Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Skype & MSN Virus , Ich brauche Hilfe! h**p://facebook.lm-interiors.com/image_id.php

Skype & MSN Virus , Ich brauche Hilfe! h**p://facebook.lm-interiors.com/image_id.php


Plagegeister aller Art und deren Bekämpfung: Skype & MSN Virus , Ich brauche Hilfe! h**p://facebook.lm-interiors.com/image_id.php

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 28.08.2010, 18:49   #3
Surfy123
 
Skype & MSN Virus , Ich brauche Hilfe! h**p://facebook.lm-interiors.com/image_id.php - Standard

Skype & MSN Virus , Ich brauche Hilfe! h**p://facebook.lm-interiors.com/image_id.php


Danke schonmal für die schnelle hilfe...

also ich habe nun die 2 scans hochgeladen

Nun habe ich aber ein anderes problem , beim programm GMER kann ich die hacken System e.c.t nicht ankreuzen , vor dem öffnen sagt er mit aber aich ncoh eine fehler medlung : c:\Windows\system32\config\system: Das System kann die angegebene Datei nicht finden

Was NUN ?

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 28.08.2010 19:30:06 - Run 2
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Users\RabbiT\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 7,00 Gb Available Physical Memory | 82,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 352,81 Gb Free Space | 75,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: RABBIT-PC
Current User Name: RabbiT
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\RabbiT\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\RabbiT\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (npggsvc) -- C:\Windows\SysNative\GameMon.des File not found
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (e1express) Intel(R) -- C:\Windows\SysNative\drivers\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:64bit: - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\SysNative\drivers\LV302V64.SYS (Logitech Inc.)
DRV:64bit: - (irsir) -- C:\Windows\SysNative\drivers\irsir.sys (Microsoft Corporation)
DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EE 82 2A 2E 2B D0 CA 01  [binary data]
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.08.23 13:22:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.08.17 00:15:01 | 000,000,000 | ---D | M]
 
