Hallo, habe seit gestern Abend ein Problem mit meinem Laptop. Da ich absoluter Anfänger in solchen Sachen bin, habe ich keine Ahnung wie ich nun vorgehen soll.

Es erscheinen mehrere Meldungen auf meinem Laptop unter anderem "Das System hat ein Problem mit einem oder mehreren installierten IDE-/SATA-Festplatten erkannt..." oder "kritische..." mein desktop ist schwarz alle icons ausser dem Papierkorb sind weg, und meine kompletten Daten verschwunden.

Kann die Dateien zwar wieder sichtbar machen, die Fehlermeldungen tauchen jedoch immer noch auf, Laptop wird auch automatisch nach Fehleranzeige heruntergefahren.

Wer kann mir helfen oder weiß eine Lösung wie ich diesen Virus entfernen kann?
Vielen Dank schon einmal im Vorraus.


Hab Malwarebytes einmal durchlaufen lassen und hier das Ergebnis:

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

24.04.2011 15:52:58
mbam-log-2011-04-24 (15-52-58).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 168686
Laufzeit: 1 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 8

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\5NZQ29B3L2 (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\LKGGOPABUH (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iCEyocHtffAu (Trojan.FakeAlert) -> Value: iCEyocHtffAu -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\programdata\iceyochtffau.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Steffen\AppData\Local\Temp\adobe_flash_player.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Steffen\AppData\Local\Temp\ldrb3f5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\wibrf.jpg (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\wiybr.png (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.


