Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner über MSN

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.04.2010, 16:30   #1
Ciclon
 
Trojaner über MSN - Standard

Trojaner über MSN



Hi habe mir gestern abend nen Virus eingefangen nachdem mir nen kumpel per automsg nen virus geschickt hat den ich wiederum auch per automassege versendet habe an weitere 300 leute auf der kontaktliste...

hab dem ding dann den Kampf angesagt und durch zahlreiche tols 13 verschiedene trojaner die ich fand eliminiert.
nun poste ich aber zur sicherheit nochmal die logs von Otl, vieleicht könnt ihr mir sagen ob alles in ordnung ist oder ob das böse ding immernoch lebt.

log 1 OTL:

OTL logfile created on: 16/04/2010 16:06:16 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\***\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: Großbritannien | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 71.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = D:\Programme
Drive C: | 26.30 Gb Total Space | 5.33 Gb Free Space | 20.27% Space Free | Partition Type: NTFS
Drive D: | 419.92 Gb Total Space | 230.24 Gb Free Space | 54.83% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 19.52 Gb Total Space | 19.52 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ***-PC
Current User Name: ***
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
PRC - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - C:\Users\Public\dlll.exe ()
PRC - D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - D:\Programme\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - D:\Programme\TVersity\Media Server\MediaServer.exe ()
PRC - D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - D:\Programme\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\Programme\Razer\Lachesis\razerhid.exe ()
PRC - D:\Programme\Razer\Lachesis\razerofa.exe (Razer Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (TVersityMediaServer) -- D:\Programme\TVersity\Media Server\MediaServer.exe ()
SRV:64bit: - (AntiVirService) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV:64bit: - (AntiVirSchedulerService) -- D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (sp_rssrv) -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (VSS) -- C:\Windows\Vss [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\SysNative\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (SaiK0728) -- C:\Windows\SysNative\drivers\SaiK0728.sys (Saitek)
DRV - (CSC) -- C:\Windows\CSC [2009/09/17 19:50:10 | 000,000,000 | ---D | M]
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.giga.de"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: firetorrent@radicalsoft.com:1.0.7
FF - prefs.js..extensions.enabledItems: de_DE@dicts.j3e.de:20100306


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: D:\Programme\Mozilla Firefox\components [2010/04/01 15:55:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2010/04/01 15:55:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0\extensions\\Components: D:\Programme\Mozilla Thunderbird\components [2009/12/12 16:19:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0\extensions\\Plugins: D:\Programme\Mozilla Thunderbird\plugins [2010/03/21 22:18:44 | 000,000,000 | ---D | M]