[2010.04.05 18:36:37 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\mozilla\Extensions
[2010.08.28 17:19:02 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\mozilla\Firefox\Profiles\qrb20tlc.default\extensions
[2010.08.17 00:19:07 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\RabbiT\AppData\Roaming\mozilla\Firefox\Profiles\qrb20tlc.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.07.26 21:41:15 | 000,002,252 | ---- | M] () -- C:\Users\RabbiT\AppData\Roaming\Mozilla\FireFox\Profiles\qrb20tlc.default\searchplugins\askcom.xml
[2010.07.23 20:13:44 | 000,000,873 | ---- | M] () -- C:\Users\RabbiT\AppData\Roaming\Mozilla\FireFox\Profiles\qrb20tlc.default\searchplugins\conduit.xml
[2010.07.27 17:32:25 | 000,002,059 | ---- | M] () -- C:\Users\RabbiT\AppData\Roaming\Mozilla\FireFox\Profiles\qrb20tlc.default\searchplugins\daemon-search.xml
[2010.08.28 17:19:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.08.17 00:15:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.08.17 00:14:52 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.04.09 21:53:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.04.09 21:53:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.04.09 21:53:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.09 21:53:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.04.09 21:53:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.04.20 18:07:20 | 000,000,956 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 121.128.133.27 gwgt1.joymax.com
O1 - Hosts: 121.128.133.27 gwgt2.joymax.com
O1 - Hosts: 121.128.133.27 gwgt3.joymax.com
O1 - Hosts: 121.128.133.27 gwgt4.joymax.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\RabbiT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\RabbiT\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\RabbiT\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a37ba925-3c07-11df-b9a8-001bb9c0aae2}\Shell - "" = AutoRun
O33 - MountPoints2\{a37ba925-3c07-11df-b9a8-001bb9c0aae2}\Shell\AutoRun\command - "" = I:\pushinst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.28 18:35:38 | 000,000,000 | ---D | C] -- C:\Users\RabbiT\AppData\Roaming\Malwarebytes
[2010.08.28 18:35:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.08.28 18:35:21 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.08.28 18:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.08.28 18:35:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.28 13:26:59 | 000,000,000 | ---D | C] -- C:\Users\RabbiT\AppData\Roaming\TeamViewer
[2010.08.28 13:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2010.08.26 18:55:01 | 000,000,000 | ---D | C] -- C:\Users\RabbiT\Documents\StarCraft II
[2010.08.26 18:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2010.08.26 18:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.08.26 18:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.08.24 19:05:48 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010.08.20 13:30:36 | 000,000,000 | ---D | C] -- C:\Users\RabbiT\Documents\Meine empfangenen Dateien
[2010.08.17 00:16:25 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.08.17 00:15:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.08.17 00:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.08.17 00:15:01 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.08.17 00:15:01 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.08.17 00:15:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.08.17 00:15:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.08.17 00:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.08.16 22:17:08 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMCT232.OCX
[2010.08.16 22:17:04 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioInfos.dll
[2010.08.16 22:17:04 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioVisu.dll
[2010.08.16 22:17:04 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudPlayer.dll
[2010.08.16 22:17:04 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioRecord.dll
[2010.08.16 22:17:04 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\WMAFile.dll
[2010.08.16 22:17:03 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDesign.dll
[2010.08.16 22:17:03 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudFile.dll
[2010.08.16 22:17:03 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
[2010.08.16 22:17:03 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDisplay.dll
[2010.08.16 22:17:03 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TABCTL32.OCX
[2010.08.16 22:17:03 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6FR.DLL
[2010.08.16 22:17:03 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinet.OCX
[2010.08.16 22:17:03 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL
[2010.08.16 22:17:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TABCTFR.DLL
[2010.08.16 22:17:03 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetfr.DLL
[2010.08.16 22:17:02 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71.dll
[2010.08.16 22:17:02 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2010.08.16 22:17:02 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2010.08.16 22:17:02 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCFR.DLL
[2010.08.16 22:17:02 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mscc2fr.dll
[2010.08.16 22:17:02 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CMDLGFR.DLL
[2010.08.16 22:17:01 | 000,000,000 | ---D | C] -- C:\Users\RabbiT\AppData\Roaming\FreeAudioPack
[2010.08.16 22:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Audio Pack
[2010.08.14 02:52:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010.08.14 02:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010.08.14 02:51:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010.08.14 02:51:23 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.08.14 02:48:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010.08.11 21:10:13 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.08.11 21:10:13 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.08.11 21:10:13 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.08.11 21:10:08 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.08.11 21:10:08 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.08.11 21:10:08 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.08.11 21:10:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.08.11 21:10:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.08.11 21:10:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.08.11 21:09:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.08.11 21:09:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.08.11 21:09:57 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.08.11 02:18:20 | 000,000,000 | ---D | C] -- C:\Users\RabbiT\AppData\Roaming\DeepBurner
[2010.08.11 02:17:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Astonsoft
[2010.08.10 19:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2010.08.02 08:24:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.08.02 08:24:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010.08.02 08:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.08.02 08:23:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.07.30 02:34:32 | 000,000,000 | ---D | C] -- C:\Users\RabbiT\Desktop\FT52 ( www.BreakZ.us )
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.28 19:30:52 | 001,835,008 | -HS- | M] () -- C:\Users\RabbiT\ntuser.dat
[2010.08.28 19:17:56 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.28 19:17:56 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.28 19:12:35 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.28 19:12:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.28 19:12:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.28 19:12:22 | 2146,881,535 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.28 19:11:38 | 001,756,352 | -H-- | M] () -- C:\Users\RabbiT\AppData\Local\IconCache.db
[2010.08.28 18:42:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.28 18:35:25 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.26 19:18:01 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010.08.24 05:46:52 | 006,758,528 | ---- | M] () -- C:\Users\RabbiT\Desktop\Zappeln.mp3
[2010.08.22 22:00:00 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2010.08.19 07:10:45 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.08.19 07:10:45 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.08.17 00:14:52 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.08.17 00:14:52 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.08.17 00:14:52 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.08.17 00:14:52 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.08.16 22:15:31 | 000,000,034 | ---- | M] () -- C:\Windows\cdplayer.ini
[2010.08.15 02:45:56 | 004,692,096 | ---- | M] () -- C:\Users\RabbiT\Desktop\A Day to Remember - 'The Downfall of Us All' Victory Records.mp3
[2010.08.12 03:31:02 | 000,303,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.10 20:33:58 | 001,486,084 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.10 20:33:58 | 000,648,466 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.08.10 20:33:58 | 000,611,134 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.10 20:33:58 | 000,128,724 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.08.10 20:33:58 | 000,105,314 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.08.10 09:35:00 | 000,042,810 | ---- | M] () -- C:\Windows\SysWow64\items.dat
[2010.08.08 02:24:17 | 000,018,970 | ---- | M] () -- C:\Users\RabbiT\cropped-2657376914_7343550801.jpg
[2010.08.03 16:29:27 | 000,076,126 | ---- | M] () -- C:\Users\RabbiT\4-im-Gruender-4993.jpg
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.28 18:35:25 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.26 18:55:01 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010.08.24 05:46:13 | 006,758,528 | ---- | C] () -- C:\Users\RabbiT\Desktop\Zappeln.mp3
[2010.08.21 22:37:05 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.21 22:37:04 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.16 22:17:02 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2010.08.16 22:15:31 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.08.15 02:45:34 | 004,692,096 | ---- | C] () -- C:\Users\RabbiT\Desktop\A Day to Remember - 'The Downfall of Us All' Victory Records.mp3
[2010.08.08 02:24:17 | 000,018,970 | ---- | C] () -- C:\Users\RabbiT\cropped-2657376914_7343550801.jpg
[2010.08.03 16:29:27 | 000,076,126 | ---- | C] () -- C:\Users\RabbiT\4-im-Gruender-4993.jpg
[2010.07.27 15:15:48 | 000,007,605 | ---- | C] () -- C:\Users\RabbiT\AppData\Local\Resmon.ResmonCfg
[2010.07.09 21:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== LOP Check ==========
 