OTL Logfile:
OTL logfile created on: 24.04.2011 16:06:23 - Run 1
OTL by OldTimer - Version     Folder = C:\Users\Steffen\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 235,82 Gb Total Space | 141,16 Gb Free Space | 59,86% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 62,92 Gb Free Space | 13,51% Space Free | Partition Type: NTFS
Drive F: | 228,48 Gb Total Space | 215,11 Gb Free Space | 94,15% Space Free | Partition Type: NTFS
Drive G: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 465,65 Gb Total Space | 117,00 Gb Free Space | 25,13% Space Free | Partition Type: FAT32
Computer Name: STEFFEN´S-PC | User Name: Steffen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC -  File not found
PRC - C:\Users\Steffen\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Steffen\AppData\Local\Temp\Rar$EX00.799\PESEdit.com 2011 Patch 2.1\Installer.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\HDMICtrlMan\HCMSoundChanger.exe (TOSHIBA Corporation.)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
PRC - C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
PRC - C:\Program Files (x86)\Toshiba\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
========== Modules (SafeList) ==========
MOD - C:\Users\Steffen\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (TosCoSrv) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (SmartFaceVWatchSrv) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe (Toshiba)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\drivers\XAudio64.exe (Conexant Systems, Inc.)
SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (cfWiMAXService) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (ConfigFree Gadget Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe (TOSHIBA CORPORATION)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (UleadBurningHelper) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (WmFilter) -- C:\Windows\SysNative\drivers\WmFilter.sys (Logitech Inc.)
DRV:64bit: - (tosrfusb) -- C:\Windows\SysNative\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (tosrfcom) -- C:\Windows\SysNative\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV:64bit: - (tosrfnds) -- C:\Windows\SysNative\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV:64bit: - (O2MDRDR) -- C:\Windows\SysNative\drivers\o2mdx64.sys (O2Micro )
DRV:64bit: - (tosrfbd) -- C:\Windows\SysNative\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV:64bit: - (CnxtHdmiAudService) -- C:\Windows\SysNative\drivers\CHDMI64.sys (Conexant Systems Inc.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (Tosrfhid) -- C:\Windows\SysNative\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV:64bit: - (tosrfbnp) -- C:\Windows\SysNative\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV:64bit: - (tosporte) -- C:\Windows\SysNative\drivers\tosporte.sys (TOSHIBA Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (UVCFTR) -- C:\Windows\SysNative\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
DRV:64bit: - (O2SDRDR) -- C:\Windows\SysNative\drivers\o2sdx64.sys (O2Micro )
DRV:64bit: - (HSF_DPV) -- C:\Windows\SysNative\drivers\CAX_DPV.sys (Conexant Systems, Inc.)
DRV:64bit: - (CAXHWAZL) -- C:\Windows\SysNative\drivers\CAXHWAZL.sys (Conexant Systems, Inc.)
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\drivers\CAX_CNXT.sys (Conexant Systems, Inc.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\drivers\XAudio64.sys (Conexant Systems, Inc.)
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\drivers\mdmxsdk.sys (Conexant)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3055980029-1285905046-882748760-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
IE - HKU\S-1-5-21-3055980029-1285905046-882748760-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\S-1-5-21-3055980029-1285905046-882748760-1000\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3055980029-1285905046-882748760-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3055980029-1285905046-882748760-1000\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3055980029-1285905046-882748760-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.24 22:04:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.24 22:04:32 | 000,000,000 | ---D | M]
[2011.03.03 21:28:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Steffen\AppData\Roaming\mozilla\Extensions
[2011.03.23 15:20:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\oq2sy3y1.default\extensions
[2011.03.03 21:28:29 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\oq2sy3y1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.21 00:27:51 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\oq2sy3y1.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.03 21:28:31 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\oq2sy3y1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.03.03 21:28:31 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\oq2sy3y1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.03.05 22:37:28 | 000,000,000 | -H-D | M] (softonic-de3 Community Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\oq2sy3y1.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.03.03 21:28:32 | 000,000,000 | -H-D | M] (DVDVideoSoft Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\oq2sy3y1.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2011.03.20 23:25:11 | 000,002,396 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\askcom.xml
[2010.05.04 19:56:17 | 000,000,873 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\conduit.xml
[2011.02.27 22:56:13 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-1.xml
[2010.05.04 20:42:29 | 000,000,943 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-10.xml
[2010.06.28 10:14:19 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-11.xml
[2010.07.22 18:00:57 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-12.xml
[2010.07.25 23:46:16 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-13.xml
[2010.09.11 00:08:23 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-14.xml
[2010.09.16 23:28:15 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-15.xml
[2010.10.21 00:37:32 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-16.xml
[2010.10.28 14:32:26 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-17.xml
[2010.12.10 19:09:42 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-18.xml
[2011.03.02 18:32:53 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-19.xml
[2009.11.06 17:02:52 | 000,000,961 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-2.xml
[2011.03.03 23:53:51 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-20.xml
[2011.03.20 23:25:08 | 000,000,950 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-21.xml
[2009.11.10 18:43:16 | 000,000,961 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-3.xml
[2009.12.24 15:55:46 | 000,000,954 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-4.xml
[2010.02.24 00:31:41 | 000,000,954 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-5.xml
[2010.03.10 15:04:20 | 000,000,954 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-6.xml
[2010.03.10 16:36:06 | 000,000,659 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-7.xml