[2009/12/12 16:19:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2009/12/12 16:19:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/04/16 13:59:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n399tqhx.default\extensions
[2009/11/27 16:34:30 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n399tqhx.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010/04/16 13:59:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n399tqhx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/03/11 15:56:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n399tqhx.default\extensions\de_DE@dicts.j3e.de
[2009/10/22 17:47:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n399tqhx.default\extensions\firetorrent@radicalsoft.com
[2009/11/27 16:34:33 | 000,001,201 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\n399tqhx.default\searchplugins\winamp-search.xml
[2010/04/16 13:59:30 | 000,000,000 | ---D | M] -- D:\Programme\Mozilla Firefox\extensions
[2009/11/21 11:44:50 | 000,238,776 | ---- | M] (Pando Networks) -- D:\Programme\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009/12/19 14:49:56 | 000,001,392 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009/12/19 14:49:56 | 000,002,344 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2009/12/19 14:49:56 | 000,006,805 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009/12/19 14:49:56 | 000,001,178 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009/12/19 14:49:56 | 000,000,801 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Lachesis] D:\Programme\Razer\Lachesis\razerhid.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Programme\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Pando Media Booster] D:\Programme\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKCU..\Run: [Windows System Guard] C:\Users\Public\dlll.exe ()
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{16222404-a5e4-11de-a29c-001d92326a20}\Shell - "" = AutoRun
O33 - MountPoints2\{16222404-a5e4-11de-a29c-001d92326a20}\Shell\AutoRun\command - "" = F:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/16 14:47:15 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010/04/16 14:47:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/16 14:47:06 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/16 14:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/04/16 14:44:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/04/16 14:22:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Spyware Terminator
[2010/04/16 14:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2010/03/31 13:56:22 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010/03/31 13:56:22 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2010/03/31 13:56:22 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010/03/31 13:56:22 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010/03/31 13:56:22 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010/03/31 13:56:22 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010/03/31 13:56:22 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010/03/31 13:56:22 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010/03/30 03:00:16 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010/03/27 13:34:24 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\neogamma
[2010/03/21 22:18:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DivX
[2010/03/21 22:16:38 | 000,000,000 | ---D | C] -- D:\Programme\DivX
[2010/03/21 22:15:58 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/03/21 20:54:16 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\WBFSManager
[2010/03/21 20:53:52 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\WBFS Manager Covers
[2010/03/21 20:53:52 | 000,000,000 | ---D | C] -- D:\Programme\WBFS
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/16 16:06:57 | 002,097,152 | -HS- | M] () -- C:\Users\***\ntuser.dat
[2010/04/16 15:37:52 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/16 15:37:52 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/16 15:37:01 | 000,654,096 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010/04/16 15:37:01 | 000,615,760 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/04/16 15:37:01 | 000,130,952 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010/04/16 15:37:01 | 000,107,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/04/16 15:37:00 | 001,501,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/04/16 15:32:45 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/16 15:32:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/16 15:32:38 | 3220,672,512 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/16 15:31:58 | 001,136,281 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010/04/16 14:47:10 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/16 14:45:05 | 000,001,940 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/16 14:23:07 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010/04/16 14:22:30 | 000,142,592 | ---- | M] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
[2010/04/16 13:50:06 | 000,001,054 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/04/16 00:21:57 | 000,001,878 | ---- | M] () -- C:\Users\***\Desktop\Trillian.lnk
[2010/04/11 18:04:39 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/04/08 22:18:40 | 000,060,085 | ---- | M] () -- C:\Users\***\Desktop\sfondo.jpg
[2010/04/08 22:16:37 | 000,047,391 | ---- | M] () -- C:\Users\***\Desktop\bannermiddle.jpg
[2010/04/08 22:15:59 | 000,001,619 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2010/04/02 21:16:39 | 000,000,853 | ---- | M] () -- C:\Users\***\Desktop\Action Replay Code Manager.lnk
[2010/04/02 21:15:02 | 000,010,740 | ---- | M] () -- C:\Users\***\Desktop\8kymn8714.jpg
[2010/04/02 21:14:14 | 000,921,654 | ---- | M] () -- C:\Users\***\Desktop\Image.jpg
[2010/03/30 18:24:31 | 000,000,448 | ---- | M] () -- C:\Windows\win.ini
[2010/03/30 18:24:29 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\Everest Poker.lnk
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/03/30 00:45:56 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/03/26 19:11:38 | 000,524,288 | ---- | M] () -- C:\Users\***\Desktop\b-yugioh2k10j.SAV
[2010/03/22 00:05:38 | 000,524,288 | ---- | M] () -- C:\Users\***\Desktop\DD-PKMP.SAV
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/16 14:47:10 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/16 14:45:05 | 000,001,940 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/16 14:23:07 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010/04/16 14:22:30 | 000,142,592 | ---- | C] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
[2010/04/08 22:18:40 | 000,060,085 | ---- | C] () -- C:\Users\***\Desktop\sfondo.jpg
[2010/04/08 22:16:37 | 000,047,391 | ---- | C] () -- C:\Users\***\Desktop\bannermiddle.jpg
[2010/04/08 22:15:59 | 000,001,619 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2010/04/02 21:15:01 | 000,010,740 | ---- | C] () -- C:\Users\***\Desktop\8kymn8714.jpg
[2010/04/02 21:13:20 | 000,921,654 | ---- | C] () -- C:\Users\***\Desktop\Image.jpg
[2010/03/30 18:24:29 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\Everest Poker.lnk
[2010/02/28 13:58:12 | 000,524,288 | -HS- | C] () -- C:\Users\***\ntuser.dat{7d370f8c-2460-11df-8054-001d92326a20}.TMContainer00000000000000000002.regtrans-ms
[2010/02/28 13:58:12 | 000,524,288 | -HS- | C] () -- C:\Users\***\ntuser.dat{7d370f8c-2460-11df-8054-001d92326a20}.TMContainer00000000000000000001.regtrans-ms
[2010/02/28 13:58:12 | 000,065,536 | -HS- | C] () -- C:\Users\***\ntuser.dat{7d370f8c-2460-11df-8054-001d92326a20}.TM.blf
[2010/01/10 22:12:54 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/01/10 22:12:53 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/01/10 22:12:52 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/01/10 22:12:52 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/01/10 22:12:51 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/01/10 22:12:51 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009/12/27 20:57:32 | 000,001,458 | ---- | C] () -- C:\Users\***\.recently-used.xbel
[2009/12/27 19:04:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/28 21:03:00 | 000,000,091 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2009/11/28 21:02:03 | 001,526,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/11/22 21:46:59 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/06 22:21:10 | 000,000,318 | ---- | C] () -- C:\Windows\game.ini
[2009/10/22 20:48:33 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2009/10/21 23:08:25 | 000,000,168 | ---- | C] () -- C:\Users\***\AppData\Roaming\default.rss
[2009/10/21 21:48:50 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/10/13 17:55:43 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2009/10/11 14:42:38 | 000,473,600 | ---- | C] () -- C:\Windows\SysWow64\oldharmony.dll
[2009/10/03 19:26:05 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll
[2009/09/19 20:37:18 | 000,000,410 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/09/17 19:55:40 | 002,097,152 | -HS- | C] () -- C:\Users\***\ntuser.dat
[2009/09/17 19:55:40 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2009/09/17 19:55:40 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2009/09/17 19:55:40 | 000,262,144 | -HS- | C] () -- C:\Users\***\ntuser.dat.LOG1
[2009/09/17 19:55:40 | 000,065,536 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2009/09/17 19:55:40 | 000,000,020 | -HS- | C] () -- C:\Users\***\ntuser.ini
[2009/09/17 19:55:40 | 000,000,000 | -HS- | C] () -- C:\Users\***\ntuser.dat.LOG2
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2005/02/05 21:46:00 | 000,004,608 | ---- | C] () -- C:\Windows\fgexec.dll
< End of report >

