9.0 Sprint
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Assassin's Creed II
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Conduit Engine
DAEMON Tools Toolbar
DragonSoul
Epson Easy Photo Print 2
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson Event Manager
EPSON Scan
EPSON SX130 Series Printer Uninstall
ICQ7.5
JA Launcher
Kaspersky Security Suite CBE 11
LOCO EVOLUTION
Logitech G11 Keyboard Software 1.03
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft WSE 3.0 Runtime
Mozilla Firefox 8.0.1 (x86 de)
NCH DE Toolbar
NCsoft Launcher
NVIDIA PhysX
PunkBuster Services
Sacred 2
Skype Click to Call
Skype™ 5.5
TeamSpeak 3 Client
Ubisoft Game Launcher
UltraStar Deluxe
Unity Web Player
VC80CRTRedist - 8.0.50727.6195
Vodafone Mobile Connect Lite Huawei
Windows iLivid Toolbar
WinPcap 4.1.2
WinRAR 4.00 (32-Bit)
.
==== End Of File ===========================

FRS:

Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 28-01-2012
Ran by at 2012-02-04 18:54:40
Running from C:\Users\Makatosh\Downloads
(X86) OS Language: German Standard
Attention: Could not load system hive.========================== Registry (Whitelisted) =============

HKLM\...\Winlogon: [Userinit] [x]
HKLM\...\Winlogon: [Shell]