[2010.03.25 13:05:12 | 000,000,943 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-8.xml
[2010.04.08 12:42:31 | 000,000,943 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin-9.xml
[2011.03.21 00:27:50 | 000,000,168 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin.gif
[2011.03.21 00:27:50 | 000,000,618 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin.src
[2010.05.12 18:40:48 | 000,001,042 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\oq2sy3y1.default\searchplugins\icqplugin.xml
[2011.03.23 15:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.03.03 21:07:39 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.03 21:07:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.03.03 21:07:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.03.03 21:07:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.03 21:07:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.03 21:01:26 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES (X86)\COMMON FILES\DVDVIDEOSOFT\DLL\FFCONTEXTMENUY
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.09.11 00:07:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.09.11 00:07:50 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.09.11 00:07:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.09.11 00:07:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.09.11 00:07:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts:       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-3055980029-1285905046-882748760-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HDMICtrlMan] C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4:64bit: - HKLM..\Run: [HSON] C:\Programme\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files (x86)\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3055980029-1285905046-882748760-1000..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\S-1-5-21-3055980029-1285905046-882748760-1000..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin]  File not found
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 11-Registrierung.lnk = C:\Program Files (x86)\EA Sports\FIFA 11\Support\EAregister.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3055980029-1285905046-882748760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Steffen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Steffen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} -  File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} -  File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - G:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 19:03:48 | 000,000,054 | R--- | M] () - G:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{0a823f55-8e5d-11de-970b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0a823f55-8e5d-11de-970b-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2008.11.15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.04.24 15:41:42 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\Malwarebytes
[2011.04.24 15:41:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.04.24 15:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.24 15:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.24 15:41:31 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.04.24 15:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.04.24 15:40:21 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Steffen\Desktop\Herbert.exe
[2011.04.24 15:06:52 | 000,580,608 | -H-- | C] (OldTimer Tools) -- C:\Users\Steffen\Desktop\OTL.exe
[2011.04.24 14:25:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011.04.24 14:25:14 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2011.04.24 14:24:20 | 010,134,040 | -H-- | C] (Microsoft Corporation) -- C:\Users\Steffen\Desktop\mseinstall.exe
[2011.04.14 13:18:12 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.04.14 13:18:12 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.04.14 13:18:10 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.04.14 13:18:10 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.04.14 13:18:10 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.04.14 13:18:09 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011.04.14 13:18:09 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011.04.14 13:18:08 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.04.14 13:18:08 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.04.14 13:18:08 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.04.14 13:18:08 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.04.14 13:18:07 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.04.14 13:18:07 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.04.14 13:17:58 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.04.14 13:17:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.04.14 13:17:54 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.04.14 13:17:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011.04.14 13:17:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.04.14 13:17:53 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.04.14 13:17:52 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.04.14 13:17:52 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.04.14 13:17:52 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.04.14 13:17:52 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011.04.14 13:17:52 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011.04.14 13:17:52 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011.04.14 13:17:22 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011.04.06 16:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.03.28 19:46:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2011 Patch
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.04.24 16:04:36 | 000,010,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 16:04:36 | 000,010,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 15:58:45 | 000,001,106 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.24 15:57:22 | 000,000,304 | -HS- | M] () -- C:\Windows\tasks\MEBXHEHU.job
[2011.04.24 15:57:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.24 15:57:06 | 3193,581,568 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.24 15:41:35 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.24 15:41:12 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Steffen\Desktop\Herbert.exe
[2011.04.24 15:37:41 | 001,006,778 | ---- | M] () -- C:\Users\Steffen\Desktop\rkill.com
[2011.04.24 15:33:00 | 000,001,110 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.24 15:06:54 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\Steffen\Desktop\OTL.exe
[2011.04.24 14:39:24 | 000,656,266 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.04.24 14:39:24 | 000,618,108 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.24 14:39:24 | 000,131,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.04.24 14:39:24 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.24 14:39:23 | 001,505,034 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.24 14:25:37 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.04.24 14:25:23 | 001,526,948 | -H-- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.24 14:24:50 | 010,134,040 | -H-- | M] (Microsoft Corporation) -- C:\Users\Steffen\Desktop\mseinstall.exe