OTL log 2:

OTL Extras logfile created on: 16/04/2010 16:06:16 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\***\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: Großbritannien | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 71.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = D:\Programme
Drive C: | 26.30 Gb Total Space | 5.33 Gb Free Space | 20.27% Space Free | Partition Type: NTFS
Drive D: | 419.92 Gb Total Space | 230.24 Gb Free Space | 54.83% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 19.52 Gb Total Space | 19.52 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ***-PC
Current User Name: ***
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "D:\Programme\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "D:\Programme\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}" = Video DVD Maker v3.23.0.59
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{307B0932-8FB5-4C8F-88E6-9AC7819A1A4B}" = Aion
"{327A86F5-487C-4A85-9426-C966163A9684}" = Eve Market Scanner
"{37A58B85-C98F-11D5-B694-00E07D72A995}" = RM2K Mp3 Patch v1.1
"{389BE10D-555B-495B-A83E-E3D94B66D26A}" = CDRWIN 7
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4E6D2462-AB33-40BB-AA9F-3FA3E0DD0290}" = FlatOut 2
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7F256326-76D6-4F89-8487-FE411C52B50C}" = Mid2Abc
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95633EBE-216B-48B5-B103-0C9919787F46}" = Obscure
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online: Die Minen von Moria v02.02.03.8041
"Acoustica MP3 Audio Mixer" = Acoustica MP3 Audio Mixer
"Action Replay Code Manager_is1" = Action Replay Code Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Conan_is1" = Age of Conan: Hyborian Adventures
"Atlantica_EU" = Atlantica_EU
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bluefish" = Bluefish 1.3.7
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX-Setup
"EVE" = EVE Online (remove only)
"EVEMon" = EVEMon
"Everest Poker" = Everest Poker (Remove Only)
"FileZilla Client" = FileZilla Client 3.3.2.1
"Free Fire Screensaver" = Free Fire Screensaver
"Free Monitor for Google_is1" = Free Monitor for Google 2.5
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen)
"ImgBurn" = ImgBurn
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{95633EBE-216B-48B5-B103-0C9919787F46}" = Obscure
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.2.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"Mozilla Thunderbird (3.0)" = Mozilla Thunderbird (3.0)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Obscure2" = Obscure 2
"PunkBusterSvc" = PunkBuster Services
"RPG Maker 2000 1.07b" = RPG Maker 2000 1.07b
"RTP 1.32 Add-On for RM2k" = RTP 1.32 Add-On for RM2k
"RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
"Spyware Terminator_is1" = Spyware Terminator
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Trillian" = Trillian
"TVersity Codec Pack" = TVersity Codec Pack 1.2
"TVersity Media Server" = TVersity Media Server 1.7.2.1 Beta
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.2
"VueScan" = VueScan
"Warhammer Online: Age of Reckoning_is1" = Warhammer Online: Age of Reckoning
"Wav-2-Midi" = Wav-2-Midi
"WBFS Manager 3.0" = WBFS Manager 3.0
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"6a3b9aee8dca014d" = EveTrader
"LotRO MIDI Player" = LotRO MIDI Player
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13/04/2010 11:00:03 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 13/04/2010 11:00:04 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 15/04/2010 13:08:39 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 15/04/2010 13:08:40 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 15/04/2010 18:30:47 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 15/04/2010 18:30:48 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 16/04/2010 08:41:14 | Computer Name = ***-PC | Source = System Restore | ID = 8193
Description =

