Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Antimalwae Doctor System Hack . Hilfe!!!!!!!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 21.04.2010, 22:01   #1
dertobsen
 
Antimalwae Doctor System Hack . Hilfe!!!!!!! - Standard

Antimalwae Doctor System Hack . Hilfe!!!!!!!



Hallo zusammen,

mein PC wurde heute von einem Antimalware Doctor heimgesucht. Nun bin ich bei der Suche nach einer Lösung für mein Problem auf dieses Forum gestoßen. Ich habe mich hier auch informiert, wie ich meinem Problem Herr werden kann und habe dann mit Hilfe der rkill Anwendung zu erst die System Warnungen ausgeschaltet. Danach habe ich wie es hier empfohlen wurde das programm Malwarebytes´ Anti-Malware benuzt und habe die komplette Systemprüfung durchführen lassen. Hier ist nun der Bericht den die Prüfung ausgespuckt hat:

Malwarebytes' Anti-Malware 1.45
w*w.malwarebytes.org

Datenbank Version: 4016

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

21.04.2010 22:30:18
mbam-log-2010-04-21 (22-30-18).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 216639
Laufzeit: 1 Stunde(n), 11 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 14
Infizierte Registrierungswerte: 5
Infizierte Dateiobjekte der Registrierung: 4
Infizierte Verzeichnisse: 9
Infizierte Dateien: 17

Infizierte Speicherprozesse:
C:\WINDOWS\Jzavya.exe (Trojan.CodecPack) -> Unloaded process successfully.

Infizierte Speichermodule:
c:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a2ba40a0-74f1-52bd-f411-00b15a2c8953} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a2ba40a0-74f1-52bd-f411-00b15a2c8953} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sshnas (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Miracle (PUP.PerfectOptimizer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c (Trojan.CodecPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\newupdate1142c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\windows\system32\sdra64.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: system32\sdra64.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\dokumente und einstellungen\tobias schäfers\anwendungsdaten\sdra64.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\sdra64.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (Userinit.exe) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
C:\Programme\Perfect Optimizer (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programme\Perfect Optimizer\Backup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programme\Perfect Optimizer\Backup\Application (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programme\Perfect Optimizer\Backup\Registry (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programme\Perfect Optimizer\Backup\Registry\FirstBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programme\Perfect Optimizer\Backup\Registry\FullBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programme\Perfect Optimizer\Backup\Service (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programme\Perfect Optimizer\Temp (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec (Stolen.data) -> Delete on reboot.

Infizierte Dateien:
C:\WINDOWS\Jzavya.exe (Trojan.CodecPack) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\Jhh.exe (Trojan.CodecPack) -> Delete on reboot.
C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\C18DF63856E1EBEE6D16B97BD6C42369\hookdll.dll (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\Jhf.exe (Trojan.CodecPack) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\Jhg.exe (Trojan.CodecPack) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\uxxhj.sys (Rootkit.Agent) -> Delete on reboot.
C:\Programme\Perfect Optimizer\Setting.ini (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programme\Perfect Optimizer\Backup\Registry\FirstBackup\20090530215756.Reg (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Delete on reboot.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Delete on reboot.
C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\C18DF63856E1EBEE6D16B97BD6C42369\newupdate1142C.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sdra64.exe (Spyware.Zbot) -> Delete on reboot.
C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\sdra64.exe (Spyware.Zbot) -> Quarantined and deleted successfully.

Ich hoffe ich habe soweit alles richtig gemacht und ihr könnt mir helfen. Danke schon mal im vorraus.

Alt 22.04.2010, 09:32   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimalwae Doctor System Hack . Hilfe!!!!!!! - Standard

Antimalwae Doctor System Hack . Hilfe!!!!!!!



Hallo und

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 22.04.2010, 22:00   #3
dertobsen
 
Antimalwae Doctor System Hack . Hilfe!!!!!!! - Standard

Antimalwae Doctor System Hack . Hilfe!!!!!!!



