Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Mein Internet Explorer öffnet einfach Seiten mit Werbungen.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.05.2010, 22:15   #1
JonWayn
 
Mein Internet Explorer öffnet einfach Seiten mit Werbungen. - Standard

Mein Internet Explorer öffnet einfach Seiten mit Werbungen.



Hallo,
und schonmal ein herzliches DANKESCHÖN an alle die mir versuchen zu helfen. Ich habe mir scheinbar auch einen Virus draufgeladen, welcher meinen Internet Explorer, den ich sonst nie benutze, einfach mal öffnet und irgendwelche Werbungseiten aufruft. Habe schon Antivir laufen lassen, doch das erkennt nur Trojaner und Malware welche ich schon alle in Quarantäne geschoben habe. Hilft alles nichts. Da das Problem schon öfter aufgetreten zu sein scheint, hoffe ich das mir schnell geholfen werden kann. Lg Jonas

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:04:10, on 04.05.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Users\MIETSC~1\AppData\Local\Temp\Gcw.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Virtual CD v9\System\VC9Play.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools Pro\DTAgent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\conime.exe
C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0\RGSC.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Users\MIETSC~1\AppData\Local\Temp\Gcx.exe
C:\Program Files\Opera\opera.exe
c:\Users\mietschies\Documents\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2431245
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: P2P Max DE Toolbar - {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Program Files\P2P_Max_DE\tbP2P0.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll
O1 - Hosts: ::1 localhost
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: 778670 helper - {1B12F639-CBA9-45DD-89FE-9FA7D4340716} - (no file)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: QXK Olive - {7E1C93A1-907F-4F3F-955A-5B46BA08457D} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: P2P Max DE Toolbar - {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Program Files\P2P_Max_DE\tbP2P0.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: (no name) - {90222687-F593-4738-B738-FBEE9C7B26DF} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: qndsfmao - {8925A538-F508-4A3E-8AF9-6C39E2D3AE7B} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: P2P Max DE Toolbar - {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Program Files\P2P_Max_DE\tbP2P0.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IS CfgWiz] "c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [VC9Player] C:\Program Files\Virtual CD v9\System\VC9Play.exe
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Canaveral] rundll32.exe C:\Users\MIETSC~1\AppData\Local\Temp\sshnas21.dll,BackupReadW
O4 - HKCU\..\Run: [M5T8QL3YW3] C:\Users\MIETSC~1\AppData\Local\Temp\Gcx.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: phase-6 Reminder.lnk = C:\Program Files\phase-6\phase-6\reminder\reminder.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O21 - SSODL: kvxqmtre - {EE0B1EFB-E977-42C2-BC92-49D3E494FB39} - (no file)
O21 - SSODL: evgratsm - {DE376580-867B-4F5A-A473-B69F3A8F4A48} - (no file)
O21 - SSODL: StdDrv - {18b567c4-69cf-446e-9940-2ac63f750905} - (no file)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (file missing)
O23 - Service: Dragon Age: Origins - Inhaltsupdater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c988f78e8c0b34) (gupdate1c988f78e8c0b34) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\Windows\system32\UAService7.exe
O23 - Service: Virtual CD v9 Management Service (VC9SecS) - H+H Software GmbH - C:\Program Files\Virtual CD v9\System\VC9SecS.exe

--
End of file - 14315 bytes

Alt 05.05.2010, 12:18   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein Internet Explorer öffnet einfach Seiten mit Werbungen. - Standard

Mein Internet Explorer öffnet einfach Seiten mit Werbungen.



Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 05.05.2010, 18:44   #3
JonWayn
 
Mein Internet Explorer öffnet einfach Seiten mit Werbungen. - Standard

Mein Internet Explorer öffnet einfach Seiten mit Werbungen.



So, erstmal danke für die absolut schnelle antwort

habe beide Scans durchgeführt mit folgenden Ergebnissen
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4052

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

05.05.2010 18:11:26
mbam-log-2010-05-05 (18-11-26).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 429962
Laufzeit: 2 Stunde(n), 39 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 25
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 5
Infizierte Dateien: 11

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\f406.f406mgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\f406.f406mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1b12f639-cba9-45dd-89fe-9fa7d4340716} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1b12f639-cba9-45dd-89fe-9fa7d4340716} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1b12f639-cba9-45dd-89fe-9fa7d4340716} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\qndsfmao.bwkt (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\qndsfmao.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\advantage (Adware.Vomba) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VAV (Rogue.VistaAntiVirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WebMediaPlayer (Rogue.WebMedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e1c93a1-907f-4f3f-955a-5b46ba08457d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7e1c93a1-907f-4f3f-955a-5b46ba08457d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\evgratsm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\kvxqmtre (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\updates (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Windows\System32\778670 (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Program Files\Cheat Engine\Systemcallretriever.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\mietschies\AppData\Local\Temp\gmfrxpgv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\mietschies\AppData\Local\Temp\rknfl.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\mietschies\AppData\Roaming\0979169DDB67BF102637976E655C6EB9\gotnewupdate.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\mietschies\Downloads\2.4.0-2.4.1 WoW Patch.exe (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\wmp_translation_file.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Windows\System32\sex2.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\ICQToolbar\toolbaru.dll (Trojan.BHO) -> Quarantined and deleted successfully.
         

Code:
ATTFilter
OTL logfile created on: 05.05.2010 18:21:53 - Run 1
OTL by OldTimer - Version 3.2.4.1     Folder = C:\Users\mietschies\Documents
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,35 Gb Total Space | 34,14 Gb Free Space | 11,25% Space Free | Partition Type: NTFS
Drive D: | 150,69 Gb Total Space | 89,49 Gb Free Space | 59,39% Space Free | Partition Type: NTFS
Drive E: | 6,99 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: GUILD-KILLER
Current User Name: mietschies
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\mietschies\Documents\OTL.exe (OldTimer Tools)
PRC - C:\Users\mietschies\AppData\Local\Temp\Gcx.exe ()
PRC - C:\Programme\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
PRC - C:\Programme\DAEMON Tools Pro\DTShellHlp.exe (DT Soft Ltd)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Windows\System32\UAService7.exe (Sony DADC Austria AG.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Opera\opera.exe (Opera Software)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\RocketDock\RocketDock.exe ()
PRC - C:\Programme\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe ()
PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Programme\Virtual CD v9\System\VC9Play.exe (H+H Software GmbH)
PRC - C:\Programme\Virtual CD v9\System\VC9SecS.exe (H+H Software GmbH)
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
PRC - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - c:\Programme\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - c:\Programme\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)
PRC - C:\Programme\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDClock.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\LCDMon.exe (Logitech Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\mietschies\Documents\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (FirebirdServerMAGIXInstance) --  File not found
SRV - (comHost) --  File not found
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Boonty Games) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY)
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\Windows\System32\UAService7.exe (Sony DADC Austria AG.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (DAUpdaterSvc) -- C:\Programme\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (appdrvrem01) Application Driver Auto Removal Service (01) -- C:\Windows\System32\appdrvrem01.exe (Protection Technology)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (GoogleDesktopManager) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation)
SRV - (MySQL) -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe ()
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (VC9SecS) -- C:\Programme\Virtual CD v9\System\VC9SecS.exe (H+H Software GmbH)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (ISPwdSvc) -- c:\Program Files\Norton Internet Security\isPwdSvc.exe (Symantec Corporation)
SRV - (CLTNetCnService) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (SymAppCore) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (appdrv01) Application Driver (01) -- C:\Windows\System32\drivers\appdrv01.sys (Protection Technology)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ACEDRV07) -- C:\Windows\System32\drivers\ACEDRV07.sys (Protect Software GmbH)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (ACEDRV05) -- C:\Windows\System32\drivers\ACEDRV05.sys (Protect Software GmbH)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (vdrv9000) -- C:\Windows\System32\drivers\vdrv9000.sys (H+H Software GmbH)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVENG.SYS (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20061025.029\IDSvix86.sys (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (HH9Help.sys) -- C:\Windows\System32\drivers\HH9Help.sys (H+H Software GmbH)
DRV - (nvraid) NVIDIA nForce(tm) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvatabus) -- C:\Windows\system32\drivers\nvatabus.sys (NVIDIA Corporation)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (JGOGO) -- C:\Windows\system32\drivers\jgogo.sys (JMicron )
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Programme\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2431245
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Programme\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2431245&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100119091315
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.8.6
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2008.11.27 22:37:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.02 18:22:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.02 18:22:46 | 000,000,000 | ---D | M]
 
