Google und Yahoo verlinken mich Falsch + langsames internet

#1 hallo,

seit ein paar tagen werde ich, wie andere hier in diesem forum auch, immer falsch verlinkt...habe schon ein paar mal antivir durchlaufen lassen, doch das hat auch nicht geholfen. Und ich weiß nicht obs was mit dem Virus zutun hat oder einfach nur mit meinem anbieter zusammenhängt, aber mein Internet läuft seit ich diesen virus habe auch nichtmehr so schnell. Ich selber habe wenig ahnung von pc's deshalb hoffe ich das mir hier geholfen werden kann.

mein HijackThis Ergebnis sieht wie folgt aus:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:41:08, on 22.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programme\WinAntiVirus Pro 2006\FWSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre6\bin\jqs.exe
c:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\Free Download Manager\fum\fum.exe
C:\Programme\Free Download Manager\FUM\fumoei.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Veoh Networks\Veoh\VeohClient.exe
C:\Programme\phonostar\ps_timer.exe
C:\Programme\Rainlendar2\Rainlendar2.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\freecell.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: (no name) - {000F05AE-126D-439B-9251-BC57561D1ED8} - (no file)
O2 - BHO: (no name) - {002CF808-B062-4F63-9160-18ABEAA3D3CA} - (no file)
O2 - BHO: (no name) - {01B3560D-0551-49E6-AF74-26F0A3BC4829} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {044FEAD5-B6A4-40A4-843C-A363B100E165} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: (no name) - {062FEC8C-81D8-424F-B3E8-35160E430971} - (no file)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {079A05CF-BD05-E4AE-2E51-BBCE65C9BEC7} - (no file)
O2 - BHO: (no name) - {07C5CC09-1B02-4DE0-949E-F8102B2FE5F7} - (no file)
O2 - BHO: (no name) - {09B46725-555B-45B1-A019-4790202A368D} - (no file)
O2 - BHO: (no name) - {0C7840AA-CACE-4DC9-BD6C-28E09AA44093} - (no file)
O2 - BHO: (no name) - {0D7FD7CE-5540-44BC-A1F3-0A3FDD61ED68} - (no file)
O2 - BHO: (no name) - {10C3CA71-8F17-40B7-8BC3-CAE57388A7FD} - (no file)
O2 - BHO: (no name) - {112375E4-ACA7-4AA7-9BEA-FB39DC710719} - (no file)
O2 - BHO: (no name) - {12BDC269-C33F-4C4E-ABB0-3B4B16479B26} - (no file)
O2 - BHO: (no name) - {1320DDFA-96CB-450A-9632-638A531C76DB} - (no file)
O2 - BHO: (no name) - {14C460EB-8167-49EF-ADF4-A04D6780003E} - (no file)
O2 - BHO: (no name) - {16783DE6-53B5-4FAC-A6F2-2FB8D4860426} - (no file)
O2 - BHO: (no name) - {17C24294-2065-4CD1-9140-CF2E270CFAFD} - (no file)
O2 - BHO: (no name) - {1A94B6C3-1D91-486F-8321-F7128AB02612} - (no file)
O2 - BHO: (no name) - {1B1C5B1A-D7B6-4E55-BE75-D056F4861DB1} - (no file)
O2 - BHO: (no name) - {1D13B922-FF3F-453C-AB72-D450EB4DD59D} - (no file)
O2 - BHO: (no name) - {1ECA16CA-84E6-44F3-A48B-17D2C7871B9D} - (no file)
O2 - BHO: (no name) - {20097157-EEEA-42F7-B100-991CD94706A1} - (no file)
O2 - BHO: (no name) - {22C8E33E-BA15-47A6-A498-069EC83FCB46} - (no file)
O2 - BHO: (no name) - {23B0D651-0CEB-4711-A891-F6FA9FA1C0A2} - (no file)
O2 - BHO: (no name) - {2469AB73-2A9E-4A38-9733-9206F6C2F9D2} - (no file)
O2 - BHO: (no name) - {2495E53C-3A38-4984-946C-A64BB2A78DA8} - (no file)
O2 - BHO: (no name) - {24FAB84D-BB03-42E5-9686-54EA4D7D5EB0} - (no file)
O2 - BHO: (no name) - {255E0B4E-2AF4-404F-A36F-BEB416C78AA9} - (no file)
O2 - BHO: (no name) - {258D9432-4ADE-4881-ABCC-A30134E8B76F} - (no file)