Hallo Arne,

also hier ist das erste Log-file:

OTL logfile created on: 22.04.2010 22:33:54 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Dokumente und Einstellungen\xxx\Eigene Dateien
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

895,00 Mb Total Physical Memory | 447,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): c:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 20,83 Gb Free Space | 27,96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: xxx-62D2E84B
Current User Name: xxx
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Dokumente und Einstellungen\xxx\Eigene Dateien\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\Programme\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe ()
PRC - C:\Programme\Launch Manager\HotkeyApp.exe (Wistron)
PRC - C:\Programme\Launch Manager\WButton.exe ()
PRC - C:\Programme\Launch Manager\LaunchAp.exe ()
PRC - C:\Programme\Launch Manager\OSD.exe (Wistron)
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)


========== Modules (SafeList) ==========

MOD - C:\Dokumente und Einstellungen\xxx\Eigene Dateien\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\mlang.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)


========== Driver Services (SafeList) ==========

DRV - (tbhsd) -- C:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS) -- C:\WINDOWS\system32\drivers\ZD1211BU.sys (ZyDAS Technology Corporation)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (nvsmu) -- C:\WINDOWS\system32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (X10Hid) -- C:\WINDOWS\system32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (ZDPSp50) -- C:\WINDOWS\system32\drivers\ZDPSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (Hotkey) -- C:\WINDOWS\system32\drivers\HOTKEY.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qip.ru/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Programme\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://de.search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.2
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.qip.ru/search?from=FF&query="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.04.04 20:23:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.04.17 02:15:19 | 000,000,000 | ---D | M]