[2008.11.27 22:42:23 | 000,000,000 | ---D | M] -- C:\Users\mietschies\AppData\Roaming\Mozilla\Extensions
[2010.05.03 21:06:46 | 000,000,000 | ---D | M] -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions
[2009.11.17 12:38:29 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009.12.24 20:10:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.03.14 20:48:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.05.01 15:22:35 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.03.14 20:48:06 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.04.06 17:45:21 | 000,000,000 | ---D | M] (P2P Max DE Toolbar) -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{e0007d18-baa4-4573-ae78-8bea0958c610}
[2008.09.28 20:07:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.04.21 18:57:32 | 000,000,000 | ---D | M] -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\DTToolbar@toolbarnet.com
[2010.01.30 22:26:07 | 000,000,000 | ---D | M] -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\firefox@tvunetworks.com
[2009.05.08 15:05:10 | 000,000,000 | ---D | M] -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\moveplayer@movenetworks.com
[2010.03.14 20:48:06 | 000,000,000 | ---D | M] -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\staged-xpis
[2010.03.16 11:42:56 | 000,000,927 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\conduit.xml
[2010.04.21 18:57:21 | 000,002,059 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\daemon-search.xml
[2010.04.29 11:57:24 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-1.xml
[2008.11.27 22:42:42 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-10.xml
[2008.11.30 16:57:10 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-11.xml
[2008.12.20 11:19:41 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-12.xml
[2009.02.06 17:46:30 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-13.xml
[2009.03.07 14:25:30 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-14.xml
[2009.04.04 19:59:51 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-15.xml
[2009.04.07 13:28:25 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-16.xml
[2009.04.24 12:48:32 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-17.xml
[2009.04.28 19:46:00 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-18.xml
[2009.06.12 11:38:39 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-19.xml
[2007.12.31 09:59:02 | 000,000,949 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-2.xml
[2009.07.23 13:23:35 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-20.xml
[2009.08.05 08:21:24 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-21.xml
[2009.09.12 16:21:58 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-22.xml
[2009.10.29 10:13:19 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-23.xml
[2009.12.16 23:11:09 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-24.xml
[2010.01.08 15:34:48 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-25.xml
[2010.02.19 17:18:32 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-26.xml
[2010.03.24 12:38:39 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-27.xml
[2010.04.02 18:23:07 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-28.xml
[2010.04.21 18:57:46 | 000,000,950 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-29.xml
[2008.02.08 20:26:39 | 000,000,949 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-3.xml
[2008.03.27 17:21:54 | 000,000,949 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-4.xml
[2008.04.19 14:41:26 | 000,000,949 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-5.xml
[2008.07.02 10:04:41 | 000,000,949 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-6.xml
[2008.07.16 20:07:34 | 000,000,949 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-7.xml
[2008.10.24 17:42:19 | 000,000,949 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-8.xml
[2008.11.14 22:35:56 | 000,000,949 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin-9.xml
[2009.06.07 14:21:06 | 000,000,944 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\icqplugin.xml
[2009.06.12 11:37:47 | 000,001,196 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\searchplugins\winamp-search.xml
[2010.04.21 18:57:48 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.06.11 09:57:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2007.12.24 23:49:13 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
[2008.10.07 16:41:55 | 000,024,683 | ---- | M] (Ask.com) -- C:\Programme\Mozilla Firefox\plugins\NPAskSBr.dll
[2008.07.08 23:07:06 | 000,040,960 | ---- | M] (BYOND) -- C:\Programme\Mozilla Firefox\plugins\npbyond.dll
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (P2P Max DE Toolbar) - {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Programme\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar BHO) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programme\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - {8925A538-F508-4A3E-8AF9-6C39E2D3AE7B} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {90222687-F593-4738-B738-FBEE9C7B26DF} - No CLSID value found.
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (P2P Max DE Toolbar) - {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Programme\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programme\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (P2P Max DE Toolbar) - {E0007D18-BAA4-4573-AE78-8BEA0958C610} - C:\Programme\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [IS CfgWiz] c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe (Symantec Corporation)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\G-series Software\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [osCheck] c:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [VC9Player] C:\Programme\Virtual CD v9\System\VC9Play.exe (H+H Software GmbH)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [M5T8QL3YW3] C:\Users\mietschies\AppData\Local\Temp\Gcx.exe ()
O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: StdDrv - {18b567c4-69cf-446e-9940-2ac63f750905} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\mietschies\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\mietschies\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {9DE6E729-3CBD-42A2-AE52-C99609B230D4} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (C:\Windows\system32\mlJDusqp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.07.23 22:32:11 | 000,000,000 | ---D | M] - D:\Autorun -- [ NTFS ]
O32 - AutoRun File - [2008.02.01 09:49:57 | 000,862,208 | ---- | M] () - D:\autorun.dat -- [ NTFS ]
O32 - AutoRun File - [2008.02.01 09:49:52 | 000,402,696 | ---- | M] (Electronic Arts) - D:\AutoRun.exe -- [ NTFS ]
O32 - AutoRun File - [2008.02.01 09:49:46 | 000,000,160 | ---- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{077e7491-d6ec-11dc-87e3-00192145a9e0}\Shell - "" = AutoRun