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {265A91E4-B0A7-4D53-A92A-3D1314BE6FA6} - (no file)
O2 - BHO: (no name) - {27405B5A-F816-4807-B49F-78C45AD914A3} - (no file)
O2 - BHO: (no name) - {27F888F2-095B-4669-8166-607F0B64E405} - (no file)
O2 - BHO: (no name) - {284193F2-BC52-4970-A8A7-9D0956A0FD13} - (no file)
O2 - BHO: (no name) - {28E4450E-1115-4A1B-B30D-B204294E9D0F} - (no file)
O2 - BHO: (no name) - {2984E896-06E3-44B0-A3E2-8FA8595593B6} - (no file)
O2 - BHO: (no name) - {2A311348-B023-4D16-97AD-AED02D2722FB} - (no file)
O2 - BHO: (no name) - {2D0116AC-9E91-430B-94F3-CCEDDB34B222} - (no file)
O2 - BHO: (no name) - {2D02C4D0-B03E-47AD-89EC-4025129D2D5B} - (no file)
O2 - BHO: (no name) - {2F5177B6-CDE8-433F-8CDE-F76C4EEC271E} - (no file)
O2 - BHO: (no name) - {30B232E2-1C52-4CCA-B72C-53ACDFE1FFDB} - (no file)
O2 - BHO: (no name) - {3129D7E7-93ED-46C4-869E-3EF41E435E4E} - (no file)
O2 - BHO: (no name) - {33D0A6EF-8701-420C-B357-E690DB9DB1A4} - (no file)
O2 - BHO: (no name) - {35C037D1-D467-48BC-B5C2-072BE7985838} - (no file)
O2 - BHO: (no name) - {36C69452-69AD-49EF-B9CD-0F6C0B4DA21B} - (no file)
O2 - BHO: (no name) - {375DF4AB-4430-4BC1-42E7-4091F0A18ACF} - (no file)
O2 - BHO: (no name) - {3883F76A-C6AC-4479-946D-7E9625C83706} - (no file)
O2 - BHO: (no name) - {3ACFB30A-6785-4B52-87F9-76E8739E3A4C} - (no file)
O2 - BHO: (no name) - {3AD84DB8-CCB5-422F-A5C6-7BE8F75FC8EC} - (no file)
O2 - BHO: (no name) - {3B43EE87-4F56-4B7C-A0B0-7FA1486B8A38} - (no file)
O2 - BHO: (no name) - {3BDA5C02-F0A9-495E-8292-98A03DE603BB} - (no file)
O2 - BHO: (no name) - {3C247F93-47FA-478F-8F80-83C0264F4C55} - (no file)
O2 - BHO: (no name) - {3DA16C06-6908-4D21-A0FE-327B762F5058} - (no file)
O2 - BHO: (no name) - {3E30AC01-F147-4231-A1F4-15DED7061E15} - (no file)
O2 - BHO: (no name) - {3EEFEA10-2F4E-4B4A-A302-82D4A0990794} - (no file)
O2 - BHO: (no name) - {3F0B1F86-BFC7-43FE-BD81-9B280241856F} - (no file)
O2 - BHO: (no name) - {4074765F-3155-4B6D-9131-48FF742AA9FE} - (no file)
O2 - BHO: (no name) - {435A8033-F9FB-429A-8F66-A05DCC0023DC} - (no file)
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - (no file)
O2 - BHO: (no name) - {49CA8B48-0397-427F-90E4-BCE1C351EF76} - (no file)
O2 - BHO: (no name) - {4B0C2823-AD11-4738-A826-031723F3C8BE} - (no file)
O2 - BHO: (no name) - {4DB53098-895A-8CFF-2691-872D1BAFF690} - (no file)
O2 - BHO: (no name) - {4E205EA1-62E0-4F0D-BBCA-B1BD756B81F0} - (no file)
O2 - BHO: Quick! - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - C:\Programme\quickbar\quickbar.dll
O2 - BHO: (no name) - {4E8C71B3-85B6-4BA2-BC0D-4DFD0BF1D77B} - (no file)
O2 - BHO: (no name) - {502BBF21-B531-4EAE-8AB9-7E77F32D9659} - (no file)
O2 - BHO: (no name) - {51408CF3-4B79-4ECB-A4F3-B1BCFB2B36FD} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5469A9D3-4549-41E8-6F25-1CE4C7C0BD98} - (no file)
O2 - BHO: (no name) - {5473D5E0-7CB8-4CAC-8976-B2C16DB445F3} - (no file)
O2 - BHO: (no name) - {54EF3E4D-760D-4A6C-8CBE-EF9B3D0286C8} - (no file)
O2 - BHO: (no name) - {5576B6D9-0DD0-414F-9F31-E9F24751764A} - (no file)
O2 - BHO: (no name) - {564F977F-5551-438F-8319-5EC21946102C} - (no file)
O2 - BHO: (no name) - {588C6185-DD4E-80ED-6B85-86AD730BE2C7} - (no file)
O2 - BHO: (no name) - {5A258A72-EAB0-48B5-95D6-2630C2B9A81C} - (no file)
O2 - BHO: (no name) - {5A94ED5A-BAAC-4F47-9AB5-EB0950338BE4} - (no file)
