Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Kazy Virus wieder einmal

Kazy Virus wieder einmal


Plagegeister aller Art und deren Bekämpfung: Kazy Virus wieder einmal

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 25.04.2011, 17:20   #1
hotrod91
 
Kazy Virus wieder einmal - Standard

Kazy Virus wieder einmal


Guten Abend
Ich hab seid gestern auch diesen Kazy Virus.
Mein PC hing. Aufeinmal Desktop Schwarz und nur noch der Papierkorb zu sehn. Antivir meldete sich mit diesem Kazy Virus und es kamen auch diverse Fehlermeldungen. Mein Pc lässt sich nur noch im Abgesicherten Modus bedienen weil sonst sich sofort alles aufhängt... Ich habe gesehen das die ganzen Ordner die verschwunden waren auf unsichtbar gestellt worden sind ... jetzt sind sie wieder da die Icons sind jedoch durchsichtig und lassen sich auch nicht alle öffnen.
Ich habe nun wie meine Vorgänger einmal dieses Malewarebytes und OTL drüber laufen lassen.

Vielen Dank schonmal für Hilfe!!!!

Hier die logs:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5363

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

25.04.2011 12:08:48
mbam-log-2011-04-25 (12-08-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Durchsuchte Objekte: 464429
Laufzeit: 42 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 3
Infizierte Verzeichnisse: 2
Infizierte Dateien: 7

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Noble Casino (Adware.Casino) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Swiss Casino (Adware.Casino) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\redflush (PUP.Casino.Gen) -> No action taken.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Trojan.Agent) -> Value: Policies -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Trojan.Agent) -> Value: Policies -> No action taken.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallPaper (PUM.Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Infizierte Verzeichnisse:
c:\Windows\System32\scvhost (Backdoor.Bot) -> No action taken.
c:\Windows\SysWOW64\scvhost (Backdoor.Bot) -> No action taken.

Infizierte Dateien:
c:\Casino\noble casino\_setupcasino_5be9ef.exe (Adware.Casino) -> No action taken.
c:\Casino\swiss casino\_setupcasino_65d43f.exe (Adware.Casino) -> No action taken.
c:\microgaming\Casino\RedFlush\install.exe (PUP.Casino.Gen) -> No action taken.
c:\Users\Amadeus\downloads\RedFlush.exe (PUP.Casino.Gen) -> No action taken.
c:\Users\Amadeus\downloads\setupcasino_5be9ef.exe (Adware.Casino) -> No action taken.
c:\Users\Amadeus\downloads\setupcasino_65d43f.exe (Adware.Casino) -> No action taken.
c:\Users\Amadeus\AppData\Roaming\cglogs.dat (Malware.Trace) -> No action taken.

OTL logfile created on: 25.04.2011 18:00:04 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = D:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 88,00% Memory free
8,00 Gb Paging File | 8,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 164,75 Gb Total Space | 19,58 Gb Free Space | 11,88% Space Free | Partition Type: NTFS
Drive D: | 3,73 Gb Total Space | 3,35 Gb Free Space | 89,98% Space Free | Partition Type: FAT32
Drive E: | 1220,50 Gb Total Space | 847,78 Gb Free Space | 69,46% Space Free | Partition Type: NTFS

Computer Name: AMADEUS-PC | User Name: Amadeus | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.04.25 11:15:10 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\OTL.exe