O33 - MountPoints2\{077e7491-d6ec-11dc-87e3-00192145a9e0}\Shell\AutoRun\command - "" = L:\noautorun.exe -- File not found
O33 - MountPoints2\{ddc56561-ad00-11de-bd5e-00192145a9e0}\Shell\AutoRun\command - "" = ysep1.exe
O33 - MountPoints2\{ddc56561-ad00-11de-bd5e-00192145a9e0}\Shell\open\Command - "" = ysep1.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.05.05 18:20:03 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\mietschies\Documents\OTL.exe
[2010.05.05 13:19:02 | 000,000,000 | ---D | C] -- C:\Users\mietschies\AppData\Roaming\Malwarebytes
[2010.05.05 13:18:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.05 13:18:53 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.05 13:18:53 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.05.05 13:18:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.05 13:18:16 | 006,153,648 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\mietschies\Documents\mbam-setup.exe
[2010.05.04 22:01:58 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\mietschies\Documents\HiJackThis.exe
[2010.05.04 20:53:34 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010.05.04 20:53:16 | 000,119,808 | ---- | C] (Atribune.org) -- C:\Users\mietschies\Documents\VundoFix.exe
[2010.05.01 15:45:50 | 000,000,000 | ---D | C] -- C:\Users\mietschies\AppData\Roaming\0979169DDB67BF102637976E655C6EB9
[2010.05.01 15:22:54 | 000,000,000 | ---D | C] -- C:\Users\mietschies\AppData\Local\TVU Networks
[2010.05.01 15:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2010.05.01 15:22:40 | 000,000,000 | ---D | C] -- C:\Programme\TVUPlayer
[2010.05.01 15:22:40 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[2010.05.01 15:22:37 | 000,000,000 | ---D | C] -- C:\Programme\softonic-de3
[2010.04.27 15:21:47 | 000,000,000 | ---D | C] -- C:\Programme\XP Codec Pack
[2010.04.27 15:19:33 | 024,391,296 | ---- | C] (Spiceworks, Inc.) -- C:\Users\mietschies\Documents\Spiceworks.exe
[2010.04.21 19:14:21 | 000,000,000 | ---D | C] -- C:\Programme\DAEMON Tools Pro
[2010.04.21 19:14:05 | 000,000,000 | ---D | C] -- C:\Users\mietschies\AppData\Roaming\DAEMON Tools Pro
[2010.04.21 19:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2010.04.21 19:12:59 | 010,088,256 | ---- | C] (DT Soft Ltd.) -- C:\Users\mietschies\Documents\DAEMONToolsPro4360309-0160.exe
[2010.04.21 18:57:21 | 000,000,000 | ---D | C] -- C:\Programme\DAEMON Tools Toolbar
[2010.04.21 18:55:25 | 000,000,000 | ---D | C] -- C:\Users\mietschies\AppData\Roaming\DAEMON Tools Lite
[2010.04.21 18:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.04.21 18:54:35 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Users\mietschies\Documents\daemon_lite.exe
[2010.04.21 18:12:56 | 000,000,000 | ---D | C] -- C:\Users\mietschies\Documents\Rockstar Games
[2010.04.21 18:08:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.04.21 17:53:31 | 000,000,000 | ---D | C] -- C:\Users\mietschies\AppData\Local\Rockstar Games
[2010.04.21 17:48:50 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Games for Windows - LIVE
[2010.04.21 17:18:05 | 000,000,000 | ---D | C] -- C:\Programme\Rockstar Games
[2010.04.15 19:10:42 | 001,924,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\mietschies\install_flash_player.exe
[2010.04.15 12:16:43 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.15 12:16:43 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.15 12:16:41 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.15 12:16:39 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.15 12:16:39 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.04.14 12:44:08 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.04.08 19:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\BioWare
[2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\Windows\System32\drvc.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\mietschies\Documents\*.tmp files -> C:\Users\mietschies\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.05.05 18:24:59 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{ECB209C1-EF82-4205-B8BA-33541061685C}.job
[2010.05.05 18:20:46 | 004,980,736 | -HS- | M] () -- C:\Users\mietschies\NTUSER.DAT
[2010.05.05 18:20:03 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\mietschies\Documents\OTL.exe
[2010.05.05 18:17:42 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.05.05 18:16:10 | 000,035,381 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.05.05 18:16:10 | 000,035,381 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.05.05 18:15:27 | 000,000,302 | -H-- | M] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2010.05.05 18:15:23 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.05 18:15:15 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 18:15:15 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 18:15:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.05 18:15:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.05 18:15:08 | 2146,754,560 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.05 18:13:33 | 000,524,288 | -HS- | M] () -- C:\Users\mietschies\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.05.05 18:13:33 | 000,065,536 | -HS- | M] () -- C:\Users\mietschies\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.05.05 18:13:31 | 006,291,456 | -H-- | M] () -- C:\Users\mietschies\AppData\Local\IconCache.db
[2010.05.05 18:12:59 | 000,012,460 | ---- | M] () -- C:\Users\mietschies\Documents\Malwarebytes.docx
[2010.05.05 17:33:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.05 13:18:57 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.05 13:18:21 | 006,153,648 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\mietschies\Documents\mbam-setup.exe
[2010.05.04 22:01:58 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\mietschies\Documents\HiJackThis.exe
[2010.05.04 20:53:16 | 000,119,808 | ---- | M] (Atribune.org) -- C:\Users\mietschies\Documents\VundoFix.exe
[2010.05.03 16:31:08 | 000,524,288 | -HS- | M] () -- C:\Users\mietschies\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.04.30 12:40:15 | 000,135,168 | ---- | M] () -- C:\Users\mietschies\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.30 09:42:19 | 000,429,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.29 10:08:18 | 005,549,301 | ---- | M] () -- C:\Users\mietschies\Documents\LaunchGTAIV.zip
[2010.04.27 15:21:58 | 000,000,901 | ---- | M] () -- C:\Users\mietschies\Desktop\Media Player Classic.lnk
[2010.04.27 15:20:21 | 024,391,296 | ---- | M] (Spiceworks, Inc.) -- C:\Users\mietschies\Documents\Spiceworks.exe
[2010.04.27 15:20:17 | 007,858,598 | ---- | M] () -- C:\Users\mietschies\Documents\XP-Codec-Pack_2.5.1.exe
[2010.04.22 06:26:30 | 000,001,723 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
[2010.04.21 19:24:54 | 000,029,031 | ---- | M] () -- C:\Users\mietschies\Documents\YASU_1.1_7035.rar