O2 - BHO: (no name) - {5F069498-AD6C-42EE-B42F-17FE8020A44C} - (no file)
O2 - BHO: (no name) - {5FD806B8-A598-40D5-9CA8-A6C355FE7CAD} - (no file)
O2 - BHO: (no name) - {5FD89D19-215D-48D9-A5B7-A45E5177FD27} - (no file)
O2 - BHO: (no name) - {5FE47436-B4C4-416D-A1FE-DB8051DF27C4} - (no file)
O2 - BHO: (no name) - {6194F980-3487-4C4D-961B-356ABE8C731D} - (no file)
O2 - BHO: (no name) - {62F55B92-BC09-4A1E-8634-54906FB749A9} - (no file)
O2 - BHO: (no name) - {632EBA7A-9BBB-4A1E-A406-5632CD7649E5} - (no file)
O2 - BHO: (no name) - {65FB382E-8CB6-D31B-C32F-8CCD5519D690} - (no file)
O2 - BHO: (no name) - {66DFB8B4-2391-49A9-8A13-93B7264AC6ED} - (no file)
O2 - BHO: (no name) - {6758C81E-494C-44E3-AFB5-CF16C3424FC5} - (no file)
O2 - BHO: (no name) - {68D5CF1D-EC5C-4bdd-A9EF-F0E517565D50} - (no file)
O2 - BHO: (no name) - {6A3CBD4E-A44D-4206-B7EA-7943683E0AAB} - (no file)
O2 - BHO: (no name) - {6A7DFCF7-451F-49C2-8696-1571997F11E3} - (no file)
O2 - BHO: (no name) - {6CBEB598-8BE4-4831-A842-DF859CAFA3DB} - (no file)
O2 - BHO: (no name) - {6DAFA222-FFF7-4B88-B662-AD86B7E9D536} - (no file)
O2 - BHO: (no name) - {6FB57ED1-ED2C-4996-8F4E-48D2CA5F48FE} - (no file)
O2 - BHO: (no name) - {704A3515-17C2-4B03-B737-4DF699460AE9} - (no file)
O2 - BHO: (no name) - {725D6290-D96F-4E8F-9B8A-E4D6E25B2E59} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7699CC6F-7FDE-40E6-BAB3-CC3DAF0670DD} - (no file)
O2 - BHO: (no name) - {76C7B490-C3CD-47CE-A6D1-3BF47834C870} - (no file)
O2 - BHO: (no name) - {76DF1BA6-B09C-4073-BEE2-11B5FB20B0B6} - (no file)
O2 - BHO: (no name) - {781A46E3-8CF3-47D0-987C-04D197C0BE8F} - (no file)
O2 - BHO: (no name) - {7B7A9B82-A20A-435A-B219-7D995C342E85} - (no file)
O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - (no file)
O2 - BHO: (no name) - {7EB426B1-0EBD-4567-9794-FF55EF7B7C06} - (no file)
O2 - BHO: (no name) - {80B4EA4D-8DF6-4658-93CF-CD2077C274DA} - (no file)
O2 - BHO: (no name) - {86CC3C58-4CF2-49D3-B2A7-D0AED17D1E4D} - (no file)
O2 - BHO: (no name) - {87796580-F4C9-4343-A95A-C1DC6A63F440} - (no file)
O2 - BHO: (no name) - {8ACF63E2-D39C-4D8E-BB8A-A6C3086C482A} - (no file)
O2 - BHO: (no name) - {8BDCABB7-47B2-4750-AB99-F777B81E8F2C} - (no file)
O2 - BHO: (no name) - {8C5AB057-06B6-481F-8F04-3BDCFEE3D24C} - (no file)
O2 - BHO: (no name) - {8FC12517-C67F-402F-8436-085799E7AE7E} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {93F31708-1376-49CB-866C-D37591B88A7C} - (no file)
O2 - BHO: (no name) - {95AA84A6-3DD5-4B61-800C-0877ADF2943F} - (no file)
O2 - BHO: (no name) - {95FC5C3D-2222-4D56-9F3C-B75089CA3EF1} - (no file)
O2 - BHO: (no name) - {97878771-5F64-4DA8-8B13-2AA2DDBC48C5} - (no file)
O2 - BHO: (no name) - {9D0C7181-6822-432E-A767-57592DB6AB4E} - (no file)
O2 - BHO: (no name) - {A0A99133-7775-4908-96D5-322B0DA655A7} - (no file)
O2 - BHO: (no name) - {A18F2FF8-824D-46FB-A3AB-77893BC5E838} - (no file)
O2 - BHO: (no name) - {A2749ED7-9A4C-4150-841F-418C324CF1AB} - (no file)
O2 - BHO: (no name) - {A73056B7-B573-E1D8-0426-EC1BC8771090} - (no file)
O2 - BHO: (no name) - {A8DC0FDC-9C6B-41C5-9940-9CFD27BDB9C5} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O2 - BHO: (no name) - {AB5B1177-D2E4-48E1-A8F7-BF597D7DA9F4} - (no file)
O2 - BHO: (no name) - {AD50134E-5923-4998-A3CA-552ED92FA219} - (no file)
O2 - BHO: (no name) - {AD5931BF-6741-4566-B1B0-152079DE1CB4} - (no file)
O2 - BHO: (no name) - {ADF58A3C-7C92-4065-A87B-58C500C97405} - (no file)
