Hilfe! Zwei Viren gleichzeitig?

p2-girl · 01.09.2010, 14:38

Hallo.

Ich weiß das sich wohl viele hier mit meinem Problem melden, aber ich weiß wirklich nciht mehr weiter.

Vor ein paar Tagen hab ich, doof wie ich bin, auf einen Link bei msn geklickt, den ich von einer Freundin erhalten habe.

Foto hxxp://facebook-lmgpic.com/photo_id.php?=jpl13@hotmail.de

Ich hab mir gedacht, der geht vllt bald weg, warte ich erstmal ab. Naja 5 Tage später oder so, hatte ich dann plötzlich einen ähnlichen Link weitergeschickt, obwohl ich bei SKype auf gar keinen raufgeklickt habe.

hxxp://facebook-lmgpic.com/photo_id.php

Hat sich der Virus von msn auf skype übertragen?

Und wie bekomme ich den bitte weg?

Danke für die Hilfe jetz schon..

Hier mein OTL Test

Hier noch schnell das ander Textdokument was da war.OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 01.09.2010 15:13:51 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Kadda\Downloads
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424,66 Gb Total Space | 357,79 Gb Free Space | 84,25% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 20,29 Gb Free Space | 50,73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: KADDA-PC
Current User Name: Kadda
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.09.01 15:13:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kadda\Downloads\OTL.exe
PRC - [2010.08.24 14:47:47 | 000,126,976 | RHS- | M] (GX) -- C:\Users\Public\jusched.exe
PRC - [2010.08.22 19:39:46 | 001,439,120 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
PRC - [2010.08.22 13:02:26 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Programme\ICQ7.2\ICQ.exe
PRC - [2010.08.18 03:58:17 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Users\Kadda\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010.07.29 21:39:20 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.07.29 21:39:20 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.05.06 09:10:22 | 000,361,120 | ---- | M] (Kaspersky Lab) -- C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe
PRC - [2010.03.28 16:47:30 | 000,246,520 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.03.02 15:18:50 | 008,522,272 | ---- | M] (Realtek Semiconductor) -- C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2010.03.02 15:18:50 | 000,678,432 | ---- | M] (Realtek Semiconductor) -- C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2010.02.25 14:34:49 | 002,271,232 | ---- | M] (mquadr.at software engineering und consulting GmbH) -- C:\Programme\WEB.DE\LiveUpdate\m2LUTray.exe
PRC - [2010.02.24 18:12:30 | 000,242,560 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010.01.13 11:18:30 | 000,413,696 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WButton.exe
PRC - [2009.12.14 12:25:00 | 000,200,704 | ---- | M] (Wistron) -- C:\Programme\Launch Manager\HotkeyApp.exe
PRC - [2009.12.11 16:18:16 | 000,348,960 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\OSD.exe
PRC - [2009.12.10 09:48:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.12.10 09:48:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.11.07 04:46:52 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe
PRC - [2009.11.02 15:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.10.22 18:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WisLMSvc.exe
PRC - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.02.03 15:53:00 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.09.01 15:13:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kadda\Downloads\OTL.exe
MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010.08.22 19:39:46 | 001,439,120 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ieconfig_1und1_svc.exe -- (serviceIEConfig)
SRV - [2010.08.09 05:26:26 | 001,472,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.07.31 17:22:34 | 000,049,504 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.07.29 21:39:20 | 001,710,464 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.05.06 09:10:22 | 000,361,120 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe -- (AVP)
SRV - [2010.03.28 16:47:30 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.24 18:12:30 | 000,242,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.12.10 09:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.12.10 09:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.11.07 04:46:52 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
SRV - [2009.10.22 18:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV)
SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009.02.03 15:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2010.08.25 14:29:38 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010.08.09 05:26:24 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010.03.02 15:07:56 | 003,031,008 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.03.01 16:58:26 | 006,286,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2010.02.10 16:01:10 | 000,132,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010.01.19 18:55:06 | 000,996,896 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.01.08 04:50:08 | 000,232,448 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV - [2009.12.22 19:18:58 | 000,065,576 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009.12.11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.12.11 05:25:12 | 000,231,600 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2009.10.14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)
DRV - [2009.10.02 19:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.10.02 13:40:50 | 000,432,664 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2009.09.18 05:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2009.09.14 14:46:36 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009.09.01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2009.08.13 17:39:40 | 000,786,400 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mod7700.sys -- (mod7700)
DRV - [2009.07.31 03:45:22 | 000,171,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 01:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.05.13 13:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = WEB.DE - E-Mail - Suche - DSL - De-Mail - Shopping - Entertainment
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = fullarticles.net - Home
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.08.05 12:56:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\Firefox [2010.08.26 13:07:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\THBExt [2010.08.25 14:30:32 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (WEB.DE Browser Configuration) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\System32\ieconfig_1und1.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKLM..\Run: [WEB.DE Update] C:\Programme\WEB.DE\LiveUpdate\m2LUTray.exe (mquadr.at software engineering und consulting GmbH)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Java developer Script Browse] C:\Users\Public\jusched.exe (GX)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Kadda\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.01 14:35:04 | 000,000,000 | ---D | C] -- C:\Programme\AxBx
[2010.08.28 11:44:05 | 000,039,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010.08.26 13:20:53 | 000,000,000 | ---D | C] -- C:\Windows\de
[2010.08.26 13:07:41 | 000,000,000 | ---D | C] -- C:\Programme\MSN Toolbar
[2010.08.26 13:07:35 | 000,000,000 | ---D | C] -- C:\Programme\Bing Bar Installer
[2010.08.26 13:07:11 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.08.26 13:07:11 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.08.26 13:07:11 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.08.26 13:06:07 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010.08.26 13:06:07 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2010.08.26 13:06:07 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2010.08.26 13:05:02 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Local\Windows Live
[2010.08.25 14:29:51 | 000,000,000 | ---D | C] -- C:\Programme\Kaspersky Lab
[2010.08.25 14:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.08.25 14:29:38 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.08.22 19:39:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9B7A2D35-FBC5-45CA-96D7-5BD50D7075A4}