[2010.04.21 19:23:27 | 001,427,212 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.21 19:23:27 | 000,621,714 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.04.21 19:23:27 | 000,589,884 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.21 19:23:27 | 000,123,452 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.04.21 19:23:27 | 000,101,896 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.21 19:14:55 | 000,697,328 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.04.21 19:13:10 | 010,088,256 | ---- | M] (DT Soft Ltd.) -- C:\Users\mietschies\Documents\DAEMONToolsPro4360309-0160.exe
[2010.04.21 19:11:28 | 000,038,446 | ---- | M] () -- C:\Users\mietschies\Documents\YASU_1.5_8111_public.zip
[2010.04.21 18:54:45 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Users\mietschies\Documents\daemon_lite.exe
[2010.04.21 18:48:15 | 000,044,857 | ---- | M] () -- C:\Users\mietschies\Documents\YASU_1.6_9040.zip
[2010.04.21 18:35:21 | 000,001,770 | ---- | M] () -- C:\Users\mietschies\Documents\GTA4_bended.rar
[2010.04.21 18:26:10 | 000,010,200 | ---- | M] () -- C:\Users\mietschies\Documents\Chrispysto.docx
[2010.04.21 17:51:47 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.04.21 17:18:05 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2010.04.20 17:01:01 | 000,000,047 | ---- | M] () -- C:\Users\mietschies\AppData\Roaming\AVSDVDPlayer.m3u
[2010.04.19 18:41:14 | 000,164,276 | ---- | M] () -- C:\Windows\hpoins19.dat
[2010.04.19 18:40:40 | 000,000,254 | ---- | M] () -- C:\Windows\win.ini
[2010.04.15 19:10:42 | 001,924,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\mietschies\install_flash_player.exe
[2010.04.10 08:36:06 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\mietschies\Documents\*.tmp files -> C:\Users\mietschies\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.05.05 18:12:59 | 000,012,460 | ---- | C] () -- C:\Users\mietschies\Documents\Malwarebytes.docx
[2010.05.05 13:18:57 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.01 15:46:58 | 000,000,302 | -H-- | C] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2010.04.27 15:21:58 | 000,000,901 | ---- | C] () -- C:\Users\mietschies\Desktop\Media Player Classic.lnk
[2010.04.27 15:21:56 | 000,421,888 | ---- | C] () -- C:\Windows\System32\ac3filter.acm
[2010.04.27 15:19:53 | 007,858,598 | ---- | C] () -- C:\Users\mietschies\Documents\XP-Codec-Pack_2.5.1.exe
[2010.04.22 06:30:22 | 005,549,301 | ---- | C] () -- C:\Users\mietschies\Documents\LaunchGTAIV.zip
[2010.04.22 06:26:30 | 000,001,723 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
[2010.04.21 19:24:53 | 000,029,031 | ---- | C] () -- C:\Users\mietschies\Documents\YASU_1.1_7035.rar
[2010.04.21 19:11:28 | 000,038,446 | ---- | C] () -- C:\Users\mietschies\Documents\YASU_1.5_8111_public.zip
[2010.04.21 18:48:15 | 000,044,857 | ---- | C] () -- C:\Users\mietschies\Documents\YASU_1.6_9040.zip
[2010.04.21 18:35:21 | 000,001,770 | ---- | C] () -- C:\Users\mietschies\Documents\GTA4_bended.rar
[2010.04.21 18:26:09 | 000,010,200 | ---- | C] () -- C:\Users\mietschies\Documents\Chrispysto.docx
[2010.04.21 17:18:05 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2010.04.16 20:07:51 | 000,066,193 | ---- | C] () -- C:\Users\mietschies\Desktop\12-02-10_1912.3gp
[2010.04.16 20:05:59 | 000,092,599 | ---- | C] () -- C:\Users\mietschies\Desktop\12-02-10_1921.3gp
[2010.04.16 20:04:49 | 000,297,572 | ---- | C] () -- C:\Users\mietschies\Desktop\12-02-10_1924.3gp
[2010.04.16 20:03:49 | 000,296,242 | ---- | C] () -- C:\Users\mietschies\Desktop\12-02-10_1905.3gp
[2010.04.10 08:36:06 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.02.09 21:53:08 | 000,020,480 | ---- | C] () -- C:\Windows\System32\jesterss.dll
[2009.12.30 19:34:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.12.16 23:09:53 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009.10.30 23:44:27 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009.01.03 17:45:26 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.01.03 17:45:26 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.12.19 17:15:58 | 004,338,246 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2008.12.17 19:41:18 | 000,884,237 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2008.12.17 19:22:58 | 000,093,184 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2008.12.17 19:22:48 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.12.17 19:17:34 | 000,239,247 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2008.12.17 18:59:54 | 000,560,802 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2008.12.11 13:27:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008.11.04 19:27:28 | 000,000,403 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008.10.30 20:22:30 | 000,000,432 | ---- | C] () -- C:\Windows\Uninstall Spielesammlung.ini
[2008.10.30 20:16:46 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008.10.10 14:17:42 | 000,000,024 | ---- | C] () -- C:\Windows\System32\sysogg.dll
[2008.10.10 14:16:35 | 000,233,472 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2008.10.09 16:56:05 | 000,000,139 | ---- | C] () -- C:\Windows\Videodeluxe.INI
[2008.10.09 16:36:53 | 000,006,537 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.08.02 21:51:56 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008.07.15 15:02:47 | 001,735,764 | -HS- | C] () -- C:\Windows\System32\dfeofong.ini
[2008.07.15 14:21:38 | 001,735,584 | -HS- | C] () -- C:\Windows\System32\duhkxxsl.ini
[2008.07.15 11:45:46 | 001,735,283 | -HS- | C] () -- C:\Windows\System32\flooyxyk.ini
[2008.07.15 11:42:15 | 000,001,509 | -HS- | C] () -- C:\Windows\System32\pqsuDJlm.ini2
[2008.07.15 11:42:14 | 000,001,509 | -HS- | C] () -- C:\Windows\System32\pqsuDJlm.ini
[2008.04.30 12:46:32 | 001,073,152 | ---- | C] () -- C:\Windows\System32\libmysql_c.dll
[2008.04.29 17:40:03 | 001,536,000 | ---- | C] () -- C:\Windows\System32\libmySQL.dll
[2008.04.29 17:40:03 | 000,946,176 | ---- | C] () -- C:\Windows\System32\MaNGOSScript.dll
[2008.04.29 17:40:03 | 000,024,576 | ---- | C] () -- C:\Windows\System32\MGResources.dll
[2008.02.09 10:48:47 | 000,697,328 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.01.31 04:03:26 | 000,054,608 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2007.12.26 18:58:41 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007.12.25 08:52:00 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2007.12.25 08:51:59 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2007.10.10 05:39:59 | 000,000,342 | ---- | C] () -- C:\Windows\{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}_WiseFW.ini
[2007.10.09 19:13:18 | 000,135,168 | ---- | C] () -- C:\Windows\System32\property.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.08.11 09:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2005.02.05 21:46:00 | 000,004,608 | ---- | C] () -- C:\Windows\fgexec.dll
[2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ff_mpeg2enc.dll
[1999.07.29 18:27:10 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 24 bytes -> C:\Windows:374FD30C4384BAEE
< End of report >
         