O2 - BHO: (no name) - {AE1135E9-7FEE-4859-97E5-B48BBC18EDF4} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: (no name) - {AFC8C37A-8648-4DE5-9600-8CFC944FE5A5} - (no file)
O2 - BHO: (no name) - {B15443C2-6770-45BE-B592-F9E1C5A51058} - (no file)
O2 - BHO: (no name) - {B287149E-C3B9-4DC6-90FC-2F4CF6D6FDDB} - (no file)
O2 - BHO: (no name) - {B3171E56-FAC4-A43D-B768-F87AEF960D94} - (no file)
O2 - BHO: (no name) - {B3CA5A57-84AE-493E-B1E9-819C5225DB0B} - (no file)
O2 - BHO: (no name) - {B4D7F587-31E9-4534-A603-86F9F9BC3F0B} - (no file)
O2 - BHO: (no name) - {B4F4E639-2C11-4618-A18B-B24BA10D566F} - (no file)
O2 - BHO: IEFW Object - {B5141620-C2B2-4D95-9F0F-134D99C87AB0} - C:\Programme\WinAntiVirus Pro 2006\IEFWBHO.dll
O2 - BHO: (no name) - {B579C006-E418-4219-B2B7-06BD3A0873E8} - (no file)
O2 - BHO: (no name) - {B5AD8E50-A31C-40FA-8C51-ADB320272245} - (no file)
O2 - BHO: (no name) - {B6BBCA5A-0AC2-4D33-9B0B-662E242C0D06} - (no file)
O2 - BHO: (no name) - {B6CB5892-D796-4D85-9894-2A8F017CFD13} - (no file)
O2 - BHO: (no name) - {B7B25911-3136-4AED-9DF7-8FF73195DBC5} - (no file)
O2 - BHO: (no name) - {B8A60364-0AD1-4F22-980F-E457223C5575} - (no file)
O2 - BHO: (no name) - {B96490F1-01E7-46D7-A57E-286E5DB5F6CC} - (no file)
O2 - BHO: (no name) - {BB738BE9-7B8C-4541-8717-1E3E4415B50F} - (no file)
O2 - BHO: (no name) - {BB97D007-82F4-4DD8-BF11-90158F5847FD} - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)
O2 - BHO: (no name) - {C5B2C8D9-252A-4256-9D6C-6D838D26AA91} - (no file)
O2 - BHO: (no name) - {C64C7712-9489-4B79-95B8-C4AFE95C7488} - (no file)
O2 - BHO: (no name) - {C6C96BC4-3385-43B7-81D6-C3085CB3C27B} - (no file)
O2 - BHO: (no name) - {C704DB3E-ADE4-4037-925A-541DF563502E} - (no file)
O2 - BHO: (no name) - {C7649F8C-A1C7-4053-82B0-B246B777C329} - (no file)
O2 - BHO: (no name) - {CA80B3F5-7918-452F-B8DF-F6A887B538E8} - (no file)
O2 - BHO: (no name) - {CC166AF5-13E2-4E7E-8DCF-DE3DEA942EDC} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll
O2 - BHO: (no name) - {CC9869CC-C184-48D2-ACEC-6451482ECA85} - (no file)
O2 - BHO: (no name) - {CE06A2C9-3F60-4C64-B737-F6FF3F7E8F22} - (no file)
O2 - BHO: (no name) - {CF6EC5FE-2668-709C-12F4-71E296037292} - (no file)
O2 - BHO: (no name) - {D0403D6A-81A8-DF0D-8DAE-D428EB0166CB} - (no file)
O2 - BHO: (no name) - {D2ADC9AE-E7E5-46EC-A1BE-43A586659C39} - (no file)
O2 - BHO: (no name) - {D3025262-2012-45B9-9243-16079C8B398F} - (no file)
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - (no file)
O2 - BHO: (no name) - {D516473D-94A5-4448-A54A-17CE6139FD43} - (no file)
O2 - BHO: (no name) - {D78AFD6E-8320-4613-BA57-A860E3B5E911} - (no file)
O2 - BHO: (no name) - {D7F8FA04-89DC-4864-B1CE-73BC61B41454} - (no file)
O2 - BHO: (no name) - {D8BC770A-5189-4DAD-93C3-FB8B96CB2915} - (no file)
O2 - BHO: (no name) - {DAB2B7EB-8D19-44A5-A94D-D8BE6DDD4FE5} - (no file)
O2 - BHO: (no name) - {DAED71CE-9D59-C4FC-2904-CE89112F69CC} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {DC8EA94D-1F5C-442D-878D-F9DE2498F343} - (no file)
O2 - BHO: (no name) - {E1195B1D-EB8C-BF21-F9DC-B3DEB4C105C6} - (no file)
O2 - BHO: (no name) - {E329FB99-9FD5-40F2-809B-28AD202BEAEC} - (no file)
O2 - BHO: (no name) - {E5FDA641-503D-430C-A63D-45DC61D96029} - (no file)
O2 - BHO: (no name) - {E73FAB54-2F72-40AD-803A-0E9A1143BD1C} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {EAC42571-B62B-4A70-BE16-2B85DBC1517D} - (no file)