[2010.08.22 19:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\IEConfiguration1und1
[2010.08.22 19:38:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\{1CAD5672-4524-4B57-9E7F-6A36F9CA770A}
[2010.08.22 19:37:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C8C85F7C-4429-4C76-9B3A-5624D2EF7FE4}
[2010.08.22 19:37:50 | 000,000,000 | ---D | C] -- C:\Programme\WEB.DE
[2010.08.22 19:35:27 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Local\PackageAware
[2010.08.18 16:40:44 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.08.18 16:40:43 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.08.18 16:32:49 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.08.13 11:05:27 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.08.13 11:05:27 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.08.13 11:05:21 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.08.13 11:04:52 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.13 11:04:50 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.13 11:04:33 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.08.13 11:04:33 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.13 11:04:33 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.13 11:04:32 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.13 11:04:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.08.13 11:04:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.08.13 11:04:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.13 11:04:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.08.13 11:04:13 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.12 19:03:50 | 000,000,000 | ---D | C] -- C:\Users\Kadda\Documents\MeinSpore-Kreationen
[2010.08.12 19:03:34 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Roaming\SPORE
[2010.08.12 19:03:28 | 000,000,000 | RH-D | C] -- C:\Users\Kadda\AppData\Roaming\SecuROM
[2010.08.12 19:02:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.08.12 19:01:12 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Local\Downloaded Installations
[2010.08.12 18:40:44 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts
[2010.08.12 15:47:27 | 000,000,000 | ---D | C] -- C:\Users\Kadda\Documents\CyberLink
[2010.08.10 19:44:38 | 000,049,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sirenacm.dll
[2010.08.10 19:39:02 | 000,297,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2010.08.08 12:02:05 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Roaming\ClubCooee
[2010.08.08 11:59:45 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Local\ClubCooee
[2010.08.02 21:06:44 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoftTB
[2010.08.02 21:06:10 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2010.08.02 19:59:56 | 000,000,000 | ---D | C] -- C:\Users\Kadda\Desktop\Nikolai-PSP
[2010.03.12 13:07:10 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.01 15:14:51 | 002,097,152 | -HS- | M] () -- C:\Users\Kadda\ntuser.dat
[2010.09.01 14:51:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1228741680-2603910774-2010281963-1000UA.job
[2010.09.01 14:35:06 | 000,001,070 | ---- | M] () -- C:\Users\Kadda\Desktop\Clean Virus MSN.lnk
[2010.09.01 13:50:44 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.01 13:50:44 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.01 13:42:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.01 13:42:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.01 13:42:40 | 2760,847,360 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.31 18:57:38 | 003,540,770 | -H-- | M] () -- C:\Users\Kadda\AppData\Local\IconCache.db
[2010.08.31 15:00:00 | 003,703,162 | ---- | M] () -- C:\Users\Kadda\Desktop\CreepaBeats__-_Traenen_www.rappers.in.mp3
[2010.08.31 14:34:01 | 001,486,084 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.31 14:34:01 | 000,648,704 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.31 14:34:01 | 000,611,332 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.31 14:34:01 | 000,128,930 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.31 14:34:01 | 000,105,512 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.29 11:51:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1228741680-2603910774-2010281963-1000Core.job
[2010.08.26 17:12:22 | 000,009,216 | ---- | M] () -- C:\Users\Kadda\Documents\Liebessprüche.wps
[2010.08.26 17:12:22 | 000,000,402 | ---- | M] () -- C:\Users\Kadda\AppData\Roaming\wklnhst.dat
[2010.08.25 15:11:53 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.08.25 15:11:35 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.08.25 14:45:50 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010.08.25 14:45:50 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010.08.25 14:29:38 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.08.24 13:01:23 | 000,002,367 | ---- | M] () -- C:\Users\Kadda\Desktop\Google Chrome.lnk
[2010.08.22 19:39:46 | 001,439,120 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2010.08.22 19:39:46 | 001,140,104 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1.dll
[2010.08.18 16:23:45 | 000,001,205 | ---- | M] () -- C:\Users\Kadda\Desktop\DVDVideoSoft Free Studio.lnk
[2010.08.16 22:04:55 | 000,020,089 | ---- | M] () -- C:\Users\Kadda\AppData\Roaming\UserTile.png
[2010.08.13 16:14:21 | 000,383,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.13 14:21:54 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010.08.12 19:03:16 | 000,000,646 | ---- | M] () -- C:\Users\Kadda\Desktop\SPORE™ - Verknüpfung.lnk
[2010.08.12 19:01:38 | 000,001,220 | ---- | M] () -- C:\Windows\System32\ealregsnapshot1.reg
[2010.08.10 19:44:38 | 000,049,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sirenacm.dll
[2010.08.10 19:39:02 | 000,297,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2010.08.09 05:26:24 | 000,039,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010.08.08 11:59:49 | 000,002,032 | ---- | M] () -- C:\Users\Kadda\Desktop\Club Cooee.lnk
[2010.08.03 18:34:03 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.09.01 14:35:06 | 000,001,070 | ---- | C] () -- C:\Users\Kadda\Desktop\Clean Virus MSN.lnk
[2010.08.31 14:58:58 | 003,703,162 | ---- | C] () -- C:\Users\Kadda\Desktop\CreepaBeats__-_Traenen_www.rappers.in.mp3
[2010.08.26 17:12:21 | 000,009,216 | ---- | C] () -- C:\Users\Kadda\Documents\Liebessprüche.wps
[2010.08.25 14:30:46 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010.08.25 14:30:46 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010.08.22 19:39:46 | 001,439,120 | ---- | C] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2010.08.22 19:39:46 | 001,140,104 | ---- | C] () -- C:\Windows\System32\ieconfig_1und1.dll
[2010.08.18 16:41:53 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.08.16 22:04:55 | 000,020,089 | ---- | C] () -- C:\Users\Kadda\AppData\Roaming\UserTile.png
[2010.08.13 14:21:54 | 000,001,139 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010.08.12 19:03:16 | 000,000,646 | ---- | C] () -- C:\Users\Kadda\Desktop\SPORE™ - Verknüpfung.lnk
[2010.08.12 19:01:38 | 000,001,220 | ---- | C] () -- C:\Windows\System32\ealregsnapshot1.reg
[2010.08.08 11:59:49 | 000,002,032 | ---- | C] () -- C:\Users\Kadda\Desktop\Club Cooee.lnk
[2010.08.02 21:06:33 | 000,001,205 | ---- | C] () -- C:\Users\Kadda\Desktop\DVDVideoSoft Free Studio.lnk
[2010.07.05 20:33:03 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.06.13 18:03:24 | 000,000,402 | ---- | C] () -- C:\Users\Kadda\AppData\Roaming\wklnhst.dat
[2010.05.28 21:58:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.13 06:58:11 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010.03.12 13:07:12 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010.03.12 13:07:12 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010.03.03 12:55:22 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.08.03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
< End of report >

--- --- ---

Swisstreasure · 01.09.2010, 15:09

Schritt 1

Java aktualisieren

Deine Javaversion ist nicht aktuell. Da einige Schädlinge (z. B. Vundo) über Java-Exploits in das System eindringen, deinstalliere zunächst alle vorhandenen Java-Versionen über Systemsteuerung => Software => deinstallieren. Starte den Rechner neu.