lg Jonas
__________________

Alt 05.05.2010, 21:07   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein Internet Explorer öffnet einfach Seiten mit Werbungen. - Standard

Mein Internet Explorer öffnet einfach Seiten mit Werbungen.



Zitat:
Datenbank Version: 4052
Du hast Malwarebytes nicht aktualisiert. Bitte mach das und wiederhole den Vollscan.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 06.05.2010, 15:28   #5
JonWayn
 
Mein Internet Explorer öffnet einfach Seiten mit Werbungen. - Standard

Mein Internet Explorer öffnet einfach Seiten mit Werbungen.



Hi Cosinus,
habe Malware geupdatet und neuen Suchlauf durchgeführt. Hier der Log:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4071

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

06.05.2010 15:26:52
mbam-log-2010-05-06 (15-26-52).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 430425
Laufzeit: 1 Stunde(n), 41 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 4

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\m5t8ql3yw3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\mietschies\AppData\Local\Temp\F6DB.tmp (Backdoor.Sinowal) -> Quarantined and deleted successfully.
C:\Users\mietschies\AppData\Local\Temp\scxramwnoe.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\mietschies\AppData\Local\Temp\Gcx.exe (Trojan.FakeAlert) -> Delete on reboot.
         
Lg Jonas


Alt 06.05.2010, 16:01   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein Internet Explorer öffnet einfach Seiten mit Werbungen. - Standard

Mein Internet Explorer öffnet einfach Seiten mit Werbungen.



Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
SRV - (FirebirdServerMAGIXInstance) --  File not found
SRV - (comHost) --  File not found
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (P2P Max DE Toolbar) - {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Programme\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar BHO) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programme\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - {8925A538-F508-4A3E-8AF9-6C39E2D3AE7B} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {90222687-F593-4738-B738-FBEE9C7B26DF} - No CLSID value found.
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (P2P Max DE Toolbar) - {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Programme\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programme\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O4 - HKCU..\Run: [M5T8QL3YW3] C:\Users\mietschies\AppData\Local\Temp\Gcx.exe ()
[2008.07.15 15:02:47 | 001,735,764 | -HS- | C] () -- C:\Windows\System32\dfeofong.ini
[2008.07.15 14:21:38 | 001,735,584 | -HS- | C] () -- C:\Windows\System32\duhkxxsl.ini
[2008.07.15 11:45:46 | 001,735,283 | -HS- | C] () -- C:\Windows\System32\flooyxyk.ini
[2008.07.15 11:42:15 | 000,001,509 | -HS- | C] () -- C:\Windows\System32\pqsuDJlm.ini2
[2008.07.15 11:42:14 | 000,001,509 | -HS- | C] () -- C:\Windows\System32\pqsuDJlm.ini
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann auf den Button Run Fixes!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
--> Mein Internet Explorer öffnet einfach Seiten mit Werbungen.

Alt 06.05.2010, 16:28   #7
JonWayn
 
Mein Internet Explorer öffnet einfach Seiten mit Werbungen. - Standard

Mein Internet Explorer öffnet einfach Seiten mit Werbungen.



So nun hab ich auch das gemacht, mit folgendem Ergebnis:
Zusätzlich möchte ich sagen, dass sich heute noch kein Mal mein IE geöffnet hat!, dafür schonmal DANKE.

Code:
ATTFilter
All processes killed
========== OTL ==========
Service FirebirdServerMAGIXInstance stopped successfully!
Service FirebirdServerMAGIXInstance deleted successfully!
File   File not found not found.
Service comHost stopped successfully!
Service comHost deleted successfully!
File   File not found not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
C:\Programme\Winamp Toolbar\winamptb.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
C:\Programme\Google\Google Toolbar\GoogleToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ deleted successfully.
C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully.
C:\Programme\softonic-de3\tbsoft.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e0007d18-baa4-4573-ae78-8bea0958c610}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e0007d18-baa4-4573-ae78-8bea0958c610}\ deleted successfully.
C:\Programme\P2P_Max_DE\tbP2P0.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully.
C:\Programme\AskSBar\bar\1.bin\ASKSBAR.DLL moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
File C:\Programme\Google\Google Toolbar\GoogleToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Programme\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8925A538-F508-4A3E-8AF9-6C39E2D3AE7B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8925A538-F508-4A3E-8AF9-6C39E2D3AE7B}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{90222687-F593-4738-B738-FBEE9C7B26DF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90222687-F593-4738-B738-FBEE9C7B26DF}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File de3\tbsoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{e0007d18-baa4-4573-ae78-8bea0958c610} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e0007d18-baa4-4573-ae78-8bea0958c610}\ not found.
File C:\Programme\P2P_Max_DE\tbP2P0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ deleted successfully.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully.
File C:\Programme\AskSBar\bar\1.bin\ASKSBAR.DLL not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\M5T8QL3YW3 not found.
File C:\Users\mietschies\AppData\Local\Temp\Gcx.exe not found.
C:\Windows\System32\dfeofong.ini moved successfully.
C:\Windows\System32\duhkxxsl.ini moved successfully.
C:\Windows\System32\flooyxyk.ini moved successfully.
C:\Windows\System32\pqsuDJlm.ini2 moved successfully.
C:\Windows\System32\pqsuDJlm.ini moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: mietschies
->Temp folder emptied: 1136092758 bytes
->Temporary Internet Files folder emptied: 39043824 bytes
->Java cache emptied: 59836370 bytes
->FireFox cache emptied: 86737446 bytes
->Opera cache emptied: 21856564 bytes
->Flash cache emptied: 89712 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 962514 bytes
%systemroot%\System32 .tmp files removed: 675840 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 101316392 bytes
RecycleBin emptied: 20881162264 bytes
 
Total Files Cleaned = 21.293,00 mb
 
 
OTL by OldTimer - Version 3.2.4.1 log created on 05062010_162058

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
         
lg Jonas

Alt 06.05.2010, 16:31   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein Internet Explorer öffnet einfach Seiten mit Werbungen. - Standard

Mein Internet Explorer öffnet einfach Seiten mit Werbungen.



Schön. Dann wende jetzt mal bitte CF an:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 06.05.2010, 18:17   #9
JonWayn
 
Mein Internet Explorer öffnet einfach Seiten mit Werbungen. - Standard

Mein Internet Explorer öffnet einfach Seiten mit Werbungen.



So habe auch diese Check ausgeführt, allerdings lässt sich nun nichts mehr öffnen, sei es Word oder FireFox/Opera. Ich werde es gleich nochmal mit einem Neustart probieren. (Hat sich nach Neustart wieder erledigt und ich hab das Gefühl mein Rechner ist wesentlich schneller geworden)
Hier der Log von CF:

Code:
ATTFilter
ComboFix 10-05-05.0D - mietschies 06.05.2010  17:29:41.1.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2047.1098 [GMT 2:00]
ausgeführt von:: c:\users\mietschies\Documents\cofi.exe
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows-Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
 ADS - Windows: deleted 24 bytes in 1 streams. 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-246336926-1473631755-3376170504-500
C:\install.exe
c:\program files\Cheat Engine\dbk32.sys
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Privacy Policy.url
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Terms and Conditions.url
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Website.url
c:\users\mietschies\AppData\Local\gcyci.dat
c:\users\mietschies\AppData\Local\gcyci_nav.dat
c:\users\mietschies\AppData\Local\gcyci_navps.dat
c:\windows\system32\Config.cfg
c:\windows\system32\Install.bat
D:\autorun.inf

.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Boonty Games


(((((((((((((((((((((((   Dateien erstellt von 2010-04-06 bis 2010-05-06  ))))))))))))))))))))))))))))))
.