O2 - BHO: (no name) - {EB58049C-EC55-BBAA-7DE4-B09EF1175F9B} - (no file)
O2 - BHO: (no name) - {EBB456D8-EE8C-4681-848E-0FF0C1270AC0} - (no file)
O2 - BHO: (no name) - {EC2DBA99-D622-4B48-AC75-522261CEF97A} - (no file)
O2 - BHO: (no name) - {ECA9AD6C-2C06-4984-B96A-922AD84F0100} - (no file)
O2 - BHO: (no name) - {F3853934-6D74-4CC2-BD11-A02204651D03} - (no file)
O2 - BHO: (no name) - {F42EFB6F-3597-416F-8327-94BE59F3CEC7} - (no file)
O2 - BHO: (no name) - {F430F559-E229-418A-A96C-0D6500D7607F} - (no file)
O2 - BHO: (no name) - {F5564D68-9154-498D-9E75-842CAF78EF76} - (no file)
O2 - BHO: (no name) - {F728782C-8AEE-473E-BB06-B2769B1D9322} - (no file)
O2 - BHO: (no name) - {FA2F3174-F39A-4F78-841F-34303FE7DBD3} - (no file)
O2 - BHO: (no name) - {FB0EE508-5D77-490E-932E-F47051228DF8} - (no file)
O2 - BHO: (no name) - {FD51AC16-8B18-486B-A637-08C70C62F097} - (no file)
O2 - BHO: (no name) - {FD8C13EC-3BB4-40EF-950B-65C0839680FE} - (no file)
O3 - Toolbar: HP-Ansicht - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programme\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: Quick! - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - C:\Programme\quickbar\quickbar.dll
O3 - Toolbar: (no name) - {74DD705D-6834-439C-A735-A6DBE2677452} - (no file)
O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Programme\Babylon\Babylon Toolbar\BabylonIEToolBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Programme\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Programme\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Programme\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Programme\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [PhonostarTimer] C:\Programme\phonostar\ps_timer.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Programme\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Google Update] "C:\Dokumente und Einstellungen\HP_Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - HKCU\..\Policies\Explorer\Run: [{FCF434F5-088C-1031-0322-050502150031}] "C:\Programme\Gemeinsame Dateien\{FCF434F5-088C-1031-0322-050502150031}\Update.exe" mc-110-12-0000272
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - Startup: .protected
O4 - Global Startup: .protected
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Programme\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Programme\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Programme\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Programme\Free Download Manager\dllink.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Programme\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} -
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) -
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.5.0_03) -
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://de.errorsafe.com/pages/scanner_de/ErrorSafeScannerInstallDE.cab
O20 - Winlogon Notify: ddccb - C:\WINDOWS\
O20 - Winlogon Notify: snifo - C:\WINDOWS\
O20 - Winlogon Notify: winzzc32 - winzzc32.dll (file missing)
O21 - SSODL: cinnamomum - {93ac7c30-3878-4eaa-9420-7977285df5b1} - (no file)
O22 - SharedTaskScheduler: {93ac7c30-3878-4eaa-9420-7977285df5b1} - cinnamomum - (no file)
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Programme\WinAntiVirus Pro 2006\FWSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 27493 bytes

#2 Hallo maggi04,

arbeite bitte die Punkte 2-5 aus http://board.protecus.de/t23187.htm und poste die Ergebnisse...
__________
MfG Ralf
SEO-Spam Hunter

#3 hallo raman,

danke für deine schnelle antwort. Ich habe jetzt versucht diese Punkte durchzuarbeiten, doch leider hatte ich 2 probleme.
1. lies sich malware nach dem installieren nicht starten, es ist einfach nichts passiert egal was ich probiert habe. (inkl. neuinstallation)
2. kann ich die seite für Combofix nicht erreichen. (Verbindung Fehlgeschlagen)

#4 Download die von mir umbenannte ComboFix von hier herunter(Anhang) und speichert es auf den Desktop!

Note:Wenn wehrend du Combofix runterlaedst oder anwendet ein Meldung deines Virenscanner kommt ode ein anderen Realtime scanner
Schalte diese scanner dann aus und download ComboFix erneut
Es gibt scanner die bestimmte komponente die durch CF benutzt werden als verdaechtig ansehen und versucht sie zu blokkieren oder zu entfernen
Starte 1234567890.exe
Folge den Instruktionen in das Fenster
Wenn ComboFix schon vorher benutzt worden ist kann es sein das du eine Meldung bekommst das es ein Update gibt
Erlaube diesen Update und klicke OK im "NirCmd“ fenster klicke nach ablauf auf "ja“um den Scan zu starten
Während Combofix lauft NICHT ins Fenster klicken sonst erfriert dein Rechner
Wenn das Tool fertig ist,oeffnet sich ein logfile (C:\ combofix.txt)
nun das KOMPLETTE Log mit rechtem Mausklick ab kopieren und ins Forum mit rechtem Mausklick "einfügen"
__________
MfG Argus

#5 hallo,

konnte heute malware ausführen und habe dank Argus nun auch Combofix.
Also hier:
mein Combofix bericht:

ComboFix 09-01-21.04 - HP_Besitzer 2009-01-23 20:26:15.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1031.18.1534.900 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\HP_Besitzer\Desktop\1234567890.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated)
.

((((((((((((((((((((((( Dateien erstellt von 2008-12-23 bis 2009-01-23 ))))))))))))))))))))))))))))))
.

2392-02-08 11:07 . 2392-02-08 11:07 3,120 --a------ c:\windows\MF_C421.lfa
2392-02-08 11:07 . 2392-02-08 11:07 3,120 --a------ c:\windows\MF_C420.lfa
2009-01-23 20:08 . 2009-01-23 20:08 <DIR> d-------- c:\dokumente und einstellungen\HP_Besitzer\Anwendungsdaten\Malwarebytes
2009-01-23 19:44 . 2009-01-23 20:25 3,282,976 --ahs---- c:\windows\system32\drivers\fidbox.dat
2009-01-23 19:44 . 2009-01-23 20:10 311,328 --ahs---- c:\windows\system32\drivers\fidbox2.dat
2009-01-23 19:44 . 2009-01-23 20:24 26,728 --ahs---- c:\windows\system32\drivers\fidbox.idx
2009-01-23 19:44 . 2009-01-23 20:10 2,144 --ahs---- c:\windows\system32\drivers\fidbox2.idx
2009-01-22 22:40 . 2009-01-22 22:40 <DIR> d-------- c:\programme\Kaspersky Lab
2009-01-22 22:40 . 2009-01-23 19:55 <DIR> d-------- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
2009-01-22 22:40 . 2009-01-22 22:40 96,645 --a------ c:\windows\system32\drivers\klin.dat
2009-01-22 22:40 . 2009-01-22 22:40 87,941 --a------ c:\windows\system32\drivers\klick.dat
2009-01-22 22:39 . 2009-01-22 22:39 <DIR> d-------- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files
2009-01-22 20:34 . 2009-01-22 20:34 <DIR> d-------- c:\programme\Malwarebytes' Anti-Malware
2009-01-22 20:34 . 2009-01-22 20:34 <DIR> d-------- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2009-01-22 20:34 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-22 20:34 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-22 18:02 . 2009-01-22 18:02 <DIR> d-------- c:\programme\Trend Micro
2009-01-20 14:04 . 2009-01-20 14:04 <DIR> d-------- c:\dokumente und einstellungen\HP_Besitzer\Anwendungsdaten\DivX
2009-01-18 16:44 . 2009-01-18 16:44 <DIR> d-------- c:\programme\CCleaner
2009-01-18 16:43 . 2009-01-18 16:43 <DIR> d-------- c:\programme\Java
2009-01-18 16:43 . 2009-01-18 16:43 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-18 16:43 . 2009-01-18 16:43 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-08 13:17 . 2009-01-08 13:17 <DIR> d-------- c:\dokumente und einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
2009-01-04 20:54 . 2009-01-04 22:55 <DIR> d--hs---- c:\windows\system32\twain32

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-23 19:28 --------- d-----w c:\dokumente und einstellungen\HP_Besitzer\Anwendungsdaten\Free Download Manager
2009-01-23 19:24 --------- d-----w c:\programme\ICQToolbar
2009-01-22 22:09 --------- d-----w c:\programme\PokerStars
2009-01-22 16:15 --------- d-----w c:\programme\Warcraft III
2009-01-19 17:34 --------- d-----w c:\dokumente und einstellungen\HP_Besitzer\Anwendungsdaten\temp
2009-01-15 15:41 --------- d--h--w c:\programme\InstallShield Installation Information
2009-01-11 23:08 --------- d-----w c:\dokumente und einstellungen\HP_Besitzer\Anwendungsdaten\OpenOffice.org2
2009-01-02 15:59 --------- d-----w c:\dokumente und einstellungen\HP_Besitzer\Anwendungsdaten\ICQ
2008-12-28 17:02 --------- d-----w c:\programme\Cossacks - Back To War
2008-12-17 01:59 --------- d-----w c:\programme\Winamp
2008-12-15 18:59 --------- d-----w c:\dokumente und einstellungen\HP_Besitzer\Anwendungsdaten\Azureus
2008-12-15 16:53 --------- d-----w c:\programme\Azureus
2008-12-14 15:34 --------- d-----w c:\dokumente und einstellungen\HP_Besitzer\Anwendungsdaten\Xfire
2008-12-13 06:36 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\dllcache\srv.sys
2008-12-11 11:42 --------- d-s---w c:\programme\Xfire
2008-12-04 17:07 --------- d-----w c:\programme\7-Zip
2008-12-03 22:08 --------- d-----w c:\programme\ICQ6.5
2008-12-03 18:02 --------- d-----w c:\programme\ICQ6
2008-11-26 19:52 --------- d-----w c:\programme\Brain Workshop
2008-11-20 20:44 42,320 ----a-w c:\windows\system32\xfcodec.dll
2008-10-27 12:26 3,542 ----a-w c:\windows\system32\ealregsnapshot1.reg
2008-10-24 11:10 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 12:59 283,648 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 12:59 283,648 ----a-w c:\windows\system32\dllcache\gdi32.dll
2005-05-15 10:15 219,838,095 ----a-w c:\programme\tms_demo_de.exe
2006-05-06 16:42 7,260,160 ----a-w c:\programme\mozilla firefox\plugins\libvlc.dll
2005-04-24 06:07 56 --sha-r c:\windows\system32\20158BCBCB.sys
2005-04-24 06:07 1,682 -csha-w c:\windows\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\programme\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 1415824]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"Free Upload Manager"="c:\programme\Free Download Manager\fum\fum.exe" [2007-07-29 253952]
"Free Uploader Oe Integration"="c:\programme\Free Download Manager\FUM\fumoei.exe" [2007-06-10 40960]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Veoh"="c:\programme\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 3587120]
"PhonostarTimer"="c:\programme\phonostar\ps_timer.exe" [2007-12-05 126976]
"Rainlendar2"="c:\programme\Rainlendar2\Rainlendar2.exe" [2008-08-24 4067328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HPHUPD06"="c:\programme\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 344064]
"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2005-01-01 98304]
"DAEMON Tools"="c:\programme\DAEMON Tools\daemon.exe" [2005-12-10 133016]
"TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2007-09-13 185632]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2004-10-13 278528]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ISUSPM Startup"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"SunJavaUpdateSched"="c:\programme\Java\jre6\bin\jusched.exe" [2009-01-18 136600]
"AVP"="c:\programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-04-25 201992]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 c:\windows\ALCXMNTR.EXE]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv31"= c:\windows\system32\ir32_32.dll
"vidc.iv32"= c:\windows\system32\ir32_32.dll
"VIDC.XFR1"= xfcodec.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Earc"="c:\dokume~1\HP_BES~1\EIGENE~1\CURITY~1\notepad.exe" -vt yazr
"EA Core"="c:\programme\Electronic Arts\EA Link\Core.exe" -silent