Downloade nun die Offline-Version von Java Version 6 Update 21 von Oracle und installiere sie. Achte darauf, eventuell angebotene Toolbars nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar entfernen.

Schritt 2

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
PRC - [2010.08.24 14:47:47 | 000,126,976 | RHS- | M] (GX) -- C:\Users\Public\jusched.exe
O4 - HKCU..\Run: [Java developer Script Browse] C:\Users\Public\jusched.exe (GX)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

Schritt 3

Mache einen Fullscan mit Malwarebytes Anti-Malware.

p2-girl · 02.09.2010, 13:04

Code:

ATTFilter

All processes killed
========== OTL ==========
No active process named jusched.exe was found!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Java developer Script Browse deleted successfully.
C:\Users\Public\jusched.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Kadda
->Temp folder emptied: 169886139 bytes
->Temporary Internet Files folder emptied: 176322208 bytes
->Java cache emptied: 905485 bytes
->Google Chrome cache emptied: 548076688 bytes
->Flash cache emptied: 124188 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8045679 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 862,00 mb
 
 
OTL by OldTimer - Version 3.2.11.0 log created on 09022010_135557

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

p2-girl · 02.09.2010, 13:04

so gehts noch weiter oder schon fertig?

Swisstreasure · 02.09.2010, 14:58

Wo bleibt denn Schrit 3 ?

p2-girl · 02.09.2010, 15:06

der is hier:

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4521

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

02.09.2010 15:17:09
mbam-log-2010-09-02 (15-17-09).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 251996
Laufzeit: 1 Stunde(n), 10 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Swisstreasure · 02.09.2010, 21:37

Schritt 1

Was jetzt nötig ist, sind Online-Scans, da wir immer nur einen kleinen Teil des Rechners prüfen können. Mit Online-Scans kann man den kompletten Rechner auf Schädlinge prüfen lassen. Nimm am besten gleich den Internet Explorer.

Vorbereitung

Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
Bitte während der Online-Scans deaktivieren:
Anti-Virus-Programm und Firewall.
Internet Explorer starten => im Menü unter Extras => Internetoption => Datenschutz => den Haken bei "Popupblocker einschalten" entfernen und
unter dem Reiter "Sicherheit" => die Sicherheitsstufe ggfs. auf "Mittelhoch" herabsetzen.
Nicht vergessen, sie hinterher wieder einzuschalten bzw. die Internetoptionen wie zuvor einzustellen..
Während der Online-Scans auf andere Online-Aktivitäten verzichten.
Du musst das Herunterladen und Installieren von ActiveX-Steuerelementen (Controls) zulassen.
.

ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.

Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten.
Dein Anti-Virus-Programm während des Scans deaktivieren.
Button drücken.
- Firefox-User: Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
- IE-User: müssen das Installieren eines ActiveX Elements erlauben.
Setze den einen Hacken bei Yes, i accept the Terms of Use.
Drücke den Button.
Warte bis die Komponenten herunter geladen wurden.
Setze einen Haken bei "Remove found threads" und "Scan archives".
drücken.
Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.

Wenn der Scan beendet wurde

Klicke Finish.
Browser schließen.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen.
Logfile hier posten.

Schritt 2

Erneuter Systemscan mit OTL

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in Code-Tags hier in den Thread.

p2-girl · 03.09.2010, 14:49

Hier schritt 1....ist das das richtige?

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=0776b8d21da8f147aa36e237747ba8d1
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-09-03 01:44:46
# local_time=2010-09-03 03:44:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1280 16777215 100 0 777477 777477 0 0
# compatibility_mode=5893 16776573 100 94 1517 35955611 0 0
# compatibility_mode=8192 67108863 100 0 236 236 0 0
# scanned=178122
# found=2
# cleaned=2
# scan_time=4618
C:\Users\Kadda\Downloads\Picture-0002927.JPG[1]www.facebook.scr IRC/SdBot trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\09022010_135557\C_Users\Public\jusched.exe IRC/SdBot trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

hier der zweite schritt:

der erste teilOTL Logfile:

Code:

ATTFilter

OTL logfile created on: 03.09.2010 15:57:52 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Kadda\Downloads
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424,66 Gb Total Space | 358,93 Gb Free Space | 84,52% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 20,29 Gb Free Space | 50,73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 76,69 Gb Total Space | 4,47 Gb Free Space | 5,82% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: KADDA-PC
Current User Name: Kadda
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Kadda\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\ieconfig_1und1_svc.exe ()
PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Users\Kadda\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\MSN Toolbar\Platform\6.0.2156.0\mswinext.exe (Microsoft Corp.)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
PRC - C:\Programme\WEB.DE\LiveUpdate\m2LUTray.exe (mquadr.at software engineering und consulting GmbH)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Launch Manager\WButton.exe (Wistron Corp.)
PRC - C:\Programme\Launch Manager\HotkeyApp.exe (Wistron)
PRC - C:\Programme\Launch Manager\OSD.exe (Wistron Corp.)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Launch Manager\WisLMSvc.exe (Wistron Corp.)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Kadda\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (serviceIEConfig) -- C:\Windows\System32\ieconfig_1und1_svc.exe ()
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
SRV - (WisLMSvc) -- C:\Program Files\Launch Manager\WisLMSvc.exe (Wistron Corp.)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation)
DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV - (IntcDAud) Intel(R) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (klbg) -- C:\Windows\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (HECI) Intel(R) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (mod7700) -- C:\Windows\System32\drivers\mod7700.sys (DiBcom SA)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = WEB.DE - E-Mail - Suche - DSL - De-Mail - Shopping - Entertainment
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = fullarticles.net - Home
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.08.05 12:56:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\Firefox [2010.08.26 13:07:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\THBExt [2010.08.25 14:30:32 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (WEB.DE Browser Configuration) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\System32\ieconfig_1und1.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKLM..\Run: [WEB.DE Update] C:\Programme\WEB.DE\LiveUpdate\m2LUTray.exe (mquadr.at software engineering und consulting GmbH)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Kadda\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\LIVESSP.DLL (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.03 14:23:52 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2010.09.01 16:20:23 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2010.09.01 16:19:56 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.09.01 16:19:56 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.09.01 16:19:56 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.09.01 16:19:56 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.09.01 15:55:30 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Roaming\Malwarebytes
[2010.09.01 15:55:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.09.01 15:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.01 15:55:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.09.01 15:55:22 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.09.01 14:35:04 | 000,000,000 | ---D | C] -- C:\Programme\AxBx
[2010.08.28 11:44:05 | 000,039,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010.08.26 13:20:53 | 000,000,000 | ---D | C] -- C:\Windows\de
[2010.08.26 13:07:41 | 000,000,000 | ---D | C] -- C:\Programme\MSN Toolbar
[2010.08.26 13:07:35 | 000,000,000 | ---D | C] -- C:\Programme\Bing Bar Installer
[2010.08.26 13:07:11 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.08.26 13:07:11 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.08.26 13:07:11 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.08.26 13:06:07 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010.08.26 13:06:07 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2010.08.26 13:06:07 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2010.08.26 13:05:02 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Local\Windows Live
[2010.08.25 14:29:51 | 000,000,000 | ---D | C] -- C:\Programme\Kaspersky Lab
[2010.08.25 14:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.08.25 14:29:38 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.08.22 19:39:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9B7A2D35-FBC5-45CA-96D7-5BD50D7075A4}
[2010.08.22 19:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\IEConfiguration1und1
[2010.08.22 19:38:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\{1CAD5672-4524-4B57-9E7F-6A36F9CA770A}
[2010.08.22 19:37:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C8C85F7C-4429-4C76-9B3A-5624D2EF7FE4}
[2010.08.22 19:37:50 | 000,000,000 | ---D | C] -- C:\Programme\WEB.DE
[2010.08.22 19:35:27 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Local\PackageAware
[2010.08.18 16:40:44 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.08.18 16:40:43 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.08.18 16:32:49 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.08.13 11:05:27 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.08.13 11:05:27 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.08.13 11:05:21 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.08.13 11:04:52 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.13 11:04:50 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.13 11:04:33 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.08.13 11:04:33 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.13 11:04:33 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.13 11:04:32 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.13 11:04:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.08.13 11:04:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.08.13 11:04:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.13 11:04:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.08.13 11:04:13 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.12 19:03:50 | 000,000,000 | ---D | C] -- C:\Users\Kadda\Documents\MeinSpore-Kreationen
[2010.08.12 19:03:34 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Roaming\SPORE
[2010.08.12 19:03:28 | 000,000,000 | RH-D | C] -- C:\Users\Kadda\AppData\Roaming\SecuROM
[2010.08.12 19:02:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.08.12 19:01:12 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Local\Downloaded Installations
[2010.08.12 18:40:44 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts
[2010.08.12 15:47:27 | 000,000,000 | ---D | C] -- C:\Users\Kadda\Documents\CyberLink
[2010.08.10 19:44:38 | 000,049,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sirenacm.dll
[2010.08.10 19:39:02 | 000,297,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2010.08.08 12:02:05 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Roaming\ClubCooee
[2010.08.08 11:59:45 | 000,000,000 | ---D | C] -- C:\Users\Kadda\AppData\Local\ClubCooee
[2010.03.12 13:07:10 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.03 15:59:08 | 002,097,152 | -HS- | M] () -- C:\Users\Kadda\ntuser.dat
[2010.09.03 15:51:05 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1228741680-2603910774-2010281963-1000UA.job
[2010.09.03 14:22:25 | 001,486,084 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.03 14:22:25 | 000,648,704 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.03 14:22:25 | 000,611,332 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.03 14:22:25 | 000,128,930 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.03 14:22:25 | 000,105,512 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.03 14:04:44 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.03 14:04:44 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.03 13:57:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.03 13:57:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.03 13:56:55 | 2760,847,360 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.02 22:33:24 | 003,565,004 | -H-- | M] () -- C:\Users\Kadda\AppData\Local\IconCache.db
[2010.09.02 22:00:09 | 000,001,205 | ---- | M] () -- C:\Users\Kadda\Desktop\DVDVideoSoft Free Studio.lnk
[2010.09.01 16:19:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.09.01 16:19:43 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.09.01 16:19:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.09.01 16:19:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.09.01 15:55:27 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.01 14:35:06 | 000,001,070 | ---- | M] () -- C:\Users\Kadda\Desktop\Clean Virus MSN.lnk
[2010.08.31 15:00:00 | 003,703,162 | ---- | M] () -- C:\Users\Kadda\Desktop\CreepaBeats__-_Traenen_www.rappers.in.mp3
[2010.08.29 11:51:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1228741680-2603910774-2010281963-1000Core.job
[2010.08.26 17:12:22 | 000,009,216 | ---- | M] () -- C:\Users\Kadda\Documents\Liebessprüche.wps
[2010.08.26 17:12:22 | 000,000,402 | ---- | M] () -- C:\Users\Kadda\AppData\Roaming\wklnhst.dat
[2010.08.25 15:11:53 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.08.25 15:11:35 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.08.25 14:45:50 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010.08.25 14:45:50 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010.08.25 14:29:38 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.08.24 13:01:23 | 000,002,367 | ---- | M] () -- C:\Users\Kadda\Desktop\Google Chrome.lnk
[2010.08.22 19:39:46 | 001,439,120 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2010.08.22 19:39:46 | 001,140,104 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1.dll
[2010.08.16 22:04:55 | 000,020,089 | ---- | M] () -- C:\Users\Kadda\AppData\Roaming\UserTile.png
[2010.08.13 16:14:21 | 000,383,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.13 14:21:54 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010.08.12 19:03:16 | 000,000,646 | ---- | M] () -- C:\Users\Kadda\Desktop\SPORE™ - Verknüpfung.lnk
[2010.08.12 19:01:38 | 000,001,220 | ---- | M] () -- C:\Windows\System32\ealregsnapshot1.reg
[2010.08.10 19:44:38 | 000,049,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sirenacm.dll
[2010.08.10 19:39:02 | 000,297,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2010.08.09 05:26:24 | 000,039,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010.08.08 11:59:49 | 000,002,032 | ---- | M] () -- C:\Users\Kadda\Desktop\Club Cooee.lnk
 