================================ Services (Whitelisted) ==================


========================== Drivers (Whitelisted) =============


========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============


2012-02-04 18:53 - 2012-02-04 18:54 - 0000000 ____D C:\FRST
2012-02-04 18:51 - 2012-02-04 18:52 - 0861474 ____A C:\Users\Makatosh\Downloads\FRST.exe
2012-02-04 18:18 - 2012-02-04 18:13 - 0607260 ____R (Swearware) C:\Users\Makatosh\Desktop\dds.com
2012-02-04 18:14 - 2012-02-04 18:17 - 0605870 ____A C:\Users\Public\Documents\dds.rar
2012-02-04 13:41 - 2012-02-04 14:08 - 0002503 ____A C:\Users\Public\Desktop\Skype.lnk
2012-02-04 13:39 - 2012-02-04 13:42 - 0000000 ___RD C:\Program Files\Skype
2012-02-02 20:17 - 2012-02-02 20:17 - 0000000 ____D C:\Users\Makatosh\AppData\Local\Logitech
2012-02-02 20:17 - 2012-02-02 20:17 - 0000000 ____D C:\Users\All Users\Logitech
2012-02-02 20:17 - 2012-02-02 20:17 - 0000000 ____D C:\ProgramData\Logitech
2012-02-02 20:17 - 2012-02-02 20:17 - 0000000 ____D C:\Program Files\Logitech
2012-02-02 20:17 - 2012-02-02 20:17 - 0000000 ____D C:\Program Files\Common Files\Logitech
2012-01-23 04:32 - 2012-01-23 04:44 - 5930915 ____A C:\Users\Makatosh\Downloads\YouPorn - geiler Arschfick.mp4
2012-01-21 17:47 - 2012-01-21 17:47 - 0002755 ____A C:\Users\Public\Desktop\Vodafone SMS.lnk
2012-01-21 17:47 - 2012-01-21 17:47 - 0002755 ____A C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
2012-01-21 17:47 - 2012-01-21 17:47 - 0000000 ____D C:\Users\All Users\Vodafone
2012-01-21 17:47 - 2012-01-21 17:47 - 0000000 ____D C:\ProgramData\Vodafone
2012-01-18 19:41 - 2012-01-18 19:41 - 0151144 ____A C:\Windows\Minidump\011812-23665-01.dmp
2012-01-18 17:51 - 2012-01-18 17:51 - 0115267 ____A C:\Windows\System32\Drivers\klin.dat
2012-01-18 17:51 - 2012-01-18 17:51 - 0097859 ____A C:\Windows\System32\Drivers\klick.dat
2012-01-18 17:50 - 2012-02-04 15:17 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2012-01-18 17:50 - 2012-02-04 15:17 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2012-01-18 17:50 - 2012-01-18 17:50 - 0488536 ____A C:\Windows\System32\Drivers\klif.sys
2012-01-18 17:50 - 2012-01-18 17:50 - 0000000 ____D C:\Program Files\Kaspersky Lab
2012-01-17 23:48 - 2012-01-17 23:48 - 0001096 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-01-17 23:48 - 2012-01-17 23:48 - 0000000 ____D C:\Program Files\Mozilla Firefox
2012-01-15 00:00 - 2012-01-16 16:26 - 0000000 ____D C:\Users\Makatosh\AppData\Roaming\Epson
2012-01-14 17:13 - 2012-01-14 17:13 - 0000000 ____D C:\Program Files\Common Files\EPSON
2012-01-14 12:26 - 2012-01-14 12:26 - 0000000 ____D C:\Users\Makatosh\AppData\Local\ABBYY
2012-01-14 12:24 - 2012-01-14 12:27 - 0000000 ____D C:\Program Files\ABBYY FineReader 9.0 Sprint
2012-01-14 12:24 - 2012-01-14 12:24 - 0000000 ____D C:\Users\All Users\ABBYY
2012-01-14 12:24 - 2012-01-14 12:24 - 0000000 ____D C:\ProgramData\ABBYY
2012-01-14 12:24 - 2012-01-14 12:24 - 0000000 ____D C:\Program Files\Common Files\ABBYY
2012-01-14 12:22 - 2012-01-14 12:22 - 0002113 ____A C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2012-01-14 12:22 - 2012-01-14 12:22 - 0000000 ____D C:\Users\All Users\UDL
2012-01-14 12:22 - 2012-01-14 12:22 - 0000000 ____D C:\ProgramData\UDL
2012-01-14 12:20 - 2012-01-14 12:21 - 0000306 ____A C:\Windows\setup.iss
2012-01-14 12:20 - 2012-01-14 12:21 - 0000000 ____D C:\Program Files\Epson Software
2012-01-14 12:19 - 2012-01-14 17:13 - 0000000 ____D C:\Users\All Users\EPSON
2012-01-14 12:19 - 2012-01-14 17:13 - 0000000 ____D C:\ProgramData\EPSON
2012-01-14 12:19 - 2009-10-01 14:01 - 0063488 ____A C:\Windows\System32\E_FD4BHJE.DLL
2012-01-14 12:19 - 2008-11-12 13:00 - 0093696 ____A C:\Windows\System32\E_FLBHJE.DLL
2012-01-14 12:19 - 2007-04-10 12:06 - 0008192 ____A C:\Windows\System32\E_DCINST.DLL
2012-01-14 12:18 - 2012-01-14 12:20 - 0000000 ____D C:\Program Files\epson
2012-01-14 12:18 - 2012-01-14 12:18 - 0000930 ____A C:\Users\Public\Desktop\EPSON Scan.lnk
2012-01-14 12:18 - 2009-12-09 00:00 - 0341504 ____A C:\Windows\System32\esw2ud.dll
2012-01-14 12:18 - 2009-10-16 00:00 - 0132560 ____A C:\Windows\System32\esdevapp.exe
2012-01-14 12:18 - 2009-10-16 00:00 - 0012800 ____A C:\Windows\System32\escdev.dll
2012-01-13 07:52 - 2012-02-04 15:17 - 0000000 __ASH C:\Windows\System32\dds_log_trash.cmd
2012-01-05 22:09 - 2012-01-05 22:09 - 0000831 ____A C:\Users\Public\Desktop\LOCO.lnk
2012-01-05 21:47 - 2012-01-05 21:47 - 0001580 ____A C:\Users\Public\Desktop\DragonSoul.lnk