========== Modules (SafeList) ==========

MOD - [2011.04.25 11:15:10 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.11.30 16:38:11 | 000,203,264 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.12.09 14:38:38 | 000,036,168 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.03.28 15:41:12 | 002,111,368 | -H-- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.12.26 10:52:39 | 000,075,064 | -H-- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.11.28 13:30:07 | 000,403,240 | -H-- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.09.06 19:56:38 | 000,247,096 | -H-- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.12.12 13:44:09 | 000,607,048 | -H-- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.12.09 14:44:18 | 001,394,504 | -H-- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.12.09 14:38:30 | 000,030,024 | -H-- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.09.23 14:38:18 | 000,935,208 | -H-- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.07.21 14:34:28 | 000,185,089 | -H-- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.13 16:48:18 | 000,108,289 | -H-- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.04.07 09:17:30 | 000,430,592 | -H-- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010.11.30 16:38:17 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.11.30 16:38:17 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.11.30 16:38:14 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.11.30 16:37:54 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.02.04 14:33:00 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.12.18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.12.16 00:37:21 | 000,314,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009.12.16 00:37:21 | 000,043,680 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.12.14 09:21:44 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2009.11.25 12:19:02 | 000,074,880 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009.09.08 10:40:20 | 000,142,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2009.09.08 10:40:20 | 000,105,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2009.09.08 10:40:20 | 000,016,040 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2009.08.09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2009.07.02 16:46:04 | 001,708,544 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:64bit: - [2009.07.02 16:46:04 | 000,032,768 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HCW85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.05.20 18:04:56 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.09.12 10:31:29 | 000,041,216 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2008.09.12 10:31:29 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2008.09.12 10:31:16 | 000,131,584 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiK0836.sys -- (SaiK0836)
DRV:64bit: - [2008.02.22 18:54:00 | 000,019,496 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM)
DRV:64bit: - [2007.10.16 10:36:46 | 010,693,120 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV:64bit: - [2007.09.17 15:53:34 | 000,029,184 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.05.30 19:15:12 | 000,018,688 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2006.11.10 15:08:58 | 000,030,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATITool64.sys -- (ATITool)
DRV - [2009.12.14 09:21:44 | 000,016,392 | -H-- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.10.14 08:24:44 | 000,011,856 | -H-- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2007.11.03 01:12:32 | 000,032,240 | -H-- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2007.10.16 10:35:58 | 010,376,576 | -H-- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2965497
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Winload Customized Web Search"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {25b3130e-8513-41b6-8ea8-43dbc9cc0f12}:1.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:3.3.3.2
FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:2.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q="
FF - prefs.js..network.proxy.autoconfig_url: "hxxp://www.chatroulette.com/"
FF - prefs.js..network.proxy.http: "82.206.129.160"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 2


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.21 16:43:56 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.25 16:17:01 | 000,000,000 | -H-D | M]