Error - 16/04/2010 08:42:49 | Computer Name = ***-PC | Source = System Restore | ID = 8193
Description =

Error - 16/04/2010 08:47:28 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 16/04/2010 08:47:29 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

[ Media Center Events ]
Error - 15/11/2009 16:02:14 | Computer Name = ***-PC | Source = Microsoft-Windows-Media Center Extender | ID = 112
Description =

[ System Events ]
Error - 16/04/2010 08:54:04 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nero BackItUp Scheduler 4.0" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2

Error - 16/04/2010 08:54:18 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126

Error - 16/04/2010 08:56:18 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126

Error - 16/04/2010 08:56:18 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WMPNetworkSvc" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2

Error - 16/04/2010 09:32:02 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TVersityMediaServer" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.

Error - 16/04/2010 09:32:48 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nero BackItUp Scheduler 4.0" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2

Error - 16/04/2010 09:32:58 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126

Error - 16/04/2010 09:34:58 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126

Error - 16/04/2010 09:34:58 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WMPNetworkSvc" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2

Error - 16/04/2010 09:51:20 | Computer Name = ***-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.


< End of report >


malwarebytes log:

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 3995

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

16/04/2010 15:31:26
mbam-log-2010-04-16 (15-31-26).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|)
Durchsuchte Objekte: 301986
Laufzeit: 31 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SFQEUDO1\folder[1].exe (Trojan.Downloader.Gen) -> No action taken.


Ich hoffe auf ne zügige antwort da ich meinen PC bis heute abend gerne wieder sauber hätte, nen keylogger wäre sehr unpraktisch ^^

Alt 16.04.2010, 19:55   #2
Ciclon
 
Trojaner über MSN - Standard

Trojaner über MSN



nachedem den ganzen Tag alles sauber zu sein schien fing der spaß nun um kurz vor 8 erneut an. ads gehen auf virenmeldungen und alles ohne mein zutun...
weiß jemand rat?
__________________


Alt 16.04.2010, 21:53   #3
Ciclon
 
Trojaner über MSN - Standard

Trojaner über MSN



hier mal die logs von heute abend nachdem sich der virus auf mystische weise reinstalliert hat:
mbam log:

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 3996

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

16/04/2010 20:50:38
mbam-log-2010-04-16 (20-50-38).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|)
Durchsuchte Objekte: 297708
Laufzeit: 30 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

OTC log 1:

OTL logfile created on: 16/04/2010 21:02:16 - Run 3
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Jan\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: Großbritannien | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 47.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = D:\Programme
Drive C: | 26.30 Gb Total Space | 5.30 Gb Free Space | 20.15% Space Free | Partition Type: NTFS
Drive D: | 419.92 Gb Total Space | 230.24 Gb Free Space | 54.83% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 19.52 Gb Total Space | 19.52 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JAN-PC
Current User Name: Jan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Jan\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
PRC - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - D:\Programme\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - D:\Programme\TVersity\Media Server\MediaServer.exe ()
PRC - D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - D:\Programme\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\Programme\Razer\Lachesis\razerhid.exe ()
PRC - D:\Programme\Razer\Lachesis\razerofa.exe (Razer Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\Jan\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (TVersityMediaServer) -- D:\Programme\TVersity\Media Server\MediaServer.exe ()
SRV:64bit: - (AntiVirService) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV:64bit: - (AntiVirSchedulerService) -- D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (sp_rssrv) -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (VSS) -- C:\Windows\Vss [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\SysNative\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (SaiK0728) -- C:\Windows\SysNative\drivers\SaiK0728.sys (Saitek)
DRV - (CSC) -- C:\Windows\CSC [2009/09/17 19:50:10 | 000,000,000 | ---D | M]
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.giga.de"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: firetorrent@radicalsoft.com:1.0.7
FF - prefs.js..extensions.enabledItems: de_DE@dicts.j3e.de:20100306


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: D:\Programme\Mozilla Firefox\components [2010/04/01 15:55:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2010/04/01 15:55:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0\extensions\\Components: D:\Programme\Mozilla Thunderbird\components [2009/12/12 16:19:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0\extensions\\Plugins: D:\Programme\Mozilla Thunderbird\plugins [2010/03/21 22:18:44 | 000,000,000 | ---D | M]