============ 3 Months Modified Files and Folders ===============

2012-02-04 18:54 - 2011-03-14 18:41 - 0000000 ____D C:\Users\Makatosh\AppData\Roaming\Skype
2012-02-04 18:52 - 2012-02-04 18:51 - 0861474 ____A C:\Users\Makatosh\Downloads\FRST.exe
2012-02-04 18:17 - 2012-02-04 18:14 - 0605870 ____A C:\Users\Public\Documents\dds.rar
2012-02-04 18:13 - 2012-02-04 18:18 - 0607260 ____R (Swearware) C:\Users\Makatosh\Desktop\dds.com
2012-02-04 17:59 - 2011-03-08 18:56 - 0000439 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2012-02-04 17:22 - 2011-03-08 18:36 - 1472002 ____A C:\Windows\System32\PerfStringBackup.INI
2012-02-04 15:34 - 2011-03-16 18:29 - 0000111 ____A C:\Users\Makatosh\Documents\aionmemo_d85e6caf.dat
2012-02-04 15:24 - 2009-07-14 05:34 - 0014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-02-04 15:24 - 2009-07-14 05:34 - 0014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-02-04 15:20 - 2011-03-08 17:51 - 1274451 ____A C:\Windows\WindowsUpdate.log
2012-02-04 15:17 - 2012-01-18 17:50 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2012-02-04 15:17 - 2012-01-18 17:50 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2012-02-04 15:17 - 2012-01-13 07:52 - 0000000 __ASH C:\Windows\System32\dds_log_trash.cmd
2012-02-04 15:17 - 2011-10-27 15:19 - 0033107 ____A C:\Windows\setupact.log
2012-02-04 15:17 - 2011-03-08 17:48 - 1609474048 __ASH C:\hiberfil.sys
2012-02-04 15:17 - 2009-07-14 05:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-02-04 14:08 - 2012-02-04 13:41 - 0002503 ____A C:\Users\Public\Desktop\Skype.lnk
2012-02-04 13:42 - 2012-02-04 13:39 - 0000000 ___RD C:\Program Files\Skype
2012-02-04 13:41 - 2011-03-14 18:59 - 0000000 ____D C:\Users\Makatosh\AppData\Roaming\skypePM
2012-02-04 13:41 - 2011-03-14 18:41 - 0000000 ____D C:\Users\All Users\Skype
2012-02-04 13:41 - 2011-03-14 18:41 - 0000000 ____D C:\ProgramData\Skype
2012-02-02 20:17 - 2012-02-02 20:17 - 0000000 ____D C:\Users\Makatosh\AppData\Local\Logitech
2012-02-02 20:17 - 2012-02-02 20:17 - 0000000 ____D C:\Users\All Users\Logitech
2012-02-02 20:17 - 2012-02-02 20:17 - 0000000 ____D C:\ProgramData\Logitech
2012-02-02 20:17 - 2012-02-02 20:17 - 0000000 ____D C:\Program Files\Logitech
2012-02-02 20:17 - 2012-02-02 20:17 - 0000000 ____D C:\Program Files\Common Files\Logitech
2012-01-23 04:44 - 2012-01-23 04:32 - 5930915 ____A C:\Users\Makatosh\Downloads\YouPorn - geiler Arschfick.mp4
2012-01-21 17:47 - 2012-01-21 17:47 - 0002755 ____A C:\Users\Public\Desktop\Vodafone SMS.lnk
2012-01-21 17:47 - 2012-01-21 17:47 - 0002755 ____A C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
2012-01-21 17:47 - 2012-01-21 17:47 - 0000000 ____D C:\Users\All Users\Vodafone
2012-01-21 17:47 - 2012-01-21 17:47 - 0000000 ____D C:\ProgramData\Vodafone
2012-01-21 17:47 - 2011-07-23 20:53 - 0000000 ____D C:\Program Files\Vodafone
2012-01-21 17:47 - 2011-03-08 18:31 - 0000174 ___SH C:\Users\Makatosh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-01-21 17:18 - 2009-07-14 03:37 - 0000000 ____D C:\Windows\System32\NDF
2012-01-18 19:56 - 2011-10-03 15:26 - 0000000 ____D C:\Program Files\Common Files\Steam
2012-01-18 19:41 - 2012-01-18 19:41 - 0151144 ____A C:\Windows\Minidump\011812-23665-01.dmp
2012-01-18 19:41 - 2011-03-29 20:25 - 0000000 ____D C:\Windows\Minidump
2012-01-18 19:40 - 2011-10-27 15:19 - 200220391 ____A C:\Windows\MEMORY.DMP
2012-01-18 19:40 - 2011-10-27 15:18 - 0002946 ____A C:\Windows\PFRO.log
2012-01-18 19:39 - 2011-03-08 18:31 - 0000000 ____D C:\users\Makatosh
2012-01-18 17:51 - 2012-01-18 17:51 - 0115267 ____A C:\Windows\System32\Drivers\klin.dat
2012-01-18 17:51 - 2012-01-18 17:51 - 0097859 ____A C:\Windows\System32\Drivers\klick.dat