========== Files Created - No Company Name ==========
 
[2010.09.01 15:55:27 | 000,000,987 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.01 14:35:06 | 000,001,070 | ---- | C] () -- C:\Users\Kadda\Desktop\Clean Virus MSN.lnk
[2010.08.31 14:58:58 | 003,703,162 | ---- | C] () -- C:\Users\Kadda\Desktop\CreepaBeats__-_Traenen_www.rappers.in.mp3
[2010.08.26 17:12:21 | 000,009,216 | ---- | C] () -- C:\Users\Kadda\Documents\Liebessprüche.wps
[2010.08.25 14:30:46 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010.08.25 14:30:46 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010.08.22 19:39:46 | 001,439,120 | ---- | C] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2010.08.22 19:39:46 | 001,140,104 | ---- | C] () -- C:\Windows\System32\ieconfig_1und1.dll
[2010.08.18 16:41:53 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.08.16 22:04:55 | 000,020,089 | ---- | C] () -- C:\Users\Kadda\AppData\Roaming\UserTile.png
[2010.08.13 14:21:54 | 000,001,139 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010.08.12 19:03:16 | 000,000,646 | ---- | C] () -- C:\Users\Kadda\Desktop\SPORE™ - Verknüpfung.lnk
[2010.08.12 19:01:38 | 000,001,220 | ---- | C] () -- C:\Windows\System32\ealregsnapshot1.reg
[2010.08.08 11:59:49 | 000,002,032 | ---- | C] () -- C:\Users\Kadda\Desktop\Club Cooee.lnk
[2010.07.05 20:33:03 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.06.13 18:03:24 | 000,000,402 | ---- | C] () -- C:\Users\Kadda\AppData\Roaming\wklnhst.dat
[2010.05.28 21:58:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.13 06:58:11 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010.03.12 13:07:12 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010.03.12 13:07:12 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010.03.03 12:55:22 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.08.03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
 
========== LOP Check ==========
 
[2010.08.08 12:25:16 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\ClubCooee
[2010.05.30 12:42:55 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.05 20:31:13 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\gtk-2.0
[2010.09.01 13:44:55 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\ICQ
[2010.06.13 18:49:28 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\LolClient
[2010.05.28 21:04:06 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\MAGIX
[2010.08.12 19:04:18 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\SPORE
[2010.06.13 18:04:50 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\Template
[2010.08.13 10:55:28 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >

--- --- ---
[2010.09.03 16:00:05 | 002,097,152 | -HS- | M] () -- C:\Users\Kadda\ntuser.dat
[2010.09.03 16:00:05 | 000,262,144 | -HS- | M] () -- C:\Users\Kadda\ntuser.dat.LOG1
[2010.09.03 16:00:03 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Local\Temp
[2010.09.03 15:59:57 | 000,000,000 | R--D | M] -- C:\Users\Kadda\Downloads
[2010.09.03 15:58:49 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\Skype
[2010.09.03 15:54:13 | 000,000,000 | R--D | M] -- C:\Users\Kadda\Desktop
[2010.09.03 15:51:05 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1228741680-2603910774-2010281963-1000UA.job
[2010.09.03 14:23:52 | 000,000,000 | ---D | M] -- C:\Programme\ESET
[2010.09.03 14:22:25 | 001,486,084 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.03 14:22:25 | 000,648,704 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.03 14:22:25 | 000,611,332 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.03 14:22:25 | 000,128,930 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.03 14:22:25 | 000,105,512 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.03 14:10:56 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Local\Microsoft
[2010.09.03 14:06:34 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\skypePM
[2010.09.03 13:59:53 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Local\Windows Live
[2010.09.03 13:58:52 | 000,000,000 | ---D | M] -- C:\ProgramData\Kaspersky Lab
[2010.09.03 13:57:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.03 13:57:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.02 22:33:24 | 003,565,004 | -H-- | M] () -- C:\Users\Kadda\AppData\Local\IconCache.db
[2010.09.02 22:00:09 | 000,001,205 | ---- | M] () -- C:\Users\Kadda\Desktop\DVDVideoSoft Free Studio.lnk
[2010.09.02 22:00:09 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\DVDVideoSoft
[2010.09.01 16:20:23 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\Java
[2010.09.01 16:20:23 | 000,000,000 | ---D | M] -- C:\Programme\Common Files
[2010.09.01 16:19:43 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.09.01 16:19:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.09.01 16:19:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.09.01 15:55:30 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\Malwarebytes
[2010.09.01 15:55:27 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.01 15:55:27 | 000,000,000 | ---D | M] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.09.01 15:55:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2010.09.01 14:35:06 | 000,001,070 | ---- | M] () -- C:\Users\Kadda\Desktop\Clean Virus MSN.lnk
[2010.09.01 14:35:04 | 000,000,000 | ---D | M] -- C:\Programme\AxBx
[2010.09.01 13:44:55 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\ICQ
[2010.08.31 15:00:00 | 003,703,162 | ---- | M] () -- C:\Users\Kadda\Desktop\CreepaBeats__-_Traenen_www.rappers.in.mp3
[2010.08.29 11:51:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1228741680-2603910774-2010281963-1000Core.job
[2010.08.28 11:44:08 | 000,000,000 | ---D | M] -- C:\Programme\Windows Live
[2010.08.26 17:12:22 | 000,009,216 | ---- | M] () -- C:\Users\Kadda\Documents\Liebessprüche.wps
[2010.08.26 17:12:22 | 000,000,402 | ---- | M] () -- C:\Users\Kadda\AppData\Roaming\wklnhst.dat
[2010.08.26 17:12:22 | 000,000,000 | R--D | M] -- C:\Users\Kadda\Documents
[2010.08.26 13:09:44 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2010.08.26 13:08:03 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\microsoft shared
[2010.08.26 13:07:58 | 000,000,000 | ---D | M] -- C:\Users\Kadda\Tracing
[2010.08.26 13:07:52 | 000,000,000 | ---D | M] -- C:\Programme\Bing Bar Installer
[2010.08.26 13:07:41 | 000,000,000 | ---D | M] -- C:\Programme\MSN Toolbar
[2010.08.25 15:11:53 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.08.25 15:11:35 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.08.25 14:29:51 | 000,000,000 | ---D | M] -- C:\Programme\Kaspersky Lab
[2010.08.24 14:47:47 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Local\VirtualStore
[2010.08.24 13:01:23 | 000,002,367 | ---- | M] () -- C:\Users\Kadda\Desktop\Google Chrome.lnk
[2010.08.23 17:36:04 | 000,000,000 | ---D | M] -- C:\Programme\ICQ7.2
[2010.08.22 19:47:58 | 000,000,000 | ---D | M] -- C:\ProgramData\IEConfiguration1und1
[2010.08.22 19:39:55 | 000,000,000 | -H-D | M] -- C:\ProgramData\{9B7A2D35-FBC5-45CA-96D7-5BD50D7075A4}
[2010.08.22 19:39:46 | 001,439,120 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2010.08.22 19:39:46 | 001,140,104 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1.dll
[2010.08.22 19:39:26 | 000,000,000 | ---D | M] -- C:\Programme\Internet Explorer
[2010.08.22 19:38:37 | 000,000,000 | -H-D | M] -- C:\ProgramData\{1CAD5672-4524-4B57-9E7F-6A36F9CA770A}
[2010.08.22 19:38:32 | 000,000,000 | ---D | M] -- C:\Programme\WEB.DE
[2010.08.22 19:38:01 | 000,000,000 | -H-D | M] -- C:\ProgramData\{C8C85F7C-4429-4C76-9B3A-5624D2EF7FE4}
[2010.08.22 19:35:27 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Local\PackageAware
[2010.08.18 16:41:52 | 000,000,000 | ---D | M] -- C:\Programme\iTunes
[2010.08.18 16:40:44 | 000,000,000 | ---D | M] -- C:\Programme\iPod
[2010.08.18 16:40:43 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\Apple
[2010.08.18 16:32:56 | 000,000,000 | ---D | M] -- C:\Programme\Bonjour
[2010.08.18 16:23:52 | 000,000,000 | ---D | M] -- C:\Programme\DVDVideoSoftTB
[2010.08.18 16:09:16 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\vlc
[2010.08.16 22:07:00 | 000,000,000 | R--D | M] -- C:\Users\Kadda\Contacts
[2010.08.16 22:04:55 | 000,020,089 | ---- | M] () -- C:\Users\Kadda\AppData\Roaming\UserTile.png
[2010.08.13 14:21:54 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010.08.13 14:21:53 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Works
[2010.08.13 14:20:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2010.08.12 19:04:18 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\SPORE
[2010.08.12 19:03:28 | 000,000,000 | RH-D | M] -- C:\Users\Kadda\AppData\Roaming\SecuROM
[2010.08.12 19:03:16 | 000,000,646 | ---- | M] () -- C:\Users\Kadda\Desktop\SPORE™ - Verknüpfung.lnk
[2010.08.12 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Local\Downloaded Installations
[2010.08.12 19:01:09 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\InstallShield
[2010.08.12 18:40:44 | 000,000,000 | ---D | M] -- C:\Programme\Electronic Arts
[2010.08.12 18:39:04 | 000,000,000 | -H-D | M] -- C:\Programme\InstallShield Installation Information
[2010.08.12 15:47:45 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Local\CyberLink
[2010.08.12 15:47:44 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\CyberLink
[2010.08.12 15:47:44 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink
[2010.08.10 19:44:38 | 000,049,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sirenacm.dll
[2010.08.10 19:39:02 | 000,297,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2010.08.08 12:25:16 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\ClubCooee
[2010.08.08 12:11:09 | 000,000,000 | R--D | M] -- C:\Users\Kadda\Pictures
[2010.08.08 12:02:07 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Local\ClubCooee
[2010.08.08 11:59:49 | 000,002,032 | ---- | M] () -- C:\Users\Kadda\Desktop\Club Cooee.lnk
[2010.08.05 12:58:54 | 000,000,000 | R--D | M] -- C:\Users\Kadda\Favorites
[2010.08.03 18:34:03 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010.05.28 21:58:14 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.05.28 21:09:11 | 000,103,576 | ---- | M] () -- C:\Users\Kadda\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.07.14 06:41:57 | 000,000,174 | -HS- | M] () -- C:\Programme\desktop.ini