2010-05-06 15:40 . 2010-05-06 15:40	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-05-06 14:20 . 2010-05-06 14:20	--------	d-----w-	C:\_OTL
2010-05-05 11:19 . 2010-05-05 11:19	--------	d-----w-	c:\users\mietschies\AppData\Roaming\Malwarebytes
2010-05-05 11:18 . 2010-04-29 10:19	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-05 11:18 . 2010-05-05 11:18	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-05-05 11:18 . 2010-05-05 11:18	--------	d-----w-	c:\programdata\Malwarebytes
2010-05-05 11:18 . 2010-04-29 10:19	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-05-04 18:53 . 2010-05-04 18:53	--------	d-----w-	C:\VundoFix Backups
2010-05-01 13:45 . 2010-05-05 12:22	--------	d-----w-	c:\users\mietschies\AppData\Roaming\0979169DDB67BF102637976E655C6EB9
2010-05-01 13:22 . 2010-05-01 13:22	--------	d-----w-	c:\users\mietschies\AppData\Local\TVU Networks
2010-05-01 13:22 . 2010-05-01 13:22	--------	d-----w-	c:\programdata\TVU Networks
2010-05-01 13:22 . 2010-05-01 13:22	--------	d-----w-	c:\program files\TVUPlayer
2010-05-01 13:22 . 2010-05-01 13:22	--------	d-----w-	c:\program files\Conduit
2010-05-01 13:22 . 2010-05-06 14:21	--------	d-----w-	c:\program files\softonic-de3
2010-04-27 13:21 . 2010-04-27 13:21	--------	d-----w-	c:\program files\XP Codec Pack
2010-04-21 17:14 . 2010-04-22 04:26	--------	d-----w-	c:\program files\DAEMON Tools Pro
2010-04-21 17:14 . 2010-04-21 17:20	--------	d-----w-	c:\users\mietschies\AppData\Roaming\DAEMON Tools Pro
2010-04-21 17:14 . 2010-04-21 17:14	--------	d-----w-	c:\programdata\DAEMON Tools Pro
2010-04-21 16:57 . 2010-05-06 14:21	--------	d-----w-	c:\program files\DAEMON Tools Toolbar
2010-04-21 16:55 . 2010-04-21 17:05	--------	d-----w-	c:\users\mietschies\AppData\Roaming\DAEMON Tools Lite
2010-04-21 16:55 . 2010-04-21 16:55	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2010-04-21 15:53 . 2010-04-21 16:09	--------	d-----w-	c:\users\mietschies\AppData\Local\Rockstar Games
2010-04-21 15:48 . 2010-04-21 15:48	--------	d-----w-	c:\program files\Microsoft Games for Windows - LIVE
2010-04-21 15:18 . 2010-04-21 15:23	--------	d-----w-	c:\program files\Rockstar Games
2010-04-15 17:10 . 2010-04-15 17:10	1924976	----a-w-	c:\users\mietschies\install_flash_player.exe
2010-04-15 10:16 . 2010-02-18 14:07	904576	----a-w-	c:\windows\system32\drivers\tcpip.sys
2010-04-15 10:16 . 2010-02-18 13:30	200704	----a-w-	c:\windows\system32\iphlpsvc.dll
2010-04-15 10:16 . 2010-02-18 11:28	25088	----a-w-	c:\windows\system32\drivers\tunnel.sys
2010-04-15 10:16 . 2010-02-23 11:10	212992	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2010-04-15 10:16 . 2010-02-23 11:10	79360	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2010-04-15 10:16 . 2010-02-23 11:10	106496	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2010-04-15 10:16 . 2010-02-18 14:07	3600776	----a-w-	c:\windows\system32\ntkrnlpa.exe
2010-04-15 10:16 . 2010-02-18 14:07	3548040	----a-w-	c:\windows\system32\ntoskrnl.exe
2010-04-15 10:16 . 2010-03-04 17:33	430080	----a-w-	c:\windows\system32\vbscript.dll
2010-04-14 15:48 . 2009-12-23 11:33	172032	----a-w-	c:\windows\system32\wintrust.dll
2010-04-14 15:48 . 2010-01-13 17:34	98304	----a-w-	c:\windows\system32\cabview.dll
2010-04-14 10:44 . 2010-02-12 10:32	293376	----a-w-	c:\windows\system32\browserchoice.exe
2010-04-08 17:39 . 2010-04-08 17:39	--------	d-----w-	c:\programdata\BioWare