[2009.03.20 17:59:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Extensions
[2010.04.22 01:33:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\t0qf7vrl.default\extensions
[2010.02.17 12:35:37 | 000,000,000 | ---D | M] (UrlbarExt) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\t0qf7vrl.default\extensions\{10c62ce3-3794-4c18-a881-481733c1a425}
[2009.06.24 17:45:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\t0qf7vrl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.15 00:26:20 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\t0qf7vrl.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2010.01.16 11:49:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\t0qf7vrl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.04.05 23:26:20 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\t0qf7vrl.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.04.05 23:26:20 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\t0qf7vrl.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2009.10.06 17:17:57 | 000,002,061 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\t0qf7vrl.default\searchplugins\qipsearch.xml
[2009.12.20 23:36:13 | 000,003,915 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\t0qf7vrl.default\searchplugins\sweetim.xml
[2010.04.22 01:33:29 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.03.15 00:18:54 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.15 00:18:54 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.15 00:18:54 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.15 00:18:54 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.15 00:18:54 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.02.28 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CtrlVol] C:\Programme\Launch Manager\CtrlVol.exe (Wistron)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HotkeyApp] C:\Programme\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LaunchAp] C:\Programme\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LMgrOSD] C:\Programme\Launch Manager\OSD.exe (Wistron)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Programme\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Wbutton] C:\Programme\Launch Manager\Wbutton.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Programme\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [mcexecwin] C:\DOKUME~1\TOBIAS~1\LOKALE~1\Temp\jwe7ql.DLL File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\ZDWLan Utility.lnk = C:\Programme\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\cbssreg: DllName - C:\Dokumente und Einstellungen\All Users\Dokumente\Settings\cbss.dll - C:\Dokumente und Einstellungen\All Users\Dokumente\Settings\cbss.dll ()
O22 - SharedTaskScheduler: {A2BA40A0-74F1-52BD-F411-00B15A2C8953} - kjsfi8sjefiuoshiefyhiusdhfdf - Reg Error: Key error. File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.20 17:06:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\[Torrentsworld.net] - Transformers Die Rache 2009 TS LD XviD-iLG.torrent
File not found -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\[Torrentsworld.net] - Scrubs-Die Anfaenger-Staffel 1-6 Komplett auf Deutsch [mnvv2 ws].torrent
File not found -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\[Torrentsworld.net] - Scrubs Staffel 6 -komplett- deutsch.torrent
[2010.04.22 22:33:14 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\OTL.exe
[2010.04.22 10:36:49 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\xxx\Recent
[2010.04.21 23:14:49 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Settings
[2010.04.21 21:16:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Malwarebytes
[2010.04.21 21:16:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.21 21:16:35 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.21 21:16:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.04.21 21:16:34 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.04.21 21:15:58 | 005,918,720 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Tobias Schäfers\Eigene Dateien\mbam-setup-1.45.exe
[2010.04.21 15:42:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2010.04.21 15:42:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2010.04.21 15:36:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\C18DF63856E1EBEE6D16B97BD6C42369
[2010.04.18 23:32:06 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.04.18 23:29:46 | 000,000,000 | ---D | C] -- C:\Programme\Lavasoft
[2010.04.18 23:29:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft
[2010.04.18 23:28:32 | 097,364,760 | ---- | C] (Lavasoft ) -- C:\Dokumente und Einstellungen\Tobias Schäfers\Eigene Dateien\Ad-Aware82Installer.exe
[2010.04.18 15:43:00 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010.04.16 00:01:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX
[2010.04.04 20:25:25 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.04.04 20:25:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.04.04 20:22:38 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.04.04 20:20:12 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.04.04 17:02:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010.03.31 03:58:24 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010.03.27 22:53:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Avira
[2009.04.09 12:38:00 | 000,126,976 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.SHDocVw.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\[Torrentsworld.net] - Transformers Die Rache 2009 TS LD XviD-iLG.torrent
File not found -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\[Torrentsworld.net] - Scrubs-Die Anfaenger-Staffel 1-6 Komplett auf Deutsch [mnvv2 ws].torrent
File not found -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\[Torrentsworld.net] - Scrubs Staffel 6 -komplett- deutsch.torrent
[2010.04.22 22:33:15 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tobias Schäfers\Eigene Dateien\OTL.exe
[2010.04.22 22:30:16 | 001,050,718 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.04.22 22:30:16 | 000,452,554 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.04.22 22:30:16 | 000,435,594 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.04.22 22:30:16 | 000,081,316 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.04.22 22:30:16 | 000,068,490 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.04.22 22:27:37 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Desktop\Microsoft Office Outlook 2007.lnk
[2010.04.22 22:26:17 | 000,050,868 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.04.22 22:26:12 | 000,012,632 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.22 22:26:00 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.22 22:25:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.22 10:36:58 | 004,980,736 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\ntuser.dat
[2010.04.22 10:36:58 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\xxx\ntuser.ini
[2010.04.22 01:15:48 | 000,038,400 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.21 23:32:00 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.04.21 21:16:41 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.21 21:16:08 | 005,918,720 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Tobias Schäfers\Eigene Dateien\mbam-setup-1.45.exe
[2010.04.21 21:14:18 | 000,363,520 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\rkill.com
[2010.04.21 17:00:09 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.18 23:36:02 | 004,980,736 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\NTUSER.DAT_tureg_old
[2010.04.18 23:32:05 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.04.18 23:28:41 | 097,364,760 | ---- | M] (Lavasoft ) -- C:\Dokumente und Einstellungen\Tobias Schäfers\Eigene Dateien\Ad-Aware82Installer.exe
[2010.04.18 15:42:56 | 000,001,695 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities.lnk
[2010.04.16 17:15:00 | 000,000,426 | ---- | M] () -- C:\WINDOWS\tasks\Automatische Wartung.job
[2010.04.10 21:31:51 | 006,569,984 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\Andrew Spencer - Zombie (Hardstyle Mix) Hardbass 12.mp3
[2010.04.04 20:25:52 | 000,001,804 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2010.04.04 20:22:51 | 000,001,584 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2010.04.04 20:14:00 | 004,247,090 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\They call me psycho.mp3
[2010.04.02 20:20:21 | 000,011,308 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\Ausgaben.xlsx
[2010.04.01 15:17:48 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010.04.01 15:11:26 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010.03.31 03:58:24 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010.03.29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.29 15:24:46 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.27 21:43:25 | 042,341,360 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\avira_antivir_personal10_de.exe
[2010.03.25 11:41:00 | 000,000,596 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ZeroOnline.lnk
[2010.03.25 11:30:23 | 011,531,390 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\2909.exe
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.21 21:16:41 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.21 21:14:17 | 000,363,520 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\rkill.com
[2010.04.18 23:45:18 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.04.10 21:31:35 | 006,569,984 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\Andrew Spencer - Zombie (Hardstyle Mix) Hardbass 12.mp3
[2010.04.04 20:25:52 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2010.04.04 20:22:51 | 000,001,584 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2010.04.04 20:14:00 | 004,247,090 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\They call me psycho.mp3
[2010.04.02 20:20:20 | 000,011,308 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\Ausgaben.xlsx
[2010.03.27 21:42:08 | 042,341,360 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\avira_antivir_personal10_de.exe
[2010.03.25 11:41:00 | 000,000,596 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ZeroOnline.lnk
[2010.03.25 11:30:22 | 011,531,390 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\2909.exe
[2009.11.25 14:40:50 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.10.17 21:55:56 | 000,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2009.06.17 14:06:25 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS78.DLL
[2009.04.09 12:38:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SearchRequire.dll
[2009.03.24 11:34:29 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.03.20 20:18:27 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009.03.20 20:18:27 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009.03.20 20:18:27 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009.03.20 17:36:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2009.03.20 17:36:18 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2009.03.20 17:23:21 | 000,009,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\HOTKEY.sys
[2009.03.20 17:19:00 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2009.03.02 12:33:32 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2006.08.24 18:40:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.08.24 18:40:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.08.24 18:40:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.08.24 18:40:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.08.24 18:40:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005.12.07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
< End of report >
__________________