[2009/12/12 16:19:18 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\mozilla\Extensions
[2009/12/12 16:19:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/04/16 19:23:46 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\n399tqhx.default\extensions
[2009/11/27 16:34:30 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\n399tqhx.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010/04/16 13:59:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\n399tqhx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/03/11 15:56:17 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\n399tqhx.default\extensions\de_DE@dicts.j3e.de
[2009/10/22 17:47:37 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\n399tqhx.default\extensions\firetorrent@radicalsoft.com
[2009/11/27 16:34:33 | 000,001,201 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\FireFox\Profiles\n399tqhx.default\searchplugins\winamp-search.xml
[2010/04/16 19:23:46 | 000,000,000 | ---D | M] -- D:\Programme\Mozilla Firefox\extensions
[2009/11/21 11:44:50 | 000,238,776 | ---- | M] (Pando Networks) -- D:\Programme\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009/12/19 14:49:56 | 000,001,392 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009/12/19 14:49:56 | 000,002,344 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2009/12/19 14:49:56 | 000,006,805 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009/12/19 14:49:56 | 000,001,178 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009/12/19 14:49:56 | 000,000,801 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Lachesis] D:\Programme\Razer\Lachesis\razerhid.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Programme\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Pando Media Booster] D:\Programme\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKCU..\Run: [Windows System Guard] C:\Users\Public\dlll.exe File not found
O4 - Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{16222404-a5e4-11de-a29c-001d92326a20}\Shell - "" = AutoRun
O33 - MountPoints2\{16222404-a5e4-11de-a29c-001d92326a20}\Shell\AutoRun\command - "" = F:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/16 14:48:15 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010/04/16 14:48:14 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010/04/16 14:48:12 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/04/16 14:48:12 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/04/16 14:48:12 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/04/16 14:48:09 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010/04/16 14:48:09 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010/04/16 14:48:08 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010/04/16 14:48:08 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010/04/16 14:47:15 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes
[2010/04/16 14:47:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/16 14:47:06 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/16 14:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/04/16 14:44:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/04/16 14:22:30 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Spyware Terminator
[2010/04/16 14:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2010/03/31 13:56:22 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010/03/31 13:56:22 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2010/03/31 13:56:22 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010/03/31 13:56:22 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010/03/31 13:56:22 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010/03/31 13:56:22 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010/03/31 13:56:22 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010/03/31 13:56:22 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010/03/30 03:00:16 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010/03/27 13:34:24 | 000,000,000 | ---D | C] -- C:\Users\Jan\Desktop\neogamma
[2010/03/21 22:18:46 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\DivX
[2010/03/21 22:16:38 | 000,000,000 | ---D | C] -- D:\Programme\DivX
[2010/03/21 22:15:58 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/03/21 20:54:16 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\WBFSManager
[2010/03/21 20:53:52 | 000,000,000 | ---D | C] -- C:\Users\Jan\Documents\WBFS Manager Covers
[2010/03/21 20:53:52 | 000,000,000 | ---D | C] -- D:\Programme\WBFS
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/16 21:03:50 | 002,097,152 | -HS- | M] () -- C:\Users\Jan\ntuser.dat
[2010/04/16 20:18:57 | 001,501,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/04/16 20:18:57 | 000,654,096 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010/04/16 20:18:57 | 000,615,760 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/04/16 20:18:57 | 000,130,952 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010/04/16 20:18:57 | 000,107,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/04/16 20:18:10 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/16 20:18:10 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/16 20:12:41 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/16 20:12:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/16 20:12:32 | 3220,672,512 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/16 20:11:52 | 001,986,893 | -H-- | M] () -- C:\Users\Jan\AppData\Local\IconCache.db