2012-01-18 17:51 - 2009-07-14 03:37 - 0000000 ____D C:\Windows\System32\DriverStore
2012-01-18 17:50 - 2012-01-18 17:50 - 0488536 ____A C:\Windows\System32\Drivers\klif.sys
2012-01-18 17:50 - 2012-01-18 17:50 - 0000000 ____D C:\Program Files\Kaspersky Lab
2012-01-18 17:46 - 2009-07-14 03:37 - 0000000 ____D C:\Windows\System32\config\TxR
2012-01-18 01:02 - 2011-10-26 23:43 - 0000000 ____D C:\Program Files\Google
2012-01-17 23:48 - 2012-01-17 23:48 - 0001096 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-01-17 23:48 - 2012-01-17 23:48 - 0000000 ____D C:\Program Files\Mozilla Firefox
2012-01-17 23:47 - 2011-03-07 16:28 - 0000000 ___RD C:\Programme
2012-01-16 16:26 - 2012-01-15 00:00 - 0000000 ____D C:\Users\Makatosh\AppData\Roaming\Epson
2012-01-14 17:13 - 2012-01-14 17:13 - 0000000 ____D C:\Program Files\Common Files\EPSON
2012-01-14 17:13 - 2012-01-14 12:19 - 0000000 ____D C:\Users\All Users\EPSON
2012-01-14 17:13 - 2012-01-14 12:19 - 0000000 ____D C:\ProgramData\EPSON
2012-01-14 12:27 - 2012-01-14 12:24 - 0000000 ____D C:\Program Files\ABBYY FineReader 9.0 Sprint
2012-01-14 12:26 - 2012-01-14 12:26 - 0000000 ____D C:\Users\Makatosh\AppData\Local\ABBYY
2012-01-14 12:24 - 2012-01-14 12:24 - 0000000 ____D C:\Users\All Users\ABBYY
2012-01-14 12:24 - 2012-01-14 12:24 - 0000000 ____D C:\ProgramData\ABBYY
2012-01-14 12:24 - 2012-01-14 12:24 - 0000000 ____D C:\Program Files\Common Files\ABBYY
2012-01-14 12:22 - 2012-01-14 12:22 - 0002113 ____A C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2012-01-14 12:22 - 2012-01-14 12:22 - 0000000 ____D C:\Users\All Users\UDL
2012-01-14 12:22 - 2012-01-14 12:22 - 0000000 ____D C:\ProgramData\UDL
2012-01-14 12:21 - 2012-01-14 12:20 - 0000306 ____A C:\Windows\setup.iss
2012-01-14 12:21 - 2012-01-14 12:20 - 0000000 ____D C:\Program Files\Epson Software
2012-01-14 12:21 - 2011-03-08 21:25 - 0000000 ___HD C:\Program Files\InstallShield Installation Information
2012-01-14 12:20 - 2012-01-14 12:18 - 0000000 ____D C:\Program Files\epson
2012-01-14 12:18 - 2012-01-14 12:18 - 0000930 ____A C:\Users\Public\Desktop\EPSON Scan.lnk
2012-01-14 12:18 - 2009-07-14 05:52 - 0000000 ____D C:\Windows\twain_32
2012-01-12 06:31 - 2011-06-28 18:56 - 0000000 ____D C:\Users\Makatosh\AppData\Roaming\ICQ
2012-01-07 05:53 - 2011-03-20 04:00 - 0000000 ____D C:\Users\Makatosh\AppData\Roaming\vlc
2012-01-07 05:19 - 2011-04-07 00:58 - 0000000 ____D C:\Users\Makatosh\AppData\Roaming\dvdcss
2012-01-05 22:09 - 2012-01-05 22:09 - 0000831 ____A C:\Users\Public\Desktop\LOCO.lnk
2012-01-05 21:59 - 2011-03-07 18:00 - 0000000 ____D C:\Games
2012-01-05 21:47 - 2012-01-05 21:47 - 0001580 ____A C:\Users\Public\Desktop\DragonSoul.lnk
2012-01-01 22:28 - 2009-07-14 03:37 - 0000000 ____D C:\Windows\ModemLogs
2011-12-28 19:36 - 2011-12-28 19:36 - 0000000 ____D C:\Users\Makatosh\Desktop\SICHERRUNG
2011-12-28 19:21 - 2011-10-27 00:12 - 0000000 ____D C:\Users\Makatosh\AppData\Roaming\Orbit
2011-12-28 19:20 - 2011-12-23 10:53 - 0000000 ____D C:\Program Files\Yahoo!
2011-12-28 18:53 - 2011-04-07 17:42 - 0000000 ____D C:\Windows\System32\appmgmt
2011-12-26 21:30 - 2011-04-09 20:13 - 0000000 ____D C:\Users\Makatosh\AppData\Roaming\DAEMON Tools Lite
2011-12-23 10:53 - 2011-12-23 10:53 - 0000000 ____D C:\Users\Makatosh\Documents\My Widgets
2011-12-18 05:21 - 2011-10-25 20:19 - 0000000 __SHD C:\Users\Makatosh\AppData\Local\707b751c
2011-12-12 12:38 - 2011-12-12 12:05 - 38751760 ____A C:\Users\Makatosh\Downloads\YouPorn - Hot fishnet body suit and lots of sex.mp4
2011-12-09 02:58 - 2009-07-14 05:53 - 0032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-12-09 00:50 - 2011-12-09 00:50 - 0000000 ____D C:\Users\Makatosh\Documents\MeinSpore-Kreationen
2011-12-09 00:50 - 2011-12-09 00:49 - 0000000 ____D C:\Users\Makatosh\AppData\Roaming\SPORE