Alt 22.04.2010, 22:01   #4
dertobsen
 
Antimalwae Doctor System Hack . Hilfe!!!!!!! - Standard

Antimalwae Doctor System Hack . Hilfe!!!!!!!



und hier ist der zweite:

OTL Extras logfile created on: 22.04.2010 22:33:54 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Dokumente und Einstellungen\xxx\Eigene Dateien
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

895,00 Mb Total Physical Memory | 447,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): c:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 20,83 Gb Free Space | 27,96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: xxx-62D2E84B
Current User Name: xxx
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis
"{10B30E18-4BA7-4F4F-A0E3-566A53BF4D7B}_is1" = ZeroOnline
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5A72E1-1467-4199-8CF6-12DA8D502A6B}" = Veoh Player
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{581CE7EA-A30D-0000-1211-088635773309}" = ZyDAS IEEE 802.11 b+g Wireless LAN - USB
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5E6EC4DD-7B1F-4E10-82B9-EA1B90791031}" = Nero 8
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.3.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}" = Nokia Software Updater
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows-Treiberpaket - Nokia Modem (11/03/2006 6.82.0.1)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"AceMoney" = AceMoney
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Boilsoft AVI to VCD SVCD DVD Converter_is1" = Boilosft AVI to VCD SVCD DVD Converter 3.81
"Canon Setup Utility 2.0" = Canon Setup Utility 2.0
"CANONBJ_Deinstall_CNMCP78.DLL" = Canon iP4200
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"ENTERPRISER" = Microsoft Office Enterprise 2007
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"GpsGate" = GpsGate
"ie8" = Windows Internet Explorer 8
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{3D5A72E1-1467-4199-8CF6-12DA8D502A6B}" = Veoh Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaInfo" = MediaInfo 0.7.29
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MPEG TO AVI_is1" = MPEG TO AVI version 3.1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PokerStars.net" = PokerStars.net
"Rasche's Skat" = Rasche's Skat
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Windows Mobile®-Gerätehandbuch
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"X10Hardware" = X10 Hardware(TM)