[2010/04/16 17:32:22 | 000,151,864 | ---- | M] () -- C:\Users\Jan\Documents\cc_20100416_173207.reg
[2010/04/16 17:31:41 | 000,001,896 | ---- | M] () -- C:\Users\Jan\Desktop\CCleaner.lnk
[2010/04/16 17:16:49 | 000,001,878 | ---- | M] () -- C:\Users\Jan\Desktop\Trillian.lnk
[2010/04/16 14:47:10 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/16 14:45:05 | 000,001,940 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/16 14:23:07 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010/04/16 14:22:30 | 000,142,592 | ---- | M] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
[2010/04/16 13:50:06 | 000,001,054 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/04/11 18:04:39 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/04/08 22:18:40 | 000,060,085 | ---- | M] () -- C:\Users\Jan\Desktop\sfondo.jpg
[2010/04/08 22:16:37 | 000,047,391 | ---- | M] () -- C:\Users\Jan\Desktop\bannermiddle.jpg
[2010/04/08 22:15:59 | 000,001,619 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2010/04/02 21:16:39 | 000,000,853 | ---- | M] () -- C:\Users\Jan\Desktop\Action Replay Code Manager.lnk
[2010/04/02 21:15:02 | 000,010,740 | ---- | M] () -- C:\Users\Jan\Desktop\8kymn8714.jpg
[2010/04/02 21:14:14 | 000,921,654 | ---- | M] () -- C:\Users\Jan\Desktop\Image.jpg
[2010/03/30 18:24:31 | 000,000,448 | ---- | M] () -- C:\Windows\win.ini
[2010/03/30 18:24:29 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\Everest Poker.lnk
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/03/30 00:45:56 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/03/26 19:11:38 | 000,524,288 | ---- | M] () -- C:\Users\Jan\Desktop\b-yugioh2k10j.SAV
[2010/03/22 00:05:38 | 000,524,288 | ---- | M] () -- C:\Users\Jan\Desktop\DD-PKMP.SAV
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/16 17:32:11 | 000,151,864 | ---- | C] () -- C:\Users\Jan\Documents\cc_20100416_173207.reg
[2010/04/16 17:31:41 | 000,001,896 | ---- | C] () -- C:\Users\Jan\Desktop\CCleaner.lnk
[2010/04/16 14:47:10 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/16 14:45:05 | 000,001,940 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/16 14:23:07 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010/04/16 14:22:30 | 000,142,592 | ---- | C] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
[2010/04/08 22:18:40 | 000,060,085 | ---- | C] () -- C:\Users\Jan\Desktop\sfondo.jpg
[2010/04/08 22:16:37 | 000,047,391 | ---- | C] () -- C:\Users\Jan\Desktop\bannermiddle.jpg
[2010/04/08 22:15:59 | 000,001,619 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2010/04/02 21:15:01 | 000,010,740 | ---- | C] () -- C:\Users\Jan\Desktop\8kymn8714.jpg
[2010/04/02 21:13:20 | 000,921,654 | ---- | C] () -- C:\Users\Jan\Desktop\Image.jpg
[2010/03/30 18:24:29 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\Everest Poker.lnk
[2010/02/28 13:58:12 | 000,524,288 | -HS- | C] () -- C:\Users\Jan\ntuser.dat{7d370f8c-2460-11df-8054-001d92326a20}.TMContainer00000000000000000002.regtrans-ms
[2010/02/28 13:58:12 | 000,524,288 | -HS- | C] () -- C:\Users\Jan\ntuser.dat{7d370f8c-2460-11df-8054-001d92326a20}.TMContainer00000000000000000001.regtrans-ms
[2010/02/28 13:58:12 | 000,065,536 | -HS- | C] () -- C:\Users\Jan\ntuser.dat{7d370f8c-2460-11df-8054-001d92326a20}.TM.blf
[2010/01/10 22:12:54 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/01/10 22:12:53 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/01/10 22:12:52 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/01/10 22:12:52 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/01/10 22:12:51 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/01/10 22:12:51 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009/12/27 20:57:32 | 000,001,458 | ---- | C] () -- C:\Users\Jan\.recently-used.xbel
[2009/12/27 19:04:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/28 21:03:00 | 000,000,091 | ---- | C] () -- C:\Users\Jan\AppData\Local\fusioncache.dat
[2009/11/28 21:02:03 | 001,526,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/11/22 21:46:59 | 000,003,584 | ---- | C] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/06 22:21:10 | 000,000,318 | ---- | C] () -- C:\Windows\game.ini
[2009/10/22 20:48:33 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2009/10/21 23:08:25 | 000,000,168 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\default.rss
[2009/10/21 21:48:50 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/10/13 17:55:43 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2009/10/11 14:42:38 | 000,473,600 | ---- | C] () -- C:\Windows\SysWow64\oldharmony.dll
[2009/10/03 19:26:05 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll
[2009/09/19 20:37:18 | 000,000,410 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/09/17 19:55:40 | 002,097,152 | -HS- | C] () -- C:\Users\Jan\ntuser.dat
[2009/09/17 19:55:40 | 000,524,288 | -HS- | C] () -- C:\Users\Jan\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2009/09/17 19:55:40 | 000,524,288 | -HS- | C] () -- C:\Users\Jan\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2009/09/17 19:55:40 | 000,262,144 | -HS- | C] () -- C:\Users\Jan\ntuser.dat.LOG1
[2009/09/17 19:55:40 | 000,065,536 | -HS- | C] () -- C:\Users\Jan\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2009/09/17 19:55:40 | 000,000,020 | -HS- | C] () -- C:\Users\Jan\ntuser.ini
[2009/09/17 19:55:40 | 000,000,000 | -HS- | C] () -- C:\Users\Jan\ntuser.dat.LOG2
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2005/02/05 21:46:00 | 000,004,608 | ---- | C] () -- C:\Windows\fgexec.dll
< End of report >
OTC log 2:

OTL Extras logfile created on: 16/04/2010 21:02:16 - Run 3
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Jan\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: Großbritannien | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 47.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = D:\Programme
Drive C: | 26.30 Gb Total Space | 5.30 Gb Free Space | 20.15% Space Free | Partition Type: NTFS
Drive D: | 419.92 Gb Total Space | 230.24 Gb Free Space | 54.83% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 19.52 Gb Total Space | 19.52 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JAN-PC
Current User Name: Jan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "D:\Programme\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "D:\Programme\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}" = Video DVD Maker v3.23.0.59
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{307B0932-8FB5-4C8F-88E6-9AC7819A1A4B}" = Aion
"{327A86F5-487C-4A85-9426-C966163A9684}" = Eve Market Scanner
"{37A58B85-C98F-11D5-B694-00E07D72A995}" = RM2K Mp3 Patch v1.1
"{389BE10D-555B-495B-A83E-E3D94B66D26A}" = CDRWIN 7
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4E6D2462-AB33-40BB-AA9F-3FA3E0DD0290}" = FlatOut 2
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7F256326-76D6-4F89-8487-FE411C52B50C}" = Mid2Abc
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95633EBE-216B-48B5-B103-0C9919787F46}" = Obscure
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online: Die Minen von Moria v02.02.03.8041
"Acoustica MP3 Audio Mixer" = Acoustica MP3 Audio Mixer
"Action Replay Code Manager_is1" = Action Replay Code Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Conan_is1" = Age of Conan: Hyborian Adventures
"Atlantica_EU" = Atlantica_EU
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bluefish" = Bluefish 1.3.7
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX-Setup
"EVE" = EVE Online (remove only)
"EVEMon" = EVEMon
"Everest Poker" = Everest Poker (Remove Only)
"FileZilla Client" = FileZilla Client 3.3.2.1
"Free Fire Screensaver" = Free Fire Screensaver
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"ImgBurn" = ImgBurn
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{95633EBE-216B-48B5-B103-0C9919787F46}" = Obscure
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.2.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"Mozilla Thunderbird (3.0)" = Mozilla Thunderbird (3.0)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Obscure2" = Obscure 2
"PunkBusterSvc" = PunkBuster Services
"RPG Maker 2000 1.07b" = RPG Maker 2000 1.07b
"RTP 1.32 Add-On for RM2k" = RTP 1.32 Add-On for RM2k
"RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
"Spyware Terminator_is1" = Spyware Terminator
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Trillian" = Trillian
"TVersity Codec Pack" = TVersity Codec Pack 1.2
"TVersity Media Server" = TVersity Media Server 1.7.2.1 Beta
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.2
"VueScan" = VueScan
"Warhammer Online: Age of Reckoning_is1" = Warhammer Online: Age of Reckoning
"Wav-2-Midi" = Wav-2-Midi
"WBFS Manager 3.0" = WBFS Manager 3.0
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"6a3b9aee8dca014d" = EveTrader
"LotRO MIDI Player" = LotRO MIDI Player
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15/04/2010 13:08:39 | Computer Name = Jan-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 15/04/2010 13:08:40 | Computer Name = Jan-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 15/04/2010 18:30:47 | Computer Name = Jan-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 15/04/2010 18:30:48 | Computer Name = Jan-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 16/04/2010 08:41:14 | Computer Name = Jan-PC | Source = System Restore | ID = 8193
Description =