[2010.06.24 23:27:28 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\Audio Recorder for Free
[2010.07.25 14:30:38 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\Canneverbe Limited
[2010.07.28 11:27:53 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\DAEMON Tools Lite
[2010.08.11 02:22:52 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\DeepBurner
[2010.07.25 15:22:32 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\DeepBurner Pro
[2010.07.23 20:13:23 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.05.26 16:34:16 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\EVEMon
[2010.08.16 22:17:08 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\FreeAudioPack
[2010.06.20 01:19:43 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\gtk-2.0
[2010.08.28 19:13:14 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\ICQ
[2010.04.17 01:57:48 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\IObit
[2010.06.24 19:40:23 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\OpenOffice.org
[2010.08.28 13:40:57 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\TeamViewer
[2010.03.31 14:48:31 | 000,000,000 | ---D | M] -- C:\Users\RabbiT\AppData\Roaming\TS3Client
[2010.07.27 03:52:04 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.08.22 22:00:00 | 000,000,410 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---
[/Code]

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 28.08.2010 19:30:06 - Run 2
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Users\RabbiT\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 7,00 Gb Available Physical Memory | 82,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 352,81 Gb Free Space | 75,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: RABBIT-PC
Current User Name: RabbiT
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8F04AE70-9C11-11DF-8F84-005056C00008}" = Google Earth Plug-in
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E6607F5B-50E7-4B54-81B7-F0600E3C8CF4}" = Belkin F5D8053 N Wireless USB Adapter
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F9831B39-277F-4F53-BFB0-12DC90C4CB40}" = Requiem
"{FD0955C7-C64C-45DC-A991-FDC4E50C4E09}" = Multimedia Card Reader
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audio Recorder for FREE_is1" = Audio Recorder for FREE 2010 v12.7.1
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"Dragonica(DE)" = Dragonica(DE)
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EVE" = EVE Online (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Guitar Pro 5_is1" = Guitar Pro 5.2
"InstallShield_{E6607F5B-50E7-4B54-81B7-F0600E3C8CF4}" = Belkin F5D8053 N Wireless USB Adapter
"InstallShield_{FD0955C7-C64C-45DC-A991-FDC4E50C4E09}" = Multimedia Card Reader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 240" = Counter-Strike: Source
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"UltraISO_is1" = UltraISO Premium V9.36
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xfire" = Xfire (remove only)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 21.08.2010 02:32:20 | Computer Name = RabbiT-PC | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 21.08.2010 20:23:31 | Computer Name = RabbiT-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: sro_client.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4c511ca3  Name des fehlerhaften Moduls: sro_client.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4c511ca3  Ausnahmecode: 0xc000000d  Fehleroffset: 0x006ff0d3  ID des fehlerhaften
 Prozesses: 0xcb4  Startzeit der fehlerhaften Anwendung: 0x01cb418e5e34e905  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Silkroad\sro_client.exe  Pfad des 
fehlerhaften Moduls: C:\Program Files (x86)\Silkroad\sro_client.exe  Berichtskennung:
 7d9a2c93-ad83-11df-a11c-001bb9c0aae2
 