[2010.01.29 19:16:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Amadeus\AppData\Roaming\mozilla\Extensions
[2011.04.24 12:28:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Amadeus\AppData\Roaming\mozilla\Firefox\Profiles\otd6gy6a.default\extensions
[2010.03.04 16:50:20 | 000,000,000 | -H-D | M] (lufthansa.com) -- C:\Users\Amadeus\AppData\Roaming\mozilla\Firefox\Profiles\otd6gy6a.default\extensions\{25b3130e-8513-41b6-8ea8-43dbc9cc0f12}
[2011.04.22 19:25:27 | 000,000,000 | -H-D | M] (Winload Community Toolbar) -- C:\Users\Amadeus\AppData\Roaming\mozilla\Firefox\Profiles\otd6gy6a.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2011.03.11 16:47:36 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Amadeus\AppData\Roaming\mozilla\Firefox\Profiles\otd6gy6a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.11 16:47:34 | 000,000,000 | -H-D | M] (Adblock Plus) -- C:\Users\Amadeus\AppData\Roaming\mozilla\Firefox\Profiles\otd6gy6a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.04.22 19:25:31 | 000,000,000 | -H-D | M] (Conduit Engine) -- C:\Users\Amadeus\AppData\Roaming\mozilla\Firefox\Profiles\otd6gy6a.default\extensions\engine@conduit.com
[2010.06.03 10:43:19 | 000,002,004 | -H-- | M] () -- C:\Users\Amadeus\AppData\Roaming\Mozilla\Firefox\Profiles\otd6gy6a.default\searchplugins\3dlam-suche.xml
[2011.03.16 18:27:44 | 000,000,917 | -H-- | M] () -- C:\Users\Amadeus\AppData\Roaming\Mozilla\Firefox\Profiles\otd6gy6a.default\searchplugins\conduit.xml
[2011.04.21 10:44:26 | 000,001,056 | -H-- | M] () -- C:\Users\Amadeus\AppData\Roaming\Mozilla\Firefox\Profiles\otd6gy6a.default\searchplugins\icqplugin.xml
[2011.04.24 12:28:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.01.29 19:12:28 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.23 12:16:19 | 000,000,000 | -H-D | M] (Mein Gutscheincode Finder) -- C:\PROGRAM FILES (X86)\MEIN GUTSCHEINCODE FINDER\FIREFOX
[2010.01.29 19:13:35 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2006.09.26 12:03:14 | 000,098,304 | -H-- | M] (Zylom) -- C:\Program Files (x86)\mozilla firefox\plugins\npzylomgamesplayer.dll
[2010.12.13 23:47:45 | 000,001,392 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.12.13 23:47:45 | 000,002,344 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.12.13 23:47:45 | 000,006,805 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.12.13 23:47:45 | 000,001,178 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.12.13 23:47:45 | 000,001,105 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2011.01.03 00:55:29 | 000,000,994 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 gosredirector.ea.com
O1 - Hosts: 127.0.0.1 blazeserver.blazeemu.org
O1 - Hosts: 127.0.0.1 gosgvaprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 gosiadprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 gossjcprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 demangler.ea.com
O1 - Hosts: 127.0.0.1 vmp.tools.gos.ea.com
O2:64bit: - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll (Conversion One GmbH)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll (IDM)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Save Flash) - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files (x86)\Save Flash\SaveFlash.dll (PilotGroup LLC)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Save Flash) - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files (x86)\Save Flash\SaveFlash.dll (PilotGroup LLC)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [LyxDpHvjYMMKj] File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Amadeus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk = C:\Users\Amadeus\AppData\Local\vghd\bin\vghd.exe (Totem Entertainment)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Users\Amadeus\AppData\Roaming\install\svchost.exe
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Update Service = C:\Users\Amadeus\AppData\Roaming\scvhost\scvhost.exe
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Users\Amadeus\AppData\Roaming\install\svchost.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Update Service = C:\Users\Amadeus\AppData\Roaming\scvhost\scvhost.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Amadeus\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Amadeus\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6ea39c04-15a2-11e0-9676-002421deb866}\Shell - "" = AutoRun
O33 - MountPoints2\{6ea39c04-15a2-11e0-9676-002421deb866}\Shell\AutoRun\command - "" = K:\Install.exe
O33 - MountPoints2\{a43fda6e-1189-11df-9a21-002421deb866}\Shell - "" = AutoRun
O33 - MountPoints2\{a43fda6e-1189-11df-9a21-002421deb866}\Shell\AutoRun\command - "" = D:\FarCryAutoCD.exe
O33 - MountPoints2\{a43fdb66-1189-11df-9a21-002421deb866}\Shell - "" = AutoRun
O33 - MountPoints2\{a43fdb66-1189-11df-9a21-002421deb866}\Shell\AutoRun\command - "" = K:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.04.25 11:21:37 | 000,000,000 | ---D | C] -- C:\Users\Amadeus\AppData\Roaming\Malwarebytes
[2011.04.25 11:21:34 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.04.25 11:21:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.25 11:21:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.25 11:21:31 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.04.25 11:21:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.04.22 19:25:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webcam Simulator
[2011.04.22 19:25:45 | 000,152,848 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2011.04.22 19:25:45 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Webcam Simulator
[2011.04.22 19:25:45 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\wcs
[2011.04.22 19:25:23 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Conduit
[2011.04.22 19:25:21 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\ConduitEngine