2011-12-06 15:08 - 2011-03-08 18:52 - 0000000 ____D C:\Program Files\Common Files\InstallShield
2011-12-06 15:05 - 2011-10-26 23:41 - 0000000 ____D C:\Program Files\Common Files\PX Storage Engine
2011-12-06 15:05 - 2011-10-26 23:38 - 0000000 ____D C:\Program Files\DivX
2011-12-06 15:05 - 2011-10-06 23:06 - 0000000 ____D C:\Users\All Users\DivX
2011-12-06 15:05 - 2011-10-06 23:06 - 0000000 ____D C:\ProgramData\DivX
2011-12-06 15:05 - 2011-03-08 18:31 - 0000000 ____D C:\Users\Makatosh\AppData\LocalLow
2011-12-06 14:09 - 2009-07-14 09:56 - 0000000 ___RD C:\Users\Public\Recorded TV
2011-12-06 02:32 - 2011-12-06 02:32 - 0131072 ____A C:\Windows\Minidump\120611-21512-01.dmp
2011-12-05 05:40 - 2011-12-05 05:37 - 4514225 ____A C:\Users\Makatosh\Downloads\smac27beta_setup.rar
2011-12-04 22:13 - 2011-03-08 18:58 - 0000000 ____D C:\Users\Makatosh\AppData\Local\Just-Aion
2011-12-03 18:39 - 2011-08-31 13:17 - 0000000 ____D C:\Users\All Users\Solidshield
2011-12-03 18:39 - 2011-08-31 13:17 - 0000000 ____D C:\ProgramData\Solidshield
2011-12-03 18:38 - 2011-12-03 18:38 - 0001186 ____A C:\Users\Makatosh\Desktop\JA Launcher 2 - Verknüpfung (3).lnk
2011-12-03 18:36 - 2011-12-03 18:36 - 0000947 ____A C:\Users\Makatosh\Desktop\TESV - Verknüpfung.lnk
2011-11-30 19:26 - 2011-10-25 20:19 - 0000000 ____A C:\Windows\477461360
2011-11-30 03:14 - 2011-11-30 03:11 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2011-11-30 03:09 - 2011-11-30 02:25 - 23620251 ____A C:\Users\Makatosh\Downloads\flash111.zip
2011-11-29 17:18 - 2011-11-26 02:02 - 0000000 ____D C:\Users\Makatosh\AppData\Local\Skyrim
2011-11-29 05:08 - 2011-11-29 05:08 - 23528088 ____A C:\Users\Makatosh\Downloads\r14novtesvsdecrfigw.part2 (1) (1).rar
2011-11-29 05:02 - 2011-11-29 05:02 - 23528088 ____A C:\Users\Makatosh\Downloads\r14novtesvsdecrfigw.part2 (1).rar
2011-11-29 04:45 - 2011-11-29 04:29 - 23528088 ____A C:\Users\Makatosh\Downloads\r14novtesvsdecrfigw.part2.rar
2011-11-29 04:25 - 2011-11-29 03:17 - 104857600 ____A C:\Users\Makatosh\Downloads\r14novtesvsdecrfigw.part1.rar
2011-11-26 22:10 - 2011-11-26 22:10 - 0001648 ____A C:\Users\Makatosh\Downloads\The.Elder.Scrolls.V.Skyrim.GERMAN.PROPER.CRACK.FILES-GWAREZ_Update_-36usmulwmlbt.dlc
2011-11-26 22:10 - 2011-11-26 22:10 - 0001648 ____A C:\Users\Makatosh\Downloads\The.Elder.Scrolls.V.Skyrim.GERMAN.PROPER.CRACK.FILES-GWAREZ_Update_-36usmulwmlbt (1).dlc
2011-11-26 21:14 - 2011-11-26 21:06 - 3446976 ____A C:\Users\Makatosh\Downloads\skyrim.rar
2011-11-26 20:14 - 2011-11-26 20:14 - 0035294 ____A C:\Users\Makatosh\Downloads\Elder%2BScrolls%2B5%2BSkyrim%2BBeta%2BCrack%2Band%2BKeygen.rar
2011-11-26 20:09 - 2011-11-26 20:09 - 0006968 ____A C:\Users\Makatosh\Downloads\the.elder.scrolls.v.skyrim.crack.only-skidrow.rar (1).torrent
2011-11-26 20:08 - 2011-11-26 20:08 - 0006968 ____A C:\Users\Makatosh\Downloads\the.elder.scrolls.v.skyrim.crack.only-skidrow.rar.torrent
2011-11-26 18:28 - 2011-11-26 18:22 - 1338976 ____A C:\Users\Makatosh\Downloads\The_Elder_Scrolls_V_Skyrim_Update_1-RazorDOX.rar
2011-11-26 17:25 - 2011-11-26 17:25 - 0319584 ____A (Softonic) C:\Users\Makatosh\Downloads\SoftonicDownloader_fuer_magix-music-maker-mx.exe
2011-11-26 17:08 - 2011-11-26 16:25 - 13223135 ____A C:\Users\Makatosh\Downloads\mt-x_setup(2).rar
2011-11-26 15:50 - 2011-11-26 15:42 - 2711710 ____A C:\Users\Makatosh\Downloads\The_Elder_Scrolls_V_Skyrim_v1.1.21.0_+_8_Trainer.rar
2011-11-26 02:02 - 2011-03-10 21:18 - 0000000 ____D C:\Users\Makatosh\Documents\My Games
2011-11-13 21:38 - 2011-11-13 21:37 - 0154392 ____A C:\Windows\Minidump\111311-19718-01.dmp
2011-11-13 20:48 - 2011-11-13 20:48 - 0153040 ____A C:\Windows\Minidump\111311-19110-01.dmp