Error - 16/04/2010 08:42:49 | Computer Name = Jan-PC | Source = System Restore | ID = 8193
Description =

Error - 16/04/2010 08:47:28 | Computer Name = Jan-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 16/04/2010 08:47:29 | Computer Name = Jan-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 16/04/2010 14:08:58 | Computer Name = Jan-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

Error - 16/04/2010 14:08:58 | Computer Name = Jan-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System
Error: 0xC0000039 (unresolvable).

[ Media Center Events ]
Error - 15/11/2009 16:02:14 | Computer Name = Jan-PC | Source = Microsoft-Windows-Media Center Extender | ID = 112
Description =

[ System Events ]
Error - 16/04/2010 14:04:10 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TVersityMediaServer" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.

Error - 16/04/2010 14:04:54 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nero BackItUp Scheduler 4.0" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2

Error - 16/04/2010 14:05:05 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126

Error - 16/04/2010 14:07:02 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126

Error - 16/04/2010 14:07:03 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WMPNetworkSvc" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2

Error - 16/04/2010 14:11:59 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TVersityMediaServer" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.

Error - 16/04/2010 14:12:50 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nero BackItUp Scheduler 4.0" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2

Error - 16/04/2010 14:13:03 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126

Error - 16/04/2010 14:15:00 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126

Error - 16/04/2010 14:15:00 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WMPNetworkSvc" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2


< End of report >
__________________

Antwort

Themen zu Trojaner über MSN
antivir, avgntflt.sys, avira, bho, c:\windows\system32\rundll32.exe, call of duty, components, content.ie5, converter, crysis, desktop, downloader, entfernen, error, firefox, firefox.exe, flash player, fontcache, google, hdaudio.sys, iexplore.exe, install.exe, langs, location, logfile, media center, mozilla thunderbird, mp3, object, oldtimer, otl.exe, pando media booster, plug-in, programdata, realtek, saver, schattenkopien, sched.exe, searchplugins, security, server, shell32.dll, shortcut, software, sptd.sys, spyware, spyware terminator, start menu, super, svchost.exe, system restore, syswow64, teamspeak, trojan.downloader.gen, trojaner, virus, virus eingefangen, vlc media player, webcheck, windows, windows system, youtube downloader



Ähnliche Themen: Trojaner über MSN


  1. Treiber über Geräte Manager oder über Software aus dem Internet Downloaden ?
    Netzwerk und Hardware - 11.04.2015 (8)
  2. BSI Mitteilung über Sperrung der Daten! (bekannter Trojaner) Alles läuft weiterhin problemlos. Trojaner ja oder nein?
    Log-Analyse und Auswertung - 27.10.2013 (5)
  3. Über 900 PUP.Optional.-Funde über Malewarebyte
    Plagegeister aller Art und deren Bekämpfung - 22.08.2013 (13)
  4. Über 40GB freier Speicherplatz auf C:\ über Nacht verschwunden
    Plagegeister aller Art und deren Bekämpfung - 29.01.2013 (1)
  5. GVU-Trojaner über hawaiidermatology.com? + unsichere eigene Website durch diesen Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 15.01.2013 (16)
  6. Trojaner/Virus über malwarebyte gefunden; Infizierung über Link - was nun?
    Log-Analyse und Auswertung - 14.09.2012 (5)
  7. Internet über W-Lan langsam, aber über LAN schnell
    Plagegeister aller Art und deren Bekämpfung - 16.12.2011 (5)
  8. Malwarebytes sperrt daheim über Wlan ständig verbindungen, über umts stick jedoch nicht
    Plagegeister aller Art und deren Bekämpfung - 26.07.2011 (11)
  9. Mit Trojaner (Worm.KoobFace) über Facebook infiziert/Trojaner verschwunden?
    Plagegeister aller Art und deren Bekämpfung - 14.11.2009 (1)
  10. über 100 trojaner
    Log-Analyse und Auswertung - 22.06.2009 (6)
  11. Trojaner über msn
    Plagegeister aller Art und deren Bekämpfung - 22.10.2008 (1)
  12. Seiten laden weder über FF, noch über IE
    Log-Analyse und Auswertung - 24.09.2008 (4)
  13. Net Bios über TCT/IP über Gerätemanager abschalten?
    Alles rund um Windows - 14.06.2008 (15)
  14. Virus/Trojaner über MSN
    Plagegeister aller Art und deren Bekämpfung - 12.06.2008 (1)
  15. trojaner über msn
    Alles rund um Windows - 31.07.2007 (1)
  16. Trojaner über MSN?
    Log-Analyse und Auswertung - 19.04.2007 (6)
  17. Plötzlich über 400 Fehlermeldung mit Antivir und über 100 bei escan
    Antiviren-, Firewall- und andere Schutzprogramme - 31.03.2006 (5)

Zum Thema Trojaner über MSN - Hi habe mir gestern abend nen Virus eingefangen nachdem mir nen kumpel per automsg nen virus geschickt hat den ich wiederum auch per automassege versendet habe an weitere 300 leute - Trojaner über MSN...
Archiv
Du betrachtest: Trojaner über MSN auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.