[2011.04.22 19:25:19 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Winload
[2011.04.22 19:25:19 | 000,000,000 | -H-D | C] -- C:\Users\Amadeus\AppData\Local\Conduit
[2011.04.22 19:25:15 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Mein Gutscheincode Finder
[2011.04.19 19:00:15 | 000,000,000 | -H-D | C] -- C:\Users\Amadeus\AppData\Local\Netviewer
[2011.04.19 17:04:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Microsoft
[2011.04.19 17:04:34 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\MSN Toolbar
[2011.04.19 17:04:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Bing Bar Installer
[2011.04.18 12:08:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FXdirekt Bank AG
[2011.04.18 12:08:46 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\FXdirekt Bank AG
[2011.04.14 20:42:45 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.04.14 20:42:45 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.04.14 20:42:40 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.04.14 20:42:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.04.14 20:42:40 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.04.14 20:42:36 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011.04.14 20:42:36 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011.04.14 20:42:35 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.04.14 20:42:35 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.04.14 20:42:33 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.04.14 20:42:33 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.04.14 20:42:32 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.04.14 20:42:32 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.04.14 20:42:23 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.04.14 20:42:22 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.04.14 20:42:22 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.04.14 20:42:22 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.04.14 20:42:22 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.04.14 20:42:22 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.04.14 20:42:22 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.04.14 20:42:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.04.14 20:42:22 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.04.14 20:42:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.04.14 20:42:22 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.04.14 20:42:22 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.04.14 20:42:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.04.14 20:42:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.04.14 20:42:18 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.04.14 20:42:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011.04.14 20:42:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.04.14 20:42:12 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.04.14 20:42:12 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.04.14 20:42:12 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.04.14 20:42:12 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011.04.14 20:42:12 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011.04.14 20:42:11 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.04.14 20:42:11 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011.04.14 20:42:11 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011.04.12 19:46:30 | 000,000,000 | -H-D | C] -- C:\Users\Amadeus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtuaGirl
[2011.04.12 19:46:27 | 000,000,000 | -H-D | C] -- C:\Users\Amadeus\AppData\Local\vghd
[2011.04.04 15:39:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Flush
[2011.04.04 15:39:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\MGS
[2011.04.04 15:39:03 | 000,000,000 | ---D | C] -- C:\Microgaming
[2011.04.04 13:11:34 | 000,000,000 | ---D | C] -- C:\Casino
[2011.04.02 13:54:27 | 000,000,000 | -H-D | C] -- C:\Users\Amadeus\AppData\Roaming\Apple Computer
[2011.03.29 21:59:25 | 000,000,000 | -H-D | C] -- C:\Programme\Keller3
[2011.03.29 21:45:30 | 000,000,000 | -H-D | C] -- C:\Programme\Keller2
[2011.03.29 21:39:51 | 000,000,000 | -H-D | C] -- C:\Programme\Keller
[2011.03.29 17:08:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Keller-Systeme
[2011.03.29 17:08:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\KELLER
[2011.03.29 17:08:04 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2011.03.29 16:30:16 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2011.03.29 16:30:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.03.29 16:30:14 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2010.07.14 07:42:31 | 000,155,648 | -H-- | C] ( ) -- C:\Windows\SysWow64\rsnpstd3.dll
[2010.07.14 07:42:31 | 000,057,344 | -H-- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll
[2010.07.14 07:42:31 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.04.25 17:59:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.25 17:58:54 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.25 11:22:46 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.25 11:22:46 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.04.25 11:22:46 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.25 11:22:46 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.04.25 11:22:46 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.25 11:21:35 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.24 09:08:23 | 000,014,880 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 09:08:23 | 000,014,880 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 09:01:28 | 000,000,007 | ---- | M] () -- C:\Windows\treeskp.sys
[2011.04.24 09:01:28 | 000,000,007 | ---- | M] () -- C:\Windows\sbacknt.bin