========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe
[2009-07-14 00:41] - [2009-07-14 02:14] - 2613248 ____A ()

C:\Windows\System32\winlogon.exe
[2009-07-14 00:37] - [2009-07-14 02:14] - 0285696 ____A ()

C:\Windows\System32\wininit.exe
[2009-07-14 00:36] - [2009-07-14 02:14] - 0096256 ____A ()

C:\Windows\System32\Drivers\volsnap.sys
[2009-07-14 00:11] - [2009-07-14 02:19] - 0245328 ____A ()


========================= Memory info ======================

Percentage of memory in use: 51%
Total physical RAM: 2046.55 MB
Available physical RAM: 990.09 MB
Total Pagefile: 4093.11 MB
Available Pagefile: 2770.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.13 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:465.75 GB) (Free:326.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (VMC Lite 9.3.0.9237RP2) (CDROM) (Total:0.06 GB) (Free:0 GB) CDFS


==========================================================

Last Boot: 2011-09-27 18:33

======================= End Of Log ==========================

Ich hoffe auf eine baldige Antwort und freue mich über jede Hilfestellung.

Zitat:

2011-11-26 20:14 - 2011-11-26 20:14 - 0035294 ____A C:\Users\Makatosh\Downloads\Elder%2BScrolls%2B5%2BSkyrim%2BBeta%2BCrack%2Band%2BKeygen.rar
2011-11-26 20:09 - 2011-11-26 20:09 - 0006968 ____A C:\Users\Makatosh\Downloads\the.elder.scrolls.v.skyrim.crack.only-skidrow.rar (1).torrent
2011-11-26 20:08 - 2011-11-26 20:08 - 0006968 ____A C:\Users\Makatosh\Downloads\the.elder.scrolls.v.skyrim.crack.only-skidrow.rar.torrent

Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!

In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials