Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
[Wichtig] critical error hard drive not found und die anderen Übeltäter

[Wichtig] critical error hard drive not found und die anderen Übeltäter


Log-Analyse und Auswertung: [Wichtig] critical error hard drive not found und die anderen Übeltäter

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 14.04.2011, 04:04   #1
Carbonas
 
[Wichtig] critical error hard drive not found und die anderen Übeltäter - Standard

[Wichtig] critical error hard drive not found und die anderen Übeltäter


hallo für mich neue Community.
Ich versuche jetzt mal mein Problem zu erläutern.
Als ich etwas gedownloadet habe kam eine Virus meldung, ok habe ich mir gedacht, dann lösche ich diesen Virus und damit hat sich die Sache.
Auf einmal war mein Desktop komplett Schwarz und ALLE Icons, bis auf Papierkorp waren weg.
Nun hab ich ein bisschen über "critical error hard drive not found"
gegooglet und habe gelesen das dies mit 4 oder 5 andere Fehler, die übrigens auch vorkamen, eine "Fake" Meldung ist sprich Trojaner.
Hier, in diesem Forum, habe ich darüber ein bisschen gelesen und habe mir OTL und die Malawareybytes Software runtergeladen. Diese jedoch benutze ich gerade wodurch ich momentan nicht über denn Stand der Dinge posten kann.
Nicht einmal eine DxDiag.txt kann ich erstellen.

Ich hoffe ihr könnt mir meine Seele beruhigen, weil ich etliche, wichtige Daten habe.
Notfalls kann ich denn Pc Plattmachen was sowieso meine Notlösung wäre.

Die OTL sowie die Malwarebytes Berichte werde ich selbstverständlich noch posten.
In diesem Sinne Bye


Edit: Da OTL irgendwie keine Logfiles "ausspuckt" habe ich wenigstens die Malwarebytes Bericht und die ist verherend.
Seht selbst:
Zitat:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6357

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

14.04.2011 05:10:09
mbam-log-2011-04-14 (05-09-44).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|)
Durchsuchte Objekte: 263621
Laufzeit: 31 Minute(n), 58 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 4
Infizierte Registrierungsschlüssel: 126
Infizierte Registrierungswerte: 7
Infizierte Dateiobjekte der Registrierung: 5
Infizierte Verzeichnisse: 27
Infizierte Dateien: 44

Infizierte Speicherprozesse:
c:\program files\scanquery\scanquery.exe (Adware.Agent.Gen) -> 1936 -> No action taken.

Infizierte Speichermodule:
c:\program files\scanquery\scanquery.dll (Adware.Agent.Gen) -> No action taken.
c:\Users\***\AppData\Local\wlnlupc.dll (Trojan.Hiloti) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> No action taken.
c:\Users\***\AppData\Local\oxavomado.dll (Trojan.Agent.U) -> No action taken.

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{E343EDFC-1E6C-4cb5-AA29-E9C922641C80} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info.1 (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbAx.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbAx (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.KOPFF.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.KOPFF (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Scopes.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Scopes (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Stock.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Stock (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.IEButton.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.IEButton (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.CntntDic.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.CntntDic (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{CFC16189-8A92-4a29-A940-60248385F426} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.CntntDisp.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.CntntDisp (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.ReportData.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.ReportData (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScanQuery (Adware.ScanQuery) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Invictus (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ScanQuery (Adware.ScanQuery) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> No action taken.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Khumeqal (Trojan.Hiloti) -> Value: Khumeqal -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\EdCcYBPEqSpTN (Trojan.FakeAlert) -> Value: EdCcYBPEqSpTN -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ShopperReports 3.0.517.0 (Adware.HotBar) -> Value: ShopperReports 3.0.517.0 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790773B2765C5433AB93 (Malware.Trace) -> Value: SRS_IT_E8790773B2765C5433AB93 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Sbavefubemobel (Trojan.Agent.U) -> Value: Sbavefubemobel -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ShopperReports@ShopperReports.com (ShopperReports) -> Value: ShopperReports@ShopperReports.com -> No action taken.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallPaper (PUM.Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Infizierte Verzeichnisse:
c:\Users\***\AppData\Roaming\microsoft\Windows\start menu\Programs\windows restore (Trojan.FakeAlert) -> No action taken.
c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> No action taken.
c:\programdata\clickpotatolitesa (Adware.ClickPotato) -> No action taken.
c:\Users\***\AppData\Roaming\clickpotatolite (Adware.ClickPotato) -> No action taken.
c:\Users\***\AppData\Roaming\shopperreports3 (Adware.ShopperReports) -> No action taken.
c:\program files\clickpotatolite (Adware.ClickPotato) -> No action taken.
c:\program files\clickpotatolite\bin (Adware.ClickPotato) -> No action taken.
c:\program files\clickpotatolite\bin\10.0.668.0 (Adware.ClickPotato) -> No action taken.
c:\program files\clickpotatolite\bin\10.0.668.0\firefox (Adware.ClickPotato) -> No action taken.
c:\program files\clickpotatolite\bin\10.0.668.0\firefox\extensions (Adware.ClickPotato) -> No action taken.
c:\program files\clickpotatolite\bin\10.0.668.0\firefox\extensions\plugins (Adware.ClickPotato) -> No action taken.
c:\program files\shopperreports3 (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0 (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\firefox (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\shopperreports (Adware.ShopperReports) -> No action taken.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64} (Adware.ScanQuery) -> No action taken.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome (Adware.ScanQuery) -> No action taken.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults (Adware.ScanQuery) -> No action taken.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences (Adware.ScanQuery) -> No action taken.
c:\program files\scanquery (Adware.ScanQuery) -> No action taken.
c:\programdata\scanquery (Adware.ScanQuery) -> No action taken.

Infizierte Dateien:
c:\program files\scanquery\scanquery.dll (Adware.Agent.Gen) -> No action taken.
c:\program files\scanquery\scanquery.exe (Adware.Agent.Gen) -> No action taken.
c:\Users\***\AppData\Local\wlnlupc.dll (Trojan.Hiloti) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> No action taken.
c:\programdata\edccybpeqsptn.exe (Trojan.FakeAlert) -> No action taken.
c:\program files\clickpotatolite\bin\10.0.668.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\mozillaps.dll (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\CmndFF.dll (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\cntntcntr.dll (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\BRNstIE.dll (Adware.ShopperReports) -> No action taken.
c:\program files\clickpotatolite\bin\10.0.668.0\clickpotatoliteuninstaller.exe (Adware.ClickPotato) -> No action taken.
c:\program files\mozilla firefox\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> No action taken.
c:\program files\scanquery\uninstall.exe (Adware.ScanQuery) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\shopperreportsuninstaller.exe (Adware.ShopperReports) -> No action taken.
c:\programdata\29810440.exe (Trojan.FakeAlert) -> No action taken.
c:\Users\***\AppData\Local\Temp\swaxnmecro.exe (Trojan.Hiloti) -> No action taken.
c:\Users\***\downloads\xvidsetup(2).exe (Adware.Hotbar) -> No action taken.
c:\Users\***\AppData\Local\Temp\0.17335943997569003.exe (Trojan.Dropper) -> No action taken.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> No action taken.
c:\Users\***\AppData\Roaming\microsoft\Windows\start menu\Programs\windows restore\uninstall windows restore.lnk (Trojan.FakeAlert) -> No action taken.
c:\Users\***\AppData\Roaming\microsoft\Windows\start menu\Programs\windows restore\windows restore.lnk (Trojan.FakeAlert) -> No action taken.
c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> No action taken.
c:\Users\***\AppData\Local\oxavomado.dll (Trojan.Agent.U) -> No action taken.
c:\programdata\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> No action taken.
c:\programdata\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> No action taken.
c:\programdata\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> No action taken.
c:\programdata\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> No action taken.
c:\programdata\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> No action taken.
c:\program files\clickpotatolite\bin\10.0.668.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\link.ico (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar (Adware.ShopperReports) -> No action taken.
c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\About Us.lnk (Adware.ShopperReports) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\customer support.lnk (Adware.ShopperReports) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\shopperreports uninstall instructions.lnk (Adware.ShopperReports) -> No action taken.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome.manifest (Adware.ScanQuery) -> No action taken.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\install.rdf (Adware.ScanQuery) -> No action taken.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome\scanquery.jar (Adware.ScanQuery) -> No action taken.
c:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences\prefs.js (Adware.ScanQuery) -> No action taken.
Ich habe sofort alles Entfernt und werde wieder einen Scann rüberlaufen lassen


Nun endlich konnte ich doch eine OTL datei erstellen
Hier:
Zitat:
OTL logfile created on: 14.04.2011 05:16:58 - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Downloads
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 396,64 Gb Free Space | 85,16% Space Free | Partition Type: NTFS
Drive D: | 6,31 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.04.14 04:51:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
PRC - [2011.04.14 04:05:56 | 000,172,032 | -H-- | M] () -- C:\Users\***\AppData\Local\Temp\Fht.exe
PRC - [2011.04.14 04:05:53 | 000,158,720 | -H-- | M] () -- C:\Windows\Fjitua.exe
PRC - [2011.03.28 15:41:14 | 001,910,152 | -H-- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.03.28 15:41:12 | 001,242,504 | -H-- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.03.25 14:30:56 | 000,912,344 | -H-- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.03.16 23:14:05 | 000,269,480 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | -H-- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.07 20:48:56 | 000,378,984 | -H-- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.12.20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010.12.13 09:39:27 | 000,135,336 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.13 09:39:19 | 000,281,768 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.12.08 23:15:44 | 000,063,360 | -H-- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010.12.07 12:32:02 | 002,228,008 | -H-- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.11.20 05:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 05:17:02 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010.04.24 02:10:54 | 000,209,768 | -H-- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.04.24 02:10:44 | 000,483,688 | -H-- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe


========== Modules (SafeList) ==========

MOD - [2011.04.14 04:51:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
MOD - [2010.11.20 04:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.03.28 15:41:12 | 001,242,504 | -H-- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.03.16 23:14:05 | 000,269,480 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.07 20:48:56 | 000,378,984 | -H-- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.12.13 09:39:27 | 000,135,336 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.10 07:36:00 | 003,648,584 | -H-- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010.12.07 12:32:02 | 002,228,008 | -H-- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.04.24 02:10:54 | 000,209,768 | -H-- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.04.24 02:10:44 | 000,483,688 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009.07.16 18:04:16 | 000,316,664 | -H-- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011.03.16 23:14:05 | 000,137,656 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.01.08 05:27:00 | 010,467,656 | -H-- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.12.13 09:39:38 | 000,061,960 | -H-- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.11.20 05:30:16 | 000,175,360 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 05:30:16 | 000,040,704 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 05:30:16 | 000,028,032 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 03:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 02:14:46 | 000,017,920 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 02:14:42 | 000,005,632 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.06.17 15:27:02 | 000,028,520 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.04.24 02:10:54 | 000,019,304 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2010.04.24 02:10:52 | 000,021,864 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2010.04.24 02:10:50 | 000,195,944 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2010.04.24 02:10:44 | 000,550,760 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2009.07.14 00:02:52 | 000,347,264 | -H-- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.01.19 20:31:56 | 000,277,544 | -H-- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 70 EF D1 68 DB CB 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/firefox?client=firefox-a&rls=org.mozilla:defficial"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: eafo3fflauncher@ea.com:1.1
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledItems: {03CAE00B-981A-482D-8915-72FD4E3EF2B1}:1.9.1
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.01.04 11:22:07 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.01.04 11:22:08 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{03CAE00B-981A-482D-8915-72FD4E3EF2B1}: C:\Users\***\AppData\Local\{03CAE00B-981A-482D-8915-72FD4E3EF2B1} [2011.04.14 04:07:35 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.25 14:30:58 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.14 03:47:30 | 000,000,000 | -H-D | M]

[2010.12.30 20:45:51 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\***\AppData\Roaming\Mozilla\Extensions
[2011.04.14 04:22:10 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\sdt57vlf.default\extensions
[2011.01.03 06:12:14 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\sdt57vlf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.01.01 21:16:12 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\sdt57vlf.default\extensions\{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e}
[2011.03.17 16:23:20 | 000,000,000 | -H-D | M] (Battlefield Play4Free) -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\sdt57vlf.default\extensions\battlefieldplay4free@ea.com
[2011.01.22 02:33:01 | 000,000,000 | -H-D | M] (FIFA Online Web Launcher) -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\sdt57vlf.default\extensions\eafo3fflauncher@ea.com
[2011.01.01 21:16:11 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\sdt57vlf.default\extensions\engine@conduit.com
[2011.02.19 16:29:57 | 000,000,000 | -H-D | M] (TVU Web Player) -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\sdt57vlf.default\extensions\firefox@tvunetworks.com
[2011.04.11 21:55:16 | 000,001,056 | -H-- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\sdt57vlf.default\searchplugins\icqplugin.xml
[2011.04.14 05:15:32 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.04 11:22:07 | 000,000,000 | -H-D | M] (DivX Plus Web Player HTML5 <video&gt -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011.01.04 11:22:08 | 000,000,000 | -H-D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011.04.14 04:07:35 | 000,000,000 | -H-D | M] (XULRunner) -- C:\USERS\***\APPDATA\LOCAL\{03CAE00B-981A-482D-8915-72FD4E3EF2B1}
[2010.12.30 21:03:30 | 000,472,808 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.03.05 16:50:02 | 000,001,392 | -H-- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.05 16:50:02 | 000,002,344 | -H-- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.05 16:50:02 | 000,006,805 | -H-- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.03.05 16:50:02 | 000,001,178 | -H-- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.05 16:50:02 | 000,001,105 | -H-- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKCU..\Run: [0ESKOMO9JO] C:\Users\***\AppData\Local\Temp\Fht.exe ()
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.09.10 23:33:59 | 000,000,000 | R--D | M] - D:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2010.09.10 23:34:03 | 000,439,056 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2010.09.10 23:34:02 | 007,864,832 | R--- | M] () - D:\autorun.dat -- [ UDF ]
O32 - AutoRun File - [2010.09.10 23:33:38 | 000,000,141 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{dc86f325-1447-11e0-8218-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2010.09.10 23:34:03 | 000,439,056 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.04.14 04:33:20 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011.04.14 04:33:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.14 04:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.14 04:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.14 04:33:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.04.14 04:07:35 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData\Local\{03CAE00B-981A-482D-8915-72FD4E3EF2B1}
[2011.04.14 03:49:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011.04.14 03:49:11 | 000,000,000 | -H-D | C] -- C:\Program Files\Xvid
[2011.04.13 21:36:39 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData\Roaming\ZombieDriver
[2011.04.13 21:36:25 | 000,000,000 | -H-D | C] -- C:\Program Files\OpenAL
[2011.04.12 20:36:02 | 000,000,000 | -H-D | C] -- C:\Program Files\Battlefront
[2011.04.12 14:17:53 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData\Roaming\Leadertech
[2011.04.10 03:01:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.04.09 14:23:34 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Skyfallen Entertaiment
[2011.04.09 02:27:36 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\NFS SHIFT
[2011.04.08 17:02:48 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData\Roaming\.minecraft
[2011.04.08 14:41:42 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\microsoft
[2011.04.08 14:40:22 | 000,000,000 | -H-D | C] -- C:\Windows\System32\xlive
[2011.04.08 14:40:21 | 000,000,000 | -H-D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2011.04.06 14:09:12 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData\Roaming\Digitanks
[2011.04.06 14:08:42 | 000,000,000 | -H-D | C] -- C:\Program Files\Digitanks
[2011.04.06 05:36:09 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData\Roaming\Petroglyph
[2011.04.04 23:23:25 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Battlefield 2 Demo
[2011.04.03 03:33:17 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011.04.03 03:32:13 | 000,000,000 | -H-D | C] -- C:\Program Files\Activision
[2011.04.03 02:37:43 | 000,000,000 | -H-D | C] -- C:\Program Files\TryMedia
[2011.04.03 02:36:22 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Infogrames
[2011.04.03 02:36:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames
[2011.04.03 00:30:09 | 000,000,000 | -H-D | C] -- C:\Users\***\Desktop\UndergroundMt2 2010Client
[2011.04.02 16:42:49 | 000,000,000 | -H-D | C] -- C:\Users\***\Desktop\Instinct2
[2011.03.31 14:52:23 | 000,000,000 | -H-D | C] -- C:\Program Files\Postal 2 Demo
[2011.03.30 22:28:36 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Battlefield 2
[2011.03.30 18:46:37 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\ORDER OF WAR - CHALLENGE (Demo)
[2011.03.29 22:18:24 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2011.03.29 22:18:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.03.28 15:35:12 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\id Software
[2011.03.23 07:24:54 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
[2011.03.23 07:24:51 | 000,000,000 | -H-D | C] -- C:\Program Files\Project64 1.6
[2011.03.23 07:23:40 | 000,000,000 | -H-D | C] -- C:\Users\***\Desktop\Videos
[2011.03.22 06:58:38 | 000,000,000 | -H-D | C] -- C:\Users\***\Desktop\Neuer Ordner (3)
[2011.03.21 02:58:43 | 000,000,000 | -H-D | C] -- C:\Users\***\Desktop\5588
[2011.03.21 02:50:37 | 000,000,000 | -H-D | C] -- C:\Users\***\Desktop\Fotos
[2011.03.20 20:11:28 | 000,000,000 | -H-D | C] -- C:\Users\***\Desktop\Neuer Ordner (2)
[2011.03.20 20:06:45 | 000,000,000 | -H-D | C] -- C:\Users\***\Desktop\Neuer Ordner
[2011.03.20 01:24:00 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Migoria-MT2
[2011.03.18 01:29:59 | 000,000,000 | -H-D | C] -- C:\Program Files\PaperPlane
[2011.03.18 00:34:03 | 000,000,000 | -H-D | C] -- C:\Windows\pss
[2011.03.17 17:47:46 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Battlefield Play4Free
[2011.03.17 17:38:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
[2011.03.16 23:12:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011.03.16 23:12:08 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\ArcaniA - Gothic 4 Demo
[2011.03.15 15:21:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011.03.15 15:20:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\NVIDIA
[2011.03.15 15:19:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.03.15 15:19:14 | 015,047,272 | -H-- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2011.03.15 15:19:14 | 013,011,560 | -H-- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2011.03.15 15:19:14 | 010,467,656 | -H-- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2011.03.15 15:19:14 | 010,078,312 | -H-- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2011.03.15 15:19:14 | 004,941,928 | -H-- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2011.03.15 15:19:14 | 002,895,976 | -H-- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2011.03.15 15:19:14 | 002,251,368 | -H-- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2011.03.15 15:19:14 | 001,965,672 | -H-- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2011.03.15 15:19:14 | 000,941,160 | -H-- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll
[2011.03.15 15:19:14 | 000,837,736 | -H-- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll
[2011.03.15 15:19:14 | 000,057,960 | -H-- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011.03.15 15:19:14 | 000,010,920 | -H-- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2011.03.15 15:19:06 | 000,000,000 | -H-D | C] -- C:\Program Files\NVIDIA Corporation
[2011.03.15 15:18:47 | 000,000,000 | -H-D | C] -- C:\NVIDIA
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.04.14 05:15:22 | 000,001,885 | -H-- | M] () -- C:\Users\***\Desktop\Mozilla Firefox.lnk
[2011.04.14 05:14:50 | 000,000,308 | -HS- | M] () -- C:\Windows\tasks\kijalx.job
[2011.04.14 05:14:45 | 000,000,306 | -HS- | M] () -- C:\Windows\tasks\tvaqvdwe.job
[2011.04.14 05:14:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.14 05:14:37 | 1609,474,048 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.14 04:33:15 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.14 04:30:43 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.14 04:30:43 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.14 04:22:16 | 000,000,400 | -H-- | M] () -- C:\ProgramData\29810440
[2011.04.14 04:19:49 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~29810440r
[2011.04.14 04:19:49 | 000,000,096 | -H-- | M] () -- C:\ProgramData\~29810440
[2011.04.14 04:14:51 | 000,000,629 | -H-- | M] () -- C:\Users\***\Desktop\Windows Restore.lnk
[2011.04.14 04:11:48 | 000,001,120 | -H-- | M] () -- C:\Users\***\Desktop\TeamSpeak 3 Client.lnk
[2011.04.14 04:07:37 | 000,000,120 | -H-- | M] () -- C:\Users\***\AppData\Local\Nsolalolac.dat
[2011.04.14 04:07:37 | 000,000,000 | -H-- | M] () -- C:\Users\***\AppData\Local\Lcujogiwabafit.bin
[2011.04.14 04:05:53 | 000,158,720 | -H-- | M] () -- C:\Windows\Fjitua.exe
[2011.04.14 04:05:52 | 000,200,704 | RHS- | M] () -- C:\Windows\System32\recoverv.dll
[2011.04.14 04:05:52 | 000,200,704 | RHS- | M] () -- C:\Windows\System32\dnscmmcp.dll
[2011.04.14 03:37:53 | 000,654,372 | -H-- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.14 03:37:53 | 000,616,254 | -H-- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.14 03:37:53 | 000,129,986 | -H-- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.14 03:37:53 | 000,106,376 | -H-- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.14 02:25:41 | 000,000,670 | -H-- | M] () -- C:\Users\***\Desktop\FIFA 11 - Verknüpfung.lnk
[2011.04.13 21:36:25 | 000,444,952 | -H-- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011.04.13 21:36:25 | 000,109,080 | -H-- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2011.04.10 20:40:19 | 000,138,264 | -H-- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.04.10 20:40:11 | 000,234,768 | -H-- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.04.09 01:19:59 | 000,001,157 | -H-- | M] () -- C:\Users\***\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.09 01:19:44 | 000,001,316 | -H-- | M] () -- C:\Users\***\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.08 12:09:51 | 000,000,214 | -H-- | M] () -- C:\Windows\System32\Script.vbs
[2011.04.06 14:08:54 | 000,000,925 | -H-- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.04 22:03:01 | 000,002,033 | -H-- | M] () -- C:\Users\Public\Desktop\Battlefield 2 Demo.lnk
[2011.04.03 03:33:19 | 000,002,002 | -H-- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Demo.lnk
[2011.04.03 03:33:17 | 000,000,324 | -H-- | M] () -- C:\Windows\game.ini
[2011.03.29 22:18:22 | 000,000,856 | -H-- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2011.03.21 15:58:03 | 000,152,064 | -H-- | M] () -- C:\Windows\System32\xvid.ax
[2011.03.20 08:04:03 | 000,000,239 | -H-- | M] () -- C:\Windows\SIERRA.INI
[2011.03.19 23:24:26 | 000,000,080 | -H-- | M] () -- C:\Users\***\AppData\Local\X-Plane Installer.prf
[2011.03.19 17:06:01 | 000,240,640 | -H-- | M] () -- C:\Windows\System32\xvidvfw.dll
[2011.03.19 17:04:28 | 000,650,752 | -H-- | M] () -- C:\Windows\System32\xvidcore.dll
[2011.03.18 07:47:30 | 000,265,640 | -H-- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.03.17 17:38:41 | 000,138,056 | -H-- | M] () -- C:\Users\***\AppData\Roaming\PnkBstrK.sys
[2011.03.16 23:14:05 | 000,137,656 | -H-- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.04.14 05:15:22 | 000,001,885 | -H-- | C] () -- C:\Users\***\Desktop\Mozilla Firefox.lnk
[2011.04.14 04:33:15 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.14 04:14:52 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~29810440r
[2011.04.14 04:14:52 | 000,000,096 | -H-- | C] () -- C:\ProgramData\~29810440
[2011.04.14 04:14:51 | 000,000,629 | -H-- | C] () -- C:\Users\***\Desktop\Windows Restore.lnk
[2011.04.14 04:14:48 | 000,000,400 | -H-- | C] () -- C:\ProgramData\29810440
[2011.04.14 04:11:48 | 000,001,120 | -H-- | C] () -- C:\Users\***\Desktop\TeamSpeak 3 Client.lnk
[2011.04.14 04:07:37 | 000,000,120 | -H-- | C] () -- C:\Users\***\AppData\Local\Nsolalolac.dat
[2011.04.14 04:07:37 | 000,000,000 | -H-- | C] () -- C:\Users\***\AppData\Local\Lcujogiwabafit.bin
[2011.04.14 04:06:08 | 000,158,720 | -H-- | C] () -- C:\Windows\Fjitua.exe
[2011.04.14 04:05:52 | 000,200,704 | RHS- | C] () -- C:\Windows\System32\recoverv.dll
[2011.04.14 04:05:52 | 000,200,704 | RHS- | C] () -- C:\Windows\System32\dnscmmcp.dll
[2011.04.14 04:05:52 | 000,000,308 | -HS- | C] () -- C:\Windows\tasks\kijalx.job
[2011.04.14 04:05:52 | 000,000,306 | -HS- | C] () -- C:\Windows\tasks\tvaqvdwe.job
[2011.04.14 03:49:11 | 000,650,752 | -H-- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.04.14 03:49:11 | 000,240,640 | -H-- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.04.14 03:49:11 | 000,152,064 | -H-- | C] () -- C:\Windows\System32\xvid.ax
[2011.04.14 02:25:41 | 000,000,670 | -H-- | C] () -- C:\Users\***\Desktop\FIFA 11 - Verknüpfung.lnk
[2011.04.12 20:41:31 | 000,007,680 | -HS- | C] () -- C:\ProgramData\tiff208img.obj
[2011.04.10 03:01:03 | 000,001,298 | -H-- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011.04.09 01:19:52 | 000,001,157 | -H-- | C] () -- C:\Users\***\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.04 22:03:01 | 000,002,033 | -H-- | C] () -- C:\Users\Public\Desktop\Battlefield 2 Demo.lnk
[2011.04.03 03:33:19 | 000,002,002 | -H-- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Demo.lnk
[2011.03.31 00:27:56 | 000,000,324 | -H-- | C] () -- C:\Windows\game.ini
[2011.03.19 23:24:26 | 000,000,080 | -H-- | C] () -- C:\Users\***\AppData\Local\X-Plane Installer.prf
[2011.03.15 15:19:14 | 000,004,756 | -H-- | C] () -- C:\Windows\System32\nvinfo.pb
[2011.02.24 18:21:33 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.02.17 15:48:15 | 000,000,020 | -H-- | C] () -- C:\Windows\mafosav.INI
[2011.02.09 13:03:04 | 000,000,239 | -H-- | C] () -- C:\Windows\SIERRA.INI
[2011.02.07 02:34:41 | 000,000,000 | -H-- | C] () -- C:\Windows\Editor.INI
[2011.01.31 18:20:21 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.01.22 02:35:05 | 000,138,264 | -H-- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.01.22 02:35:04 | 000,138,056 | -H-- | C] () -- C:\Users\***\AppData\Roaming\PnkBstrK.sys
[2011.01.22 02:34:44 | 000,234,768 | -H-- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.01.22 02:34:26 | 000,794,408 | -H-- | C] () -- C:\Windows\System32\pbsvc.exe
[2011.01.22 02:34:26 | 000,075,136 | -H-- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.01.08 09:13:48 | 000,043,520 | -H-- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.01.04 21:41:25 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2010.10.14 01:36:44 | 000,179,263 | -H-- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.07.14 10:47:43 | 000,654,372 | -H-- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:47:43 | 000,295,922 | -H-- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:47:43 | 000,129,986 | -H-- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:47:43 | 000,038,104 | -H-- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,265,640 | -H-- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,616,254 | -H-- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | -H-- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,106,376 | -H-- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | -H-- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | -H-- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | -H-- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011.04.08 17:19:24 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\.minecraft
[2011.01.08 09:13:57 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Atari
[2011.02.02 19:38:12 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Command and Conquer 4
[2011.04.06 14:11:33 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Digitanks
[2011.01.03 06:12:13 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.01.04 19:42:16 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2011.02.05 16:43:04 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\FOG Downloader
[2011.03.09 18:34:56 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2011.04.12 14:49:31 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2011.04.12 14:17:53 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2011.01.04 11:22:09 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Local
[2011.04.06 05:36:09 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Petroglyph
[2011.01.23 00:33:16 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\ProtectDisc
[2011.03.14 05:50:18 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011.03.31 18:47:53 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\temp
[2011.02.07 17:41:23 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\Thies Gerken
[2011.02.15 08:18:51 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\TP
[2011.01.29 18:38:54 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2011.01.15 03:31:51 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2011.04.13 21:37:16 | 000,000,000 | -H-D | M] -- C:\Users\***\AppData\Roaming\ZombieDriver
[2011.04.14 05:14:50 | 000,000,308 | -HS- | M] () -- C:\Windows\Tasks\kijalx.job
[2011.02.22 01:05:13 | 000,032,630 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.04.14 05:14:45 | 000,000,306 | -HS- | M] () -- C:\Windows\Tasks\tvaqvdwe.job

========== Purity Check ==========

So Edit Nr.3 nach dem 2. Scannen das hier wobei ich dies auch löschen konnte:
Zitat:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6357

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

14.04.2011 05:52:01
mbam-log-2011-04-14 (05-52-01).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|)
Durchsuchte Objekte: 263306
Laufzeit: 33 Minute(n), 24 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Was muss ich noch tun, damit alles wieder auf mein Bildschirm etc da ist ??
Geändert von Carbonas (14.04.2011 um 04:54 Uhr) Grund: Edit hinzugefügt Nr.3

 

Themen zu [Wichtig] critical error hard drive not found und die anderen Übeltäter
adware.agent.gen, adware.clickpotato, adware.hotbar, adware.scanquery, adware.seekmo, adware.shopperreports, adware.softomate, anderen, avgntflt.sys, call of duty, daten, desktop, dinge, disabletaskmgr, error, fake, fehler, forum, found, hijack.zones, icons, install.exe, komplett, langs, location, lösung, malwarebytes, meldung, neue, not, nvlddmkm.sys, oldtimer, plug-in, posten, preferences, problem, schwarz, searchplugins, seele, software, start menu, tan, trojan.agent.u, user agent, virus, virus meldung, webcheck, wichtig, wichtige, wichtige daten


« BKA Trojaner eingefangen | BKA Trojaner »


Ähnliche Themen: [Wichtig] critical error hard drive not found und die anderen Übeltäter


  1. Your Computer is in critical state.Hard disk error detected[Schwarzer Desktop]
    Plagegeister aller Art und deren Bekämpfung - 02.11.2012 (14)
  2. Hard drive clusters are partly damaged
    Log-Analyse und Auswertung - 29.03.2012 (23)
  3. Hard drive clusters are partly damaged - Daten retten?
    Plagegeister aller Art und deren Bekämpfung - 28.03.2012 (5)
  4. Damaged Hard Drive Clusters Detected
    Log-Analyse und Auswertung - 18.03.2012 (4)
  5. Critical Error Damaged hard Drive Clusters detected
    Log-Analyse und Auswertung - 03.03.2012 (6)
  6. Hard drive clusters are partly damaged / Windows - Delayed Write Failed / Critical Error und andere
    Plagegeister aller Art und deren Bekämpfung - 24.01.2012 (1)
  7. damaged hard drive Clusters detected
    Log-Analyse und Auswertung - 15.01.2012 (9)
  8. Hard Disk Problem - critical Error
    Log-Analyse und Auswertung - 26.12.2011 (3)
  9. Windows detected a hard disk problem // critical error \\System32\\00005d03
    Log-Analyse und Auswertung - 05.11.2011 (38)
  10. Fehlermeldungen: Critical Error Damaged hard Drive Clusters detected
    Plagegeister aller Art und deren Bekämpfung - 31.05.2011 (28)
  11. Critical Disk Hard Drive Error
    Plagegeister aller Art und deren Bekämpfung - 29.05.2011 (1)
  12. Hard Drive damage - 33% der Harddisk nicht lesbar
    Plagegeister aller Art und deren Bekämpfung - 06.04.2011 (5)
  13. Critical Hard Disk, Hard Drive not found usw.
    Plagegeister aller Art und deren Bekämpfung - 16.02.2011 (5)
  14. A critical error has occurred while indexing data stored on hard drive.
    Plagegeister aller Art und deren Bekämpfung - 29.12.2010 (1)
  15. HDD Low Critical Error, Damaged Hard Drive - Problem mit OTL
    Plagegeister aller Art und deren Bekämpfung - 29.12.2010 (13)
  16. HDDLOW auf PC! Fehlermeldungen: Critical Error Damaged hard Drive Clusters detected
    Plagegeister aller Art und deren Bekämpfung - 27.12.2010 (41)
  17. Hard Drive Diagnostic entfernen
    Anleitungen, FAQs & Links - 04.12.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema [Wichtig] critical error hard drive not found und die anderen Übeltäter - hallo für mich neue Community. Ich versuche jetzt mal mein Problem zu erläutern. Als ich etwas gedownloadet habe kam eine Virus meldung, ok habe ich mir gedacht, dann lösche ich - [Wichtig] critical error hard drive not found und die anderen Übeltäter...
Archiv
Du betrachtest: [Wichtig] critical error hard drive not found und die anderen Übeltäter auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131