[2011.04.24 13:36:13 | 000,003,544 | -H-- | M] () -- C:\bootsqm.dat
[2011.04.22 11:26:33 | 000,001,396 | -H-- | M] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 11-Registrierung.lnk
[2011.04.19 16:12:25 | 002,277,457 | -H-- | M] () -- C:\Users\Steffen\Desktop\PES_2011_Editor_v1.5.rar
[2011.04.19 15:33:58 | 000,002,348 | -H-- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.04.18 22:38:15 | 005,625,765 | -H-- | M] () -- C:\Users\Steffen\Desktop\kleine Spiele.pdf
[2011.04.18 06:08:33 | 000,035,859 | -H-- | M] () -- C:\Users\Steffen\Desktop\Hausarbeit_Modul_3_Schönenberg_SoSe11_Teil2_Themen.pdf
[2011.04.18 06:08:21 | 000,017,950 | -H-- | M] () -- C:\Users\Steffen\Desktop\SemPlan_SprNorm_SoSe11.pdf
[2011.04.18 06:07:54 | 001,521,495 | -H-- | M] () -- C:\Users\Steffen\Desktop\2_Handout_Grammatik_SoSe11.pdf
[2011.04.18 06:07:10 | 000,090,933 | -H-- | M] () -- C:\Users\Steffen\Desktop\1_Handout_SprNorm_SoSe11.pdf
[2011.04.16 22:34:05 | 000,015,509 | -H-- | M] () -- C:\Users\Steffen\Desktop\30_Kinder_und_Jugendbuchklassiker.pdf
[2011.04.15 12:15:02 | 000,382,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.04.06 16:22:49 | 000,001,074 | -H-- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.03.31 22:10:11 | 000,001,260 | ---- | M] () -- C:\Users\Steffen\Desktop\PESEDIT Selector.lnk
[2011.03.25 20:10:35 | 000,001,406 | -H-- | M] () -- C:\Users\Steffen\Desktop\Free YouTube to MP3 Converter.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.04.24 15:41:35 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.24 15:37:35 | 001,006,778 | ---- | C] () -- C:\Users\Steffen\Desktop\rkill.com
[2011.04.24 14:25:37 | 000,001,912 | -H-- | C] () -- C:\Windows\epplauncher.mif
[2011.04.24 14:25:23 | 001,526,948 | -H-- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.24 14:25:16 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011.04.24 13:36:13 | 000,003,544 | -H-- | C] () -- C:\bootsqm.dat
[2011.04.19 16:12:20 | 002,277,457 | -H-- | C] () -- C:\Users\Steffen\Desktop\PES_2011_Editor_v1.5.rar
[2011.04.18 22:38:00 | 005,625,765 | -H-- | C] () -- C:\Users\Steffen\Desktop\kleine Spiele.pdf
[2011.04.18 06:08:33 | 000,035,859 | -H-- | C] () -- C:\Users\Steffen\Desktop\Hausarbeit_Modul_3_Schönenberg_SoSe11_Teil2_Themen.pdf
[2011.04.18 06:08:20 | 000,017,950 | -H-- | C] () -- C:\Users\Steffen\Desktop\SemPlan_SprNorm_SoSe11.pdf
[2011.04.18 06:07:50 | 001,521,495 | -H-- | C] () -- C:\Users\Steffen\Desktop\2_Handout_Grammatik_SoSe11.pdf
[2011.04.18 06:07:08 | 000,090,933 | -H-- | C] () -- C:\Users\Steffen\Desktop\1_Handout_SprNorm_SoSe11.pdf
[2011.04.16 22:34:05 | 000,015,509 | -H-- | C] () -- C:\Users\Steffen\Desktop\30_Kinder_und_Jugendbuchklassiker.pdf
[2011.04.06 16:22:49 | 000,001,074 | -H-- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.03.31 22:10:11 | 000,001,260 | ---- | C] () -- C:\Users\Steffen\Desktop\PESEDIT Selector.lnk
[2011.03.09 16:11:47 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2011.03.03 20:55:07 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.03 14:50:15 | 000,090,112 | RHS- | C] () -- C:\Windows\SysWow64\untfsf.dll
[2010.10.14 02:36:44 | 000,179,263 | -H-- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.03.06 01:37:37 | 000,002,528 | -H-- | C] () -- C:\Users\Steffen\AppData\Roaming\$_hpcst$.hpc
[2009.09.12 23:39:18 | 000,000,000 | -H-- | C] () -- C:\Windows\ToDisc.INI
[2009.09.04 18:40:40 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | -H-- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | -H-- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.19 21:06:22 | 000,197,912 | -H-- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009.06.19 21:06:22 | 000,058,648 | -H-- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | -H-- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009.06.19 21:06:22 | 000,058,648 | -H-- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009.06.19 21:06:22 | 000,058,648 | -H-- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | -H-- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009.06.19 21:06:22 | 000,058,648 | -H-- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009.06.19 21:06:22 | 000,058,648 | -H-- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009.06.19 21:06:22 | 000,058,648 | -H-- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009.06.19 21:06:22 | 000,058,648 | -H-- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.05.05 14:12:08 | 000,204,800 | -H-- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2009.05.05 14:12:08 | 000,200,704 | -H-- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2009.05.05 14:12:08 | 000,192,512 | -H-- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2009.05.05 14:12:08 | 000,192,512 | -H-- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2009.05.05 14:12:08 | 000,188,416 | -H-- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2009.05.05 14:12:07 | 000,020,480 | -H-- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2009.05.05 14:05:08 | 000,000,000 | -H-- | C] () -- C:\Windows\NDSTray.INI
[2009.05.05 13:37:49 | 000,128,113 | -H-- | C] () -- C:\Windows\SysWow64\csellang.ini
[2009.05.05 13:37:49 | 000,045,056 | -H-- | C] () -- C:\Windows\SysWow64\csellang.dll
[2009.05.05 13:37:49 | 000,007,671 | -H-- | C] () -- C:\Windows\SysWow64\cseltbl.ini
[2007.10.25 18:26:10 | 000,005,632 | -H-- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
========== LOP Check ==========
[2011.03.03 21:26:01 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\Canon
[2011.03.03 21:26:01 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\CasualForge
[2011.03.03 21:26:01 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\DAEMON Tools Lite
[2011.03.03 21:26:01 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\DeepBurner
[2011.03.25 20:10:42 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.24 12:03:37 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\ICQ
[2011.03.03 21:27:42 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\Leadertech
[2011.03.03 21:28:32 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\OpenOffice.org
[2011.03.03 21:28:34 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\Samsung
[2010.12.21 23:51:48 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\Systweak
[2011.03.03 21:28:36 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\toshiba
[2011.03.20 23:25:02 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\Trillian
[2011.03.03 21:28:36 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\TuneUp Software
[2011.03.03 21:28:36 | 000,000,000 | -H-D | M] -- C:\Users\Steffen\AppData\Roaming\WinBatch
[2011.04.24 15:57:22 | 000,000,304 | -HS- | M] () -- C:\Windows\Tasks\MEBXHEHU.job
[2011.04.24 03:27:38 | 000,032,632 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
--- --- ---

Alt 26.04.2011, 15:10   #2
/// Winkelfunktion
/// TB-Süch-Tiger™
Das System hat ein Problem mit einem oder mehreren installierten IDE-/SATA-Festplatten erkannt..." - Standard

Das System hat ein Problem mit einem oder mehreren installierten IDE-/SATA-Festplatten erkannt..."

Art des Suchlaufs: Quick-Scan
Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