========== Files - Modified Within 30 Days ==========

[2010.09.03 16:00:05 | 002,097,152 | -HS- | M] () -- C:\Users\Kadda\ntuser.dat
[2010.09.03 15:51:05 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1228741680-2603910774-2010281963-1000UA.job
[2010.09.03 14:22:25 | 001,486,084 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.03 14:22:25 | 000,648,704 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.03 14:22:25 | 000,611,332 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.03 14:22:25 | 000,128,930 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.03 14:22:25 | 000,105,512 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.03 14:04:44 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.03 14:04:44 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.03 13:57:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.03 13:57:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.03 13:56:55 | 2760,847,360 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.02 22:33:24 | 003,565,004 | -H-- | M] () -- C:\Users\Kadda\AppData\Local\IconCache.db
[2010.09.02 22:00:09 | 000,001,205 | ---- | M] () -- C:\Users\Kadda\Desktop\DVDVideoSoft Free Studio.lnk
[2010.09.01 16:19:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.09.01 16:19:43 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.09.01 16:19:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.09.01 16:19:43 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.09.01 15:55:27 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.01 14:35:06 | 000,001,070 | ---- | M] () -- C:\Users\Kadda\Desktop\Clean Virus MSN.lnk
[2010.08.31 15:00:00 | 003,703,162 | ---- | M] () -- C:\Users\Kadda\Desktop\CreepaBeats__-_Traenen_www.rappers.in.mp3
[2010.08.29 11:51:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1228741680-2603910774-2010281963-1000Core.job
[2010.08.26 17:12:22 | 000,009,216 | ---- | M] () -- C:\Users\Kadda\Documents\Liebessprüche.wps
[2010.08.26 17:12:22 | 000,000,402 | ---- | M] () -- C:\Users\Kadda\AppData\Roaming\wklnhst.dat
[2010.08.25 15:11:53 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.08.25 15:11:35 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.08.25 14:45:50 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010.08.25 14:45:50 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010.08.25 14:29:38 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.08.24 13:01:23 | 000,002,367 | ---- | M] () -- C:\Users\Kadda\Desktop\Google Chrome.lnk
[2010.08.22 19:39:46 | 001,439,120 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2010.08.22 19:39:46 | 001,140,104 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1.dll
[2010.08.16 22:04:55 | 000,020,089 | ---- | M] () -- C:\Users\Kadda\AppData\Roaming\UserTile.png
[2010.08.13 16:14:21 | 000,383,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.13 14:21:54 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010.08.12 19:03:16 | 000,000,646 | ---- | M] () -- C:\Users\Kadda\Desktop\SPORE™ - Verknüpfung.lnk
[2010.08.12 19:01:38 | 000,001,220 | ---- | M] () -- C:\Windows\System32\ealregsnapshot1.reg
[2010.08.10 19:44:38 | 000,049,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sirenacm.dll
[2010.08.10 19:39:02 | 000,297,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2010.08.09 05:26:24 | 000,039,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010.08.08 11:59:49 | 000,002,032 | ---- | M] () -- C:\Users\Kadda\Desktop\Club Cooee.lnk