[2011.04.23 12:17:05 | 000,000,958 | -H-- | M] () -- C:\Users\Amadeus\Desktop\Webcam Simulator.lnk
[2011.04.22 16:46:28 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2011.04.18 12:08:46 | 000,002,325 | -H-- | M] () -- C:\Users\Public\Desktop\FEXtrader Pro LIVE.lnk
[2011.04.18 12:08:46 | 000,002,325 | -H-- | M] () -- C:\Users\Public\Desktop\FEXtrader Pro DEMO.lnk
[2011.04.15 16:11:32 | 005,923,462 | -H-- | M] () -- C:\Users\Amadeus\Desktop\01-scooter_-_friends_turbo_(movie_version).mp3
[2011.04.15 03:27:59 | 000,314,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.04.12 19:46:30 | 000,001,074 | -H-- | M] () -- C:\Users\Amadeus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk
[2011.04.04 15:39:29 | 000,001,793 | -H-- | M] () -- C:\Users\Public\Desktop\Red Flush.lnk
[2011.04.04 13:51:11 | 000,000,745 | -H-- | M] () -- C:\Users\Public\Desktop\Swiss Casino.lnk
[2011.04.04 13:11:36 | 000,000,745 | -H-- | M] () -- C:\Users\Public\Desktop\Noble Casino.lnk
[2011.04.02 13:27:36 | 003,794,132 | -H-- | M] () -- C:\Users\Amadeus\Desktop\ZZ Top - Gimme All Your Lovin'.mp3
[2011.04.02 12:34:41 | 002,180,770 | -H-- | M] () -- C:\Users\Amadeus\Desktop\01 - Tush.mp3
[2011.03.28 16:04:55 | 002,510,085 | -H-- | M] () -- C:\Users\Amadeus\Desktop\13-you-never-can-tell.mp3
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.04.25 11:21:35 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.23 14:45:50 | 005,923,462 | -H-- | C] () -- C:\Users\Amadeus\Desktop\01-scooter_-_friends_turbo_(movie_version).mp3
[2011.04.22 19:25:46 | 000,000,958 | -H-- | C] () -- C:\Users\Amadeus\Desktop\Webcam Simulator.lnk
[2011.04.18 12:08:46 | 000,002,325 | -H-- | C] () -- C:\Users\Public\Desktop\FEXtrader Pro LIVE.lnk
[2011.04.18 12:08:46 | 000,002,325 | -H-- | C] () -- C:\Users\Public\Desktop\FEXtrader Pro DEMO.lnk
[2011.04.12 19:46:31 | 000,000,007 | ---- | C] () -- C:\Windows\treeskp.sys
[2011.04.12 19:46:31 | 000,000,007 | ---- | C] () -- C:\Windows\sbacknt.bin
[2011.04.12 19:46:30 | 000,001,074 | -H-- | C] () -- C:\Users\Amadeus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk
[2011.04.04 15:39:03 | 000,001,793 | -H-- | C] () -- C:\Users\Public\Desktop\Red Flush.lnk
[2011.04.04 13:51:11 | 000,000,757 | -H-- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Swiss Casino.lnk
[2011.04.04 13:51:11 | 000,000,745 | -H-- | C] () -- C:\Users\Public\Desktop\Swiss Casino.lnk
[2011.04.04 13:11:36 | 000,000,757 | -H-- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Noble Casino.lnk
[2011.04.04 13:11:36 | 000,000,745 | -H-- | C] () -- C:\Users\Public\Desktop\Noble Casino.lnk
[2011.04.02 13:54:19 | 000,272,180 | -H-- | C] () -- C:\Users\Amadeus\Desktop\Brennender Handschuh.3gp
[2011.04.02 13:27:26 | 003,794,132 | -H-- | C] () -- C:\Users\Amadeus\Desktop\ZZ Top - Gimme All Your Lovin'.mp3
[2011.04.02 12:34:39 | 002,180,770 | -H-- | C] () -- C:\Users\Amadeus\Desktop\01 - Tush.mp3
[2011.03.28 16:04:48 | 002,510,085 | -H-- | C] () -- C:\Users\Amadeus\Desktop\13-you-never-can-tell.mp3
[2010.12.26 10:52:40 | 000,215,128 | -H-- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.12.26 10:52:39 | 002,434,856 | -H-- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.12.26 10:52:39 | 000,075,064 | -H-- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.11.01 15:58:43 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.10.14 02:36:44 | 000,179,263 | -H-- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.10.13 10:51:36 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.09.28 16:26:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysWow64\golyek.dat
[2010.07.14 07:42:34 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2010.07.14 07:42:32 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2010.07.14 07:42:32 | 000,270,336 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2010.07.14 07:42:32 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2010.06.16 00:28:54 | 000,002,857 | -H-- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.04.01 02:11:48 | 000,043,520 | -H-- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.03.31 13:17:20 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2010.01.31 13:06:28 | 000,000,017 | -H-- | C] () -- C:\Users\Amadeus\AppData\Local\resmon.resmoncfg
[2010.01.29 19:07:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.01.27 23:07:09 | 000,000,083 | ---- | C] () -- C:\Windows\wwp.INI
[2010.01.27 22:35:22 | 000,010,752 | -H-- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010.01.18 16:18:27 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.01.18 11:42:41 | 199,394,291 | -H-- | C] () -- C:\Program Files (x86)\Worms World Party.exe
[2009.12.21 14:28:20 | 000,000,072 | ---- | C] () -- C:\Windows\cryavitowmv.ini
[2009.12.21 14:27:44 | 000,000,005 | -H-- | C] () -- C:\Windows\SysWow64\SySavitowmv.dat
[2009.12.18 20:05:29 | 000,178,176 | -H-- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.12.18 20:05:28 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009.12.18 20:05:27 | 000,819,200 | -H-- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.12.18 20:05:27 | 000,180,224 | -H-- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.12.18 20:05:25 | 000,085,504 | -H-- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.08.12 12:47:47 | 000,003,830 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | -H-- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | -H-- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.10.25 17:26:10 | 000,005,632 | -H-- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2007.01.23 14:11:20 | 000,141,312 | -H-- | C] () -- C:\Windows\SysWow64\QFClient2.dll
[2005.04.08 04:16:43 | 000,367,582 | -H-- | C] () -- C:\Users\Amadeus\AppData\Roaming\cglogs.dat
[2003.01.07 17:05:08 | 000,002,695 | -H-- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI

< End of report >

OTL Extras logfile created on: 25.04.2011 18:00:04 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = D:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 88,00% Memory free
8,00 Gb Paging File | 8,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 164,75 Gb Total Space | 19,58 Gb Free Space | 11,88% Space Free | Partition Type: NTFS
Drive D: | 3,73 Gb Total Space | 3,35 Gb Free Space | 89,98% Space Free | Partition Type: FAT32
Drive E: | 1220,50 Gb Total Space | 847,78 Gb Free Space | 69,46% Space Free | Partition Type: NTFS

Computer Name: AMADEUS-PC | User Name: Amadeus | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UACDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Amadeus\AppData\Roaming\scvhost\scvhost.exe" = C:\Users\Amadeus\AppData\Roaming\scvhost\scvhost.exe:*:Enabled:Windows Firewall Update
"C:\Users\Amadeus\AppData\Roaming\scvhost\scvhost.exe" = C:\Users\Amadeus\AppData\Roaming\scvhost\scvhost.exe:*:Enabled:Windows Firewall Update


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A116A8-E559-488C-879C-B212F3EA963A}" = Far Cry (Patch 1.32 AMD64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3E7D0D06-E32D-4F06-BB55-1671C8391D8E}" = Saitek SD6 Programming Software 6.5.2.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503640E5-B2ED-3173-D109-D4D03153471A}" = AMD Drag and Drop Transcoding
"{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}" = ATI Catalyst Install Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AE0D971F-5430-8874-B09E-3F1C76E2F8FF}" = WMV9/VC-1 Video Playback
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D29E5E5F-47CA-087E-DCBF-FB75171D5B2E}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"BC15EA930074932BB2C4B4493C9FD4EA95087D1A" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1E05CF2E-BF5F-4A43-9147-2CCBBE57BC3C}_is1" = Mein Gutscheincode Finder 1.0.0.0
"{1F0D5576-C383-4E5E-9906-0B47BECBB8B6}" = Hama Webcam Suite
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{21A127AE-2DAF-40B7-8374-34C3E629521C}" = Far Cry (Patch 1.3)
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3F66C4BF-4BD9-FF9C-FA9F-4579F60A33B3}" = Catalyst Control Center Graphics Previews Vista
"{3fd4d594-5cdb-4f69-91b7-2cd2308f03ba}" = Nero 9 Trial
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A914AE85-1A36-0575-714C-BF996BDA20C7}" = ccc-core-static
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AE249BA3-2421-3996-5E9A-DF4A9F3551FC}" = Catalyst Control Center InstallProxy
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BBF10B37-4ED3-11D5-A818-00500435FC18}" = Gothic
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{c89941c6-2445-4888-936f-ddd9602bc28e}" = Nero 9 Essentials
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{CE227560-EC2C-4263-8F64-FC4715721BCF}" = Cockpit
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{DB8B49A9-7CF1-34DB-6DF2-1EC41C0FE5E1}" = Catalyst Control Center Graphics Previews Common
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = Hama Webcam AC-150
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights Help
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"conduitEngine" = Conduit Engine
"Counter-Strike: Source v17" = Counter-Strike: Source v17
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"EADM" = EA Download Manager
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FEXtraderPro" = FEXtrader Pro
"Free Screen To Video_is1" = Free Screen To Video V 1.2
"GCH Guitar academy" = GCH Guitar academy
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.27022)
"Hydrogen" = Hydrogen
"ICQToolbar" = ICQ Toolbar
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.5.1 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"lufthansa.com_is1" = lufthansa.com 1.1
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Noble Casino" = Noble Casino
"NSIS_doas" = Das große Oxford Wörterbuch
"OpenAL" = OpenAL
"Pflanzen gegen Zombies" = Pflanzen gegen Zombies
"Pflanzen gegen Zombies Deluxe" = Pflanzen gegen Zombies Deluxe
"PunkBusterSvc" = PunkBuster Services
"QUICKfind" = QUICKfind server v1.1
"redflush" = Red Flush
"Save Flash" = Save Flash 4.3
"Sniper Ghost Warrior Deutsch Patch 1.0" = Sniper Ghost Warrior Deutsch Patch 1.0
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior
"Steam App 240" = Counter-Strike: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Swiss Casino" = Swiss Casino
"SYMplus Drehen deu" = SYMplus Drehen deu
"TuneUp Utilities" = TuneUp Utilities
"Two Worlds II" = Two Worlds II
"UT2004" = Unreal Tournament 2004
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.0.5
"Webcam Simulator_is1" = Webcam Simulator 6.3
"WinLiveSuite" = Windows Live Essentials
"Winload Toolbar" = Winload Toolbar
"Worms Reloaded_is1" = Worms Reloaded
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"VirtuaGirl_is1" = VirtuaGirl Version 1.0.6.00