Alt 22.04.2010, 22:16   #5
dertobsen
 
Antimalwae Doctor System Hack . Hilfe!!!!!!! - Standard

Antimalwae Doctor System Hack . Hilfe!!!!!!!



ich kann den rest irgendwes wegen nich hochladen denn mir wird immer gesagt das der server zurückgesetzt wird wärend dessen meine nachricht hochgeladen wird


Antwort

Themen zu Antimalwae Doctor System Hack . Hilfe!!!!!!!
.dll, antimalware, backdoor.bot, browser, dateien, einstellungen, explorer, forum, hack, helper, hilfe!, hilfe!!, hilfe!!!, lösung, microsoft, problem, programm, programme, registry, rkill, rogue.antimalwaredoctor, software, spyware.zbot, stolen.data, suche, system, system32, trojan.agent, trojan.downloader, userinit, winlogon




Ähnliche Themen: Antimalwae Doctor System Hack . Hilfe!!!!!!!


  1. evtl. PC-Hack oder Online-Hack?
    Log-Analyse und Auswertung - 19.01.2014 (1)
  2. System doctor 2014 -> Google -> Spyhunter 4 -> Malebytes Anti Root kit
    Log-Analyse und Auswertung - 15.06.2013 (11)
  3. Wie entferne ich System Doctor 2014?
    Log-Analyse und Auswertung - 14.06.2013 (27)
  4. Und noch ein System Doctor 2014 Opfer
    Log-Analyse und Auswertung - 10.06.2013 (7)
  5. Wie System Doctor 2014 auf WinXp entfernen
    Plagegeister aller Art und deren Bekämpfung - 09.06.2013 (15)
  6. Windows 7 64 bit Rechner mit System Doctor 2014 infiziert
    Plagegeister aller Art und deren Bekämpfung - 05.06.2013 (18)
  7. Laptop von System Doctor 2014 befallen (Win7 / 64bit)
    Plagegeister aller Art und deren Bekämpfung - 04.06.2013 (24)
  8. System Doctor 2014 entfernen
    Anleitungen, FAQs & Links - 31.05.2013 (2)
  9. Antimalware Doctor entfernt - ist dieses System nun sauber?
    Log-Analyse und Auswertung - 28.01.2011 (11)
  10. Vermutlich friert Spyware Doctor mein System ein
    Antiviren-, Firewall- und andere Schutzprogramme - 28.11.2010 (7)
  11. Anti-Malware Doctor entfernt, unklar ob das System clean ist
    Log-Analyse und Auswertung - 30.08.2010 (22)
  12. Antimalware Doctor: Forumsanleitung zum Entfernen befolgt, System jetzt ok?
    Log-Analyse und Auswertung - 28.08.2010 (14)
  13. Antimalware Doctor - Probleme mit System trotz Entfernung durch Anti Malware
    Plagegeister aller Art und deren Bekämpfung - 24.08.2010 (9)
  14. emand sagt "Ich hack dein System"
    Log-Analyse und Auswertung - 01.03.2008 (1)
  15. System Doctor, Addups... Hilfeeeee
    Log-Analyse und Auswertung - 25.05.2007 (2)
  16. Infizierter PC ,..voller trojaner es kommen immer system doctor aufrufe usw,..
    Log-Analyse und Auswertung - 25.05.2007 (2)
  17. STEAM PW HACK or rehack hilfe
    Mülltonne - 01.04.2007 (1)

Zum Thema Antimalwae Doctor System Hack . Hilfe!!!!!!! - Hallo zusammen, mein PC wurde heute von einem Antimalware Doctor heimgesucht. Nun bin ich bei der Suche nach einer Lösung für mein Problem auf dieses Forum gestoßen. Ich habe mich - Antimalwae Doctor System Hack . Hilfe!!!!!!!...
Archiv
Du betrachtest: Antimalwae Doctor System Hack . Hilfe!!!!!!! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.