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-06 15:42 . 2010-03-31 14:43	35381	----a-w-	c:\programdata\nvModes.dat
2010-05-06 15:42 . 2007-10-10 04:05	--------	d-----w-	c:\programdata\NVIDIA
2010-05-06 15:39 . 2010-01-15 17:24	--------	d-----w-	c:\program files\Cheat Engine
2010-05-06 15:13 . 2010-02-12 21:35	--------	d-----w-	c:\program files\CCleaner
2010-05-06 14:21 . 2009-06-11 07:58	--------	d-----w-	c:\program files\ICQ6Toolbar
2010-05-06 14:21 . 2009-04-06 15:45	--------	d-----w-	c:\program files\P2P_Max_DE
2010-05-06 14:21 . 2009-05-23 08:02	--------	d-----w-	c:\program files\Winamp Toolbar
2010-05-06 14:11 . 2007-12-25 12:10	--------	d-----w-	c:\users\mietschies\AppData\Roaming\ICQ
2010-05-05 16:11 . 2007-12-25 12:11	--------	d-----w-	c:\program files\ICQToolbar
2010-05-04 12:25 . 2010-03-05 20:21	--------	d-----w-	c:\program files\AIM6
2010-05-02 18:06 . 2008-01-21 18:04	--------	d-----w-	c:\users\mietschies\AppData\Roaming\Skype
2010-05-02 10:06 . 2010-02-20 18:29	--------	d-----w-	c:\users\mietschies\AppData\Roaming\uTorrent
2010-04-21 17:23 . 2006-11-02 15:33	621714	----a-w-	c:\windows\system32\perfh007.dat
2010-04-21 17:23 . 2006-11-02 15:33	123452	----a-w-	c:\windows\system32\perfc007.dat
2010-04-21 17:14 . 2008-02-09 08:48	697328	----a-w-	c:\windows\system32\drivers\sptd.sys
2010-04-21 17:13 . 2008-02-09 09:27	--------	d-----w-	c:\program files\DAEMON Tools Lite
2010-04-21 16:27 . 2009-09-19 09:13	--------	d-----w-	c:\users\mietschies\AppData\Roaming\Image Zone Express
2010-04-21 15:51 . 2008-06-22 18:02	107888	----a-w-	c:\windows\system32\CmdLineExt.dll
2010-04-21 15:23 . 2007-12-25 06:46	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-04-19 16:41 . 2009-09-19 08:56	164276	----a-w-	c:\windows\hpoins19.dat
2010-04-16 16:07 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-04-10 06:35 . 2007-12-24 21:46	--------	d-----w-	c:\program files\Google
2010-04-05 17:17 . 2010-03-31 14:05	--------	d-----w-	c:\program files\Dragon Age
2010-04-01 06:26 . 2010-04-01 06:05	--------	d--h--w-	c:\program files\Temp
2010-04-01 06:15 . 2010-04-01 06:05	319456	----a-w-	c:\windows\DIFxAPI.dll
2010-04-01 06:15 . 2010-04-01 06:15	--------	d-----w-	c:\program files\Realtek
2010-03-31 18:46 . 2008-05-13 16:29	--------	d-----w-	c:\users\mietschies\AppData\Roaming\Ubisoft
2010-03-31 18:46 . 2008-05-13 15:53	--------	d-----w-	c:\programdata\Ubisoft
2010-03-31 18:44 . 2007-12-25 06:46	--------	d-----w-	c:\program files\Ubisoft
2010-03-31 14:39 . 2010-03-31 14:36	--------	d-----w-	c:\program files\NVIDIA Corporation
2010-03-31 14:37 . 2009-05-29 12:55	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2010-03-31 14:25 . 2007-12-25 06:52	--------	d-----w-	c:\programdata\Media Center Programs
2010-03-31 14:25 . 2010-03-31 14:05	--------	d-----w-	c:\program files\Common Files\BioWare
2010-03-31 12:54 . 2010-02-28 13:21	--------	d-----w-	c:\program files\Activision
2010-03-30 18:40 . 2010-03-30 18:40	--------	d-----w-	c:\program files\LogMeIn Hamachi
2010-03-30 12:01 . 2010-03-30 12:00	--------	d-----w-	c:\program files\Visions
2010-03-29 20:10 . 2009-04-08 12:05	--------	d-----w-	c:\users\mietschies\AppData\Roaming\Pro Cycling Manager 2008
2010-03-29 14:01 . 2008-02-09 12:59	--------	d-----w-	c:\users\mietschies\AppData\Roaming\Hamachi
2010-03-29 09:41 . 2008-01-08 18:42	--------	d-----w-	c:\program files\EA SPORTS
2010-03-27 09:07 . 2010-03-27 09:07	--------	d-----w-	c:\program files\GUILD WARS
2010-03-26 20:16 . 2008-09-28 18:07	--------	d-----w-	c:\program files\Common Files\DVDVideoSoft
2010-03-26 18:28 . 2007-12-26 12:10	--------	d-----w-	c:\users\mietschies\AppData\Roaming\Pro Cycling Manager 2007
2010-03-26 16:24 . 2010-04-01 06:15	3048096	----a-w-	c:\windows\system32\drivers\RTKVHDA.sys
2010-03-26 16:03 . 2010-04-01 06:15	57888	----a-w-	c:\windows\system32\RtkCoInst.dll
2010-03-26 16:03 . 2010-04-01 06:15	1749536	----a-w-	c:\windows\system32\RtkPgExt.dll
2010-03-26 16:02 . 2010-04-01 06:15	371232	----a-w-	c:\windows\system32\RtkApoApi.dll
2010-03-26 16:02 . 2010-04-01 06:15	2649120	----a-w-	c:\windows\system32\RtkAPO.dll
2010-03-25 09:27 . 2010-03-25 09:27	1107264	----a-w-	c:\users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2010-03-22 12:22 . 2010-04-01 06:15	1247776	----a-w-	c:\windows\RtlExUpd.dll
2010-03-20 17:58 . 2010-02-22 14:12	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2010-03-17 10:08 . 2010-04-01 06:15	307616	----a-w-	c:\windows\system32\FMAPO.dll
2010-03-16 09:42 . 2010-05-01 13:22	52224	----a-w-	c:\users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components\FFExternalAlert.dll
2010-03-16 09:42 . 2010-05-01 13:22	101376	----a-w-	c:\users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components\RadioWMPCore.dll
2010-03-16 00:15 . 2010-03-16 00:15	985704	----a-w-	c:\windows\system32\nvsvc.dll
2010-03-16 00:15 . 2010-03-16 00:15	66664	----a-w-	c:\windows\system32\nvshext.dll
2010-03-16 00:15 . 2010-03-16 00:15	1515624	----a-w-	c:\windows\system32\nvsvcr.dll
2010-03-16 00:15 . 2010-03-16 00:15	129640	----a-w-	c:\windows\system32\nvvsvc.exe
2010-03-16 00:14 . 2010-03-16 00:14	13683816	----a-w-	c:\windows\system32\nvcpl.dll
2010-03-16 00:14 . 2010-03-16 00:14	110696	----a-w-	c:\windows\system32\nvmctray.dll
2010-03-13 20:34 . 2008-08-02 19:03	--------	d-----w-	c:\program files\Opera
2010-03-12 09:26 . 2007-10-10 03:34	600680	----a-w-	c:\windows\system32\nvuninst.exe
2010-03-09 16:25 . 2010-03-31 08:27	78336	----a-w-	c:\windows\system32\ieencode.dll
2010-03-09 15:42 . 2010-03-31 08:28	834048	----a-w-	c:\windows\system32\wininet.dll
2010-02-26 06:06 . 2010-02-26 06:06	2626360	----a-w-	c:\users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
2010-02-25 16:57 . 2007-12-24 21:21	122672	----a-w-	c:\users\mietschies\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 08:16 . 2009-12-25 07:30	181632	------w-	c:\windows\system32\MpSigStub.exe
2010-02-20 23:06 . 2010-03-11 12:32	24064	----a-w-	c:\windows\system32\nshhttp.dll
2010-02-20 23:05 . 2010-03-11 12:32	30720	----a-w-	c:\windows\system32\httpapi.dll
2010-02-20 20:53 . 2010-03-11 12:32	411648	----a-w-	c:\windows\system32\drivers\http.sys
2010-02-20 15:40 . 2010-02-20 15:40	3112408	----a-w-	c:\users\mietschies\AppData\Roaming\ProtectDisc\pe17af2e81.dll
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-24 68856]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-26 8546848]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136]
"IS CfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [2006-10-24 46728]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-10-27 22696]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-12-24 1836544]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"VC9Player"="c:\program files\Virtual CD v9\System\VC9Play.exe" [2007-04-12 202312]
"Launch LGDCore"="c:\program files\Logitech\G-series Software\LGDCore.exe" [2006-03-06 1122304]
"Launch LCDMon"="c:\program files\Logitech\G-series Software\LCDMon.exe" [2006-03-06 497152]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-10-9 110592]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
phase-6 Reminder.lnk - c:\program files\phase-6\phase-6\reminder\reminder.exe [2009-7-13 1032192]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MSServer"=rundll32.exe c:\windows\system32\nnnoNeEw.dll,#1
"eed3d6d7"=rundll32.exe "c:\windows\system32\gnofoefd.dll",b
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" -systray -startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):5f,1d,eb,1a,9e,b8,ca,01