Error - 21.08.2010 20:31:15 | Computer Name = RabbiT-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: sro_client.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4c511ca3  Name des fehlerhaften Moduls: sro_client.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4c511ca3  Ausnahmecode: 0xc000000d  Fehleroffset: 0x006ff0d3  ID des fehlerhaften
 Prozesses: 0x345c  Startzeit der fehlerhaften Anwendung: 0x01cb4190716a2449  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Silkroad\sro_client.exe  Pfad des 
fehlerhaften Moduls: C:\Program Files (x86)\Silkroad\sro_client.exe  Berichtskennung:
 91f022a8-ad84-11df-a11c-001bb9c0aae2
 
Error - 21.08.2010 21:20:52 | Computer Name = RabbiT-PC | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 21.08.2010 22:00:44 | Computer Name = RabbiT-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: sro_client.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4c511ca3  Name des fehlerhaften Moduls: sro_client.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4c511ca3  Ausnahmecode: 0xc000000d  Fehleroffset: 0x006ff0d3  ID des fehlerhaften
 Prozesses: 0x3a7c  Startzeit der fehlerhaften Anwendung: 0x01cb419184c059df  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Silkroad\sro_client.exe  Pfad des 
fehlerhaften Moduls: C:\Program Files (x86)\Silkroad\sro_client.exe  Berichtskennung:
 12b03f4e-ad91-11df-a11c-001bb9c0aae2
 
Error - 22.08.2010 12:51:12 | Computer Name = RabbiT-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 22.08.2010 15:37:55 | Computer Name = RabbiT-PC | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 22.08.2010 16:31:40 | Computer Name = RabbiT-PC | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 22.08.2010 20:18:05 | Computer Name = RabbiT-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: sro_client.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4c511ca3  Name des fehlerhaften Moduls: sro_client.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4c511ca3  Ausnahmecode: 0xc000000d  Fehleroffset: 0x006ff0d3  ID des fehlerhaften
 Prozesses: 0xc28  Startzeit der fehlerhaften Anwendung: 0x01cb421ae891a767  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Silkroad\sro_client.exe  Pfad des 
fehlerhaften Moduls: C:\Program Files (x86)\Silkroad\sro_client.exe  Berichtskennung:
 e5da15fe-ae4b-11df-aea5-001bb9c0aae2
 
Error - 23.08.2010 09:21:27 | Computer Name = RabbiT-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: sro_client.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4c511ca3  Name des fehlerhaften Moduls: sro_client.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4c511ca3  Ausnahmecode: 0xc000000d  Fehleroffset: 0x006ff0d3  ID des fehlerhaften
 Prozesses: 0x2138  Startzeit der fehlerhaften Anwendung: 0x01cb42b5884988c9  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Silkroad\sro_client.exe  Pfad des 
fehlerhaften Moduls: C:\Program Files (x86)\Silkroad\sro_client.exe  Berichtskennung:
 550e6663-aeb9-11df-aea5-001bb9c0aae2
 
[ System Events ]
Error - 16.08.2010 23:52:21 | Computer Name = RabbiT-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Stereoscopic 3D Driver Service" hat einen ungültigen
 aktuellen Status gemeldet: 0
 
Error - 19.08.2010 01:01:53 | Computer Name = RabbiT-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 19.08.2010 01:11:22 | Computer Name = RabbiT-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 22.08.2010 01:24:43 | Computer Name = RabbiT-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\gPotato.eu\Dragonica\Release\GameGuard\dump_wmimmc.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 22.08.2010 01:24:44 | Computer Name = RabbiT-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 22.08.2010 12:41:36 | Computer Name = RabbiT-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Stereoscopic 3D Driver Service" hat einen ungültigen
 aktuellen Status gemeldet: 0
 
Error - 23.08.2010 11:01:21 | Computer Name = RabbiT-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?23.?08.?2010 um 16:59:41 unerwartet heruntergefahren.
 