========== LOP Check ==========

[2010.08.08 12:25:16 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\ClubCooee
[2010.05.30 12:42:55 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.05 20:31:13 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\gtk-2.0
[2010.09.01 13:44:55 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\ICQ
[2010.06.13 18:49:28 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\LolClient
[2010.05.28 21:04:06 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\MAGIX
[2010.08.12 19:04:18 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\SPORE
[2010.06.13 18:04:50 | 000,000,000 | ---D | M] -- C:\Users\Kadda\AppData\Roaming\Template
[2010.08.13 10:55:28 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

und der zweite teil.OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 03.09.2010 15:57:52 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Kadda\Downloads
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424,66 Gb Total Space | 358,93 Gb Free Space | 84,52% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 20,29 Gb Free Space | 50,73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 76,69 Gb Total Space | 4,47 Gb Free Space | 5,82% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: KADDA-PC
Current User Name: Kadda
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Kadda\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" = 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00450E05-6F4C-42E5-9598-02CF18378FEA}" = Windows Live ID Sign-in Assistant
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02AC1AAE-FDAB-4AF7-9342-AE4A1DAA7709}" = Windows Live Family Safety
"{07766F89-EFAA-4635-86B7-636B89EA2C0D}" = Bing Bar Platform
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0DC7F1CB-B3EB-48CF-8136-3BF8635F8566}" = Internet Explorer 8 WEB.DE Edition
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{158154A2-4267-44FA-BB07-65E101E2920E}" = Windows Live Remote Service
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{19DD26A7-F0DD-472E-887F-44128C31163C}" = Windows Live Messenger
"{1A5B743C-FD87-48D0-9386-C4CCB5D3552C}" = Windows Live Sync Beta
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3274D32D-3DA2-4AB9-9BD0-B4EDC6E03B7F}" = Windows Live Essentials-Betaversion
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{380B7FE0-32A3-439A-B65C-B4ED55CADBF4}" = Windows Live Fotogalerie-Betaversion
"{3932CA01-E514-48A1-8D2D-B9DA712C58B5}" = Windows Live Writer
"{394A36B7-A693-48FD-AA14-DC17E291A378}" = Windows Live Writer
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D8621A6-42D4-46C9-B7B3-21566E7620FE}" = Messenger Companion
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}" = Firebird SQL Server - MAGIX Edition
"{3F62782D-2798-4540-B493-F6472197900E}" = Microsoft Search Enhancement Pack
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41A15ABD-081B-43DC-91A5-8727265E8D77}" = Windows Live Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D4E652E-6229-4C69-8EBD-AE0C6AE3BB69}" = Windows Live Sync-ActiveX-Steuerelement für Remoteverbindungen
"{4E89C074-29D6-4756-B820-A95F5E15B33A}" = Windows Live MIME IFilter
"{4F88F5D8-767A-4EB4-9AFA-A7CBCC69D767}" = Windows Live SOXE
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52CDDA92-56B6-4BA5-BD8D-E13B186008CB}" = D3DX10
"{54488589-76BC-4A3F-AC4F-71EBAD657850}" = Windows Live Communications Platform
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{5EE59813-493A-4C10-A2BF-3647670CD7D6}" = Windows Live UX Platform Language Pack
"{6041D07D-CBC6-4119-8C35-D95B77AD5FBA}" = Internet Explorer WEB.DE Addon
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66069562-D3AF-4515-B1FD-7EE4DE5CE7D2}" = Windows Live PIMT Platform
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E432D8D-D78A-44A8-9FE8-B8942F7FD01F}" = Windows Live UX Platform
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91973772-A002-446D-8A67-B410553AD8F9}" = Windows Live SOXE Definitions
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A4E899-87EF-43C7-99E3-9ED5342FBF12}" = Windows Live Movie Maker
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D6FAA1A-D87C-4F3E-B6C0-2646DC238CCF}" = Windows Live Mail
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.1 - Deutsch
"{AD8B902F-C542-41BB-B9F0-68990C9B2A38}" = Windows Live Family Safety
"{ADFCF98D-9CB4-414F-B2F0-AF96E0302A3C}" = Windows Live Photo Common-Betaversion
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B33CAFFE-01C2-4D10-9E74-74C1E13E0C04}" = Windows Live Messenger Companion Core
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B9D682DD-724A-4F18-B714-1B6AB423FD08}" = Windows Live Writer
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C0A30BAA-295D-4F7F-8776-FD09FD57E2E2}" = Windows Live Installer
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5B146B7-0BA3-43E9-B1F3-1E89D0607DD1}" = Windows Live Remote Service Resources
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{C7A6AD68-9152-482B-9769-6E08231F0BD7}" = Windows Live Messenger
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CED9B1E8-FFCB-4497-9DFC-F0B20146896E}" = Windows Live Mail
"{CF092689-6ADF-4C86-A8DA-31B0B448A36C}" = Junk Mail filter update
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.5.0.8
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D75608C0-FBE2-4A0D-9A7A-871F08305949}" = Windows Live Writer Resources
"{DA376BA3-A965-4F95-A218-E73BAF131D0F}" = Windows Live Remote Client Resources
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7F36D6-F67D-486A-A9D5-01DE1B6F6933}" = Windows Live Movie Maker
"{EF05063D-E51D-461B-933C-BF38E6F27F3B}" = Windows Live Sync Beta
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F1FCC8AD-0F88-4D77-8530-0FBB088485F1}" = WEB.DE Update
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F58A67D7-4056-4C0F-8874-1022E1157A88}" = Windows Live Remote Client
"{FB5AEB8B-D920-4F21-8336-16CFA828B145}" = Mesh Runtime
"{FCE7CF00-581E-4B9B-8794-24A196BBFBC0}" = Windows Live Photo Gallery
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Clean Virus MSN_is1" = Clean Virus MSN
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ESET Online Scanner" = ESET Online Scanner v3
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"Internet Explorer 8 WEB.DE Edition" = Internet Explorer 8 WEB.DE Edition
"Internet Explorer WEB.DE Addon" = Internet Explorer WEB.DE Addon
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MEDION Fotos auf CD & DVD SE Nord D" = MEDION Fotos auf CD & DVD SE Nord
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TVWiz" = Intel(R) TV Wizard
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"WEB.DE Update" = WEB.DE Update
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite" = Windows Live Essentials-Betaversion
"X10Hardware" = X10 Hardware(TM)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ClubCooee" = Club Cooee
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 01.09.2010 10:20:55 | Computer Name = Kadda-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.09.2010 10:20:55 | Computer Name = Kadda-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 18112
 
Error - 01.09.2010 10:20:55 | Computer Name = Kadda-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 18112
 