R2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc [x]
R2 gupdate1c988f78e8c0b34;Google Update Service (gupdate1c988f78e8c0b34);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-07 133104]
R3 HH9Help.sys;HH9Help.sys;c:\windows\system32\drivers\HH9Help.sys [2006-09-20 11392]
R3 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20061025.029\IDSvix86.sys [2006-10-20 202872]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-04-21 697328]
S1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys [2009-04-08 3468904]
S1 vdrv9000;vdrv9000;c:\windows\system32\DRIVERS\vdrv9000.sys [2007-01-23 105984]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-11-08 194240]
S2 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;c:\program files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-03-16 240232]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-09 1044808]
S2 VC9SecS;Virtual CD v9 Management Service;c:\program files\Virtual CD v9\System\VC9SecS.exe [2007-04-12 124488]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners

2010-05-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-24 13:54]

2010-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-07 07:41]

2010-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-07 07:41]

2010-05-06 c:\windows\Tasks\User_Feed_Synchronization-{ECB209C1-EF82-4205-B8BA-33541061685C}.job
- c:\windows\system32\msfeedssync.exe [2008-03-21 07:33]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2431245
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2431245&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q=
FF - component: c:\users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components\FFExternalAlert.dll
FF - component: c:\users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components\RadioWMPCore.dll
FF - component: c:\users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbyond.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: c:\program files\Opera\program\plugins\NPMetaStream3.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\mietschies\AppData\Roaming\Mozilla\Firefox\Profiles\5bnfwh1h.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071303000004.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "hxxp://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
URLSearchHooks-{e0007d18-baa4-4573-ae78-8bea0958c610} - (no file)
URLSearchHooks-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - (no file)
BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
WebBrowser-{E0007D18-BAA4-4573-AE78-8BEA0958C610} - (no file)
SSODL-StdDrv-{18b567c4-69cf-446e-9940-2ac63f750905} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-05-06 17:42
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, hxxp://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x84F051F8]<< 
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x88ad1d24
\Driver\ACPI -> acpi.sys @ 0x8836cd68
\Driver\atapi -> 0x84f051f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK 

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdrv9000]
"ImagePath"="system32\DRIVERS\vdrv9000.sys"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-1112595839-425856898-2786594882-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:79,44,30,e7,14,5a,dd,08,90,33,e8,63,8b,f2,ea,29,62,b4,40,53,75,
   5b,0d,63,ce,d5,59,bd,fc,2c,3a,2a,60,16,07,ba,b8,e6,d1,5e,58,72,f6,a9,ab,85,\
"rkeysecu"=hex:fe,ec,74,91,0c,53,cc,28,ad,7f,5c,7b,ea,61,23,1f
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(4896)
c:\program files\RocketDock\RocketDock.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
c:\windows\system32\UAService7.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-05-06  17:52:36 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2010-05-06 15:52

Vor Suchlauf: 19 Verzeichnis(se), 57.649.147.904 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 57.252.720.640 Bytes frei

- - End Of File - - 82D7328E795A82198CD44302014D5501
         
lg Jonas

Geändert von JonWayn (06.05.2010 um 18:28 Uhr)

Alt 06.05.2010, 20:19   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein Internet Explorer öffnet einfach Seiten mit Werbungen. - Standard

Mein Internet Explorer öffnet einfach Seiten mit Werbungen.



Ok. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Mein Internet Explorer öffnet einfach Seiten mit Werbungen.
antivir, antivir guard, ask toolbar, avira, bho, browser, desktop, google, gupdate, hijack, hijackthis, internet, internet explorer, launch, local\temp, malware, problem, programdata, realtek, rundll, security, senden, server, software, symantec, system, trojaner, virus, vista, werbungseiten, windows



Ähnliche Themen: Mein Internet Explorer öffnet einfach Seiten mit Werbungen.


  1. Internet Explorer öffnet falsche Seiten
    Alles rund um Windows - 25.10.2015 (16)
  2. Internet explorer öffnet seiten und Viren im inetexplorer
    Log-Analyse und Auswertung - 03.05.2015 (3)
  3. Google Chrome öffnet einfach Seiten und kleine Werbungen
    Plagegeister aller Art und deren Bekämpfung - 19.08.2014 (16)
  4. Mein Pc macht leider Probleme Internet Explorer öffnet Seiten nicht usw.
    Log-Analyse und Auswertung - 14.06.2013 (1)
  5. Internet Explorer öffnet sich einfach
    Plagegeister aller Art und deren Bekämpfung - 23.12.2010 (13)
  6. Mein Internet Explorer öffnet von alleine und zeigt mir ständig werbungen
    Plagegeister aller Art und deren Bekämpfung - 29.10.2010 (19)
  7. Internet Explorer und co öffnet ständig Seiten
    Log-Analyse und Auswertung - 10.06.2010 (30)
  8. Internet Explorer öffnet Seiten mit Werbung
    Log-Analyse und Auswertung - 25.05.2010 (5)
  9. Internet Explorer öffnet Seiten mit Werbungen.
    Plagegeister aller Art und deren Bekämpfung - 12.05.2010 (5)
  10. Mein Internet Explorer öffnet Seiten mit Werbungen.
    Plagegeister aller Art und deren Bekämpfung - 09.05.2010 (19)
  11. Internet explorer öffnet von alleine mit Werbungen
    Plagegeister aller Art und deren Bekämpfung - 31.03.2010 (1)
  12. Internet Explorer öffnet einfach so Werbung
    Log-Analyse und Auswertung - 20.03.2010 (7)
  13. internet explorer öffnet ständig werbungen
    Plagegeister aller Art und deren Bekämpfung - 08.02.2010 (3)
  14. Internet Explorer öffnet einfach seiten !
    Log-Analyse und Auswertung - 25.12.2009 (1)
  15. Internet Explorer öffnet alleine werbungen
    Log-Analyse und Auswertung - 13.11.2009 (3)
  16. Internet explorer öffnet selbs werbungen bitte dringend helfen
    Plagegeister aller Art und deren Bekämpfung - 09.08.2008 (2)
  17. Internet Explorer öffnet einfach Seiten
    Log-Analyse und Auswertung - 14.11.2005 (25)

Zum Thema Mein Internet Explorer öffnet einfach Seiten mit Werbungen. - Hallo, und schonmal ein herzliches DANKESCHÖN an alle die mir versuchen zu helfen. Ich habe mir scheinbar auch einen Virus draufgeladen, welcher meinen Internet Explorer, den ich sonst nie benutze, - Mein Internet Explorer öffnet einfach Seiten mit Werbungen....
Archiv
Du betrachtest: Mein Internet Explorer öffnet einfach Seiten mit Werbungen. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.