Error - 24.08.2010 05:13:57 | Computer Name = RabbiT-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Stereoscopic 3D Driver Service" hat einen ungültigen
 aktuellen Status gemeldet: 0
 
Error - 24.08.2010 22:27:32 | Computer Name = RabbiT-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Stereoscopic 3D Driver Service" hat einen ungültigen
 aktuellen Status gemeldet: 0
 
Error - 27.08.2010 04:29:59 | Computer Name = RabbiT-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Stereoscopic 3D Driver Service" hat einen ungültigen
 aktuellen Status gemeldet: 0
 
 
< End of report >
--- --- ---

[/Code]
__________________
 

Themen zu Skype & MSN Virus , Ich brauche Hilfe! h**p://facebook.lm-interiors.com/image_id.php
anti-malware, dateien, explorer, festgestellt, gen, hilfe!, install, java, jusched.exe, links, mbam, microsoft, msn, msn virus, scan, script, server, services, software, spam, spamm, system, trojan.agent, virus, voll, öffnen


« Soft Antivirus Virus / Hardware schädigung möglich ? | Trojaner TR/Dropper.Gen - Quarantäne ausreichend? »


Ähnliche Themen: Skype & MSN Virus , Ich brauche Hilfe! h**p://facebook.lm-interiors.com/image_id.php


  1. Skype Virus "Your skype does not support extended icons"
    Log-Analyse und Auswertung - 10.10.2014 (15)
  2. TR/Crypt.ZPACK.Gen2 Virus in Program Files (x86)/Skype/Phone/Skype.exe
    Plagegeister aller Art und deren Bekämpfung - 10.03.2013 (1)
  3. Skype Virus bitte um hilfe!
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (6)
  4. Brauche Hilfe bei BKA Virus
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (4)
  5. svchost.exe Virus über Facebook. Bitte Hilfe
    Plagegeister aller Art und deren Bekämpfung - 26.07.2011 (1)
  6. Virus gefunden - Alureon.H Virus - brauche Hilfe
    Plagegeister aller Art und deren Bekämpfung - 10.02.2011 (1)
  7. Facebook-Pic Trojaner Virus. Brauche dringend Hilfe!!
    Plagegeister aller Art und deren Bekämpfung - 07.02.2011 (8)
  8. Zuerst Facebook-Virus-Neu aufgesetzt,cpu Auslastung 100%,bei Facebook-Games extrem lahm!
    Log-Analyse und Auswertung - 03.02.2011 (11)
  9. Skype-Facebook-Bild-Virus
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (1)
  10. Skype - Facebook Virus
    Plagegeister aller Art und deren Bekämpfung - 16.10.2010 (25)
  11. Skype Virus per Facebook Adresse
    Plagegeister aller Art und deren Bekämpfung - 24.09.2010 (29)
  12. nochmal skype/facebook trojaner :( pc fast tot..
    Plagegeister aller Art und deren Bekämpfung - 12.09.2010 (21)
  13. Facebook Virus über skype bekommen
    Log-Analyse und Auswertung - 07.09.2010 (0)
  14. Skype - Facebook Virus foto :P h**p://facebook.twitterbizzer.com/member_profile.php
    Plagegeister aller Art und deren Bekämpfung - 27.08.2010 (6)
  15. Virus der sich über skype verschickt! h**p://facebook.twitterbizzer.com/photo_id.php
    Log-Analyse und Auswertung - 26.08.2010 (17)
  16. CiD-Virus,brauche hilfe
    Mülltonne - 19.06.2008 (0)
  17. brauche hilfe virus o.ä.
    Log-Analyse und Auswertung - 02.08.2006 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Skype & MSN Virus , Ich brauche Hilfe! h**p://facebook.lm-interiors.com/image_id.php - Danke schonmal für die schnelle hilfe... also ich habe nun die 2 scans hochgeladen Nun habe ich aber ein anderes problem , beim programm GMER kann ich die hacken System - Skype & MSN Virus , Ich brauche Hilfe! h**p://facebook.lm-interiors.com/image_id.php...
Archiv
Du betrachtest: Skype & MSN Virus , Ich brauche Hilfe! h**p://facebook.lm-interiors.com/image_id.php auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131