Error - 01.09.2010 10:20:56 | Computer Name = Kadda-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.09.2010 10:20:56 | Computer Name = Kadda-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 19298
 
Error - 01.09.2010 10:20:56 | Computer Name = Kadda-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 19298
 
Error - 01.09.2010 15:30:25 | Computer Name = Kadda-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.09.2010 15:30:26 | Computer Name = Kadda-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 18587816
 
Error - 01.09.2010 15:30:26 | Computer Name = Kadda-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 18587816
 
Error - 03.09.2010 08:11:13 | Computer Name = Kadda-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: f5c    Startzeit: 01cb4b610a2d293c    Endzeit: 16    Anwendungspfad: 
C:\Program Files\Internet Explorer\iexplore.exe    Berichts-ID: 540f22e5-b754-11df-a275-00262df56873
 
 
[ Media Center Events ]
Error - 05.06.2010 15:57:20 | Computer Name = Kadda-PC | Source = MCUpdate | ID = 0
Description = 21:57:20 - Fehler beim Herstellen der Internetverbindung.  21:57:20 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 05.06.2010 15:57:37 | Computer Name = Kadda-PC | Source = MCUpdate | ID = 0
Description = 21:57:26 - Fehler beim Herstellen der Internetverbindung.  21:57:26 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 05.06.2010 16:57:42 | Computer Name = Kadda-PC | Source = MCUpdate | ID = 0
Description = 22:57:42 - Fehler beim Herstellen der Internetverbindung.  22:57:42 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 05.06.2010 16:57:49 | Computer Name = Kadda-PC | Source = MCUpdate | ID = 0
Description = 22:57:47 - Fehler beim Herstellen der Internetverbindung.  22:57:47 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14.07.2010 13:08:00 | Computer Name = Kadda-PC | Source = MCUpdate | ID = 0
Description = 19:07:59 - Fehler beim Herstellen der Internetverbindung.  19:08:00 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14.07.2010 13:08:08 | Computer Name = Kadda-PC | Source = MCUpdate | ID = 0
Description = 19:08:05 - Fehler beim Herstellen der Internetverbindung.  19:08:05 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14.07.2010 14:08:16 | Computer Name = Kadda-PC | Source = MCUpdate | ID = 0
Description = 20:08:16 - Fehler beim Herstellen der Internetverbindung.  20:08:16 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 14.07.2010 14:08:41 | Computer Name = Kadda-PC | Source = MCUpdate | ID = 0
Description = 20:08:21 - Fehler beim Herstellen der Internetverbindung.  20:08:21 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.07.2010 11:47:03 | Computer Name = Kadda-PC | Source = MCUpdate | ID = 0
Description = 17:47:03 - Fehler beim Herstellen der Internetverbindung.  17:47:03 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.07.2010 11:47:27 | Computer Name = Kadda-PC | Source = MCUpdate | ID = 0
Description = 17:47:08 - Fehler beim Herstellen der Internetverbindung.  17:47:08 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 03.09.2010 08:20:12 | Computer Name = Kadda-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.09.2010 08:20:39 | Computer Name = Kadda-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.09.2010 08:20:47 | Computer Name = Kadda-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.09.2010 08:20:50 | Computer Name = Kadda-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.09.2010 08:21:01 | Computer Name = Kadda-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.09.2010 08:21:17 | Computer Name = Kadda-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.09.2010 08:21:25 | Computer Name = Kadda-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.09.2010 08:21:30 | Computer Name = Kadda-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.09.2010 08:22:08 | Computer Name = Kadda-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.09.2010 08:22:09 | Computer Name = Kadda-PC | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >

--- --- ---

Swisstreasure · 03.09.2010, 21:18

Hast Du noch Probleme?

p2-girl · 04.09.2010, 10:30

ne also bei msn schick ich ncihts mehr rum meinen meine freunde..und bei skype glaub ich auch nicht...

danke...wenn mal wieder was ist weiß ich wo ich mich melden muss

Swisstreasure · 04.09.2010, 18:12

Schritt 1

Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.

Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
Speichere es auf Deinem Desktop.
Doppelklick auf OTL.exe um das Programm auszuführen.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Klicke auf den Button "Bereinigung"
OTL fragt eventuell nach einem Neustart.
Sollte es dies tun, so lasse dies bitte zu.

Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

Schritt 2

Programme updaten

Du verwendest zum Teil veraltete Software, die Sicherheitslücken auf deinem System bildet, durch die Malware eindringen kann. Alle Software, die du auf deinem Rechner hast, muss regelmäßig geupdatet werden, auch dann, wenn du sie nicht verwendest. Eine einfache Möglichkeit, diese Software Updates zu überwachen, bietet der Secunia Inspektor.

p2-girl · 05.09.2010, 19:55

ich noch ein problem

immer wernn ich iwas bei icq mache kommt iwann ne warnung das in dem skript ein fehler aufgetaucht ist

Swisstreasure · 05.09.2010, 22:21

kannst Du mir nen Screenshot machen?

p2-girl · 06.09.2010, 14:37

hier das bilchen....ich hoffe du kannst damit was anfangen

Swisstreasure · 07.09.2010, 10:31

Das sind Scriptfehler in Zusammenhang mit dem ICQ. Du kannst diese deaktivieren:
IE unter Extras -> Internetoption -> Erweitert -> Haken bei "scriptdebugging deaktivieren" setzen und bei "scriptfehler anzeigen" den Haken rausmachen.

02.09.2010, 14:58	#5
Swisstreasure /// Malwareteam	Hilfe! Zwei Viren gleichzeitig? Wo bleibt denn Schrit 3 ?

03.09.2010, 21:18	#9
Swisstreasure /// Malwareteam	Hilfe! Zwei Viren gleichzeitig? Hast Du noch Probleme?

05.09.2010, 22:21	#13
Swisstreasure /// Malwareteam	Hilfe! Zwei Viren gleichzeitig? kannst Du mir nen Screenshot machen?

07.09.2010, 10:31	#15
Swisstreasure /// Malwareteam	Hilfe! Zwei Viren gleichzeitig? Das sind Scriptfehler in Zusammenhang mit dem ICQ. Du kannst diese deaktivieren: IE unter Extras -> Internetoption -> Erweitert -> Haken bei "scriptdebugging deaktivieren" setzen und bei "scriptfehler anzeigen" den Haken rausmachen.

Hilfe! Zwei Viren gleichzeitig?

Plagegeister aller Art und deren Bekämpfung: Hilfe! Zwei Viren gleichzeitig?