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

 

Themen zu Kazy Virus wieder einmal
0x00000001, 7-zip, adblock, adware.casino, antivir, avgntflt.sys, avira, bho, c:\windows\system32\rundll32.exe, conduit, desktop, device driver, disabletaskmgr, error, explorer, firefox, flash player, format, grand theft auto, helper, hilfe!!, home, install.exe, location, logfile, mozilla, object, oldtimer, plug-in, port, realtek, registry, rundll, saver, scan, sched.exe, searchplugins, security, shell32.dll, shortcut, software, sptd.sys, start menu, system, syswow64, usb, virus, webcheck, winload toolbar


« Trojaner Kazy.mekml.1 seit gestern - Daten weg, PC fährt immer runter | Malware-Wurm »


Ähnliche Themen: Kazy Virus wieder einmal


  1. Ungültiges Bild, wieder einmal
    Log-Analyse und Auswertung - 12.04.2015 (15)
  2. Mache wieder einmal einen Kniefall vor Schrauber
    Lob, Kritik und Wünsche - 05.06.2014 (0)
  3. Wieder einmal rvzr-a.akamaihd.net - Befall
    Plagegeister aller Art und deren Bekämpfung - 16.01.2014 (9)
  4. Wieder einmal GVU-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 27.09.2013 (7)
  5. Wieder einmal - GVU-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 10.08.2013 (13)
  6. Polizei-Trojaner wieder einmal
    Log-Analyse und Auswertung - 17.10.2012 (16)
  7. Und wieder einmal: ChatZum
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (3)
  8. TR/Kazy.mekml.1 wieder einmal
    Plagegeister aller Art und deren Bekämpfung - 28.04.2011 (4)
  9. Wieder einmal der 20-TAN-Sparkassen-Trojaner
    Diskussionsforum - 12.10.2010 (1)
  10. Msn Virus wieder einmal
    Alles rund um Windows - 20.08.2010 (4)
  11. MyWay.MyWebSearch Infektion wieder einmal
    Log-Analyse und Auswertung - 26.02.2009 (2)
  12. Wieder einmal BDS/Frauder.bu
    Plagegeister aller Art und deren Bekämpfung - 11.09.2008 (2)
  13. Optix Pro 1.3 wieder einmal -.-
    Plagegeister aller Art und deren Bekämpfung - 09.07.2007 (3)
  14. Tr/Pakes.2 wieder einmal!
    Plagegeister aller Art und deren Bekämpfung - 12.04.2005 (3)
  15. wieder einmal realsearcher
    Log-Analyse und Auswertung - 03.10.2004 (12)
  16. Wieder einmal: about:blank
    Log-Analyse und Auswertung - 09.09.2004 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Kazy Virus wieder einmal - Guten Abend Ich hab seid gestern auch diesen Kazy Virus. Mein PC hing. Aufeinmal Desktop Schwarz und nur noch der Papierkorb zu sehn. Antivir meldete sich mit diesem Kazy Virus - Kazy Virus wieder einmal...
Archiv
Du betrachtest: Kazy Virus wieder einmal auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131