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" -atboottime
"ICQ Lite"=c:\programme\ICQLite\ICQLite.exe -minimize
"2chkdsk"=rundll32.exe "c:\windows\system32\iljcccgx.dll",setvm
"ISUSPM Startup"=c:\progra~1\GEMEIN~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
"ISUSScheduler"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
"iTunesHelper"=c:\programme\iTunes\iTunesHelper.exe
"TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Dokumente und Einstellungen\\All Users\\Dokumente\\Eigene Musik\\Beispielmusik\\incredimail_install.exe"=
"c:\\Programme\\Valve\\Steam\\Steam.exe"=
"c:\\Programme\\Xfire\\Xfire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Valve\\Steam\\SteamApps\\bonesplitter1991\\counter-strike source\\hl2.exe"=
"c:\\Programme\\SiSoftware\\SiSoftware Sandra Lite XI.SP1\\RpcSandraSrv.exe"=
"c:\\Programme\\SiSoftware\\SiSoftware Sandra Lite XI.SP1\\Win32\\RpcDataSrv.exe"=
"c:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programme\\MSN Messenger\\livecall.exe"=
"c:\\Programme\\PPMate\\ppmate.exe"=
"c:\\Programme\\PPMate\\ppmnet.exe"=
"c:\\Programme\\ICQ6.5\\ICQ.exe"=
"c:\\Programme\\Veoh Networks\\Veoh\\VeohClient.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [2006-04-06 120320]
R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [2006-04-06 78848]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-03-25 24592]
R4 SVKP;SVKP;c:\windows\system32\SVKP.sys [2007-04-20 2368]
S3 ATICDSDr;ATICDSDr;c:\ati\SUPPORT\8-10_X~1\bin\atiicdxx.sys [2008-09-24 6144]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\magix\Common\Database\bin\fbserver.exe [2007-10-29 1527900]
S3 gUSBSTOi;gUSBSTOi;\??\c:\dokume~1\HP_BES~1\LOKALE~1\Temp\gUSBSTOi.sys --> c:\dokume~1\HP_BES~1\LOKALE~1\Temp\gUSBSTOi.sys [?]
S3 noprghdl;noprghdl;\??\c:\dokume~1\HP_BES~1\LOKALE~1\Temp\noprghdl.sys --> c:\dokume~1\HP_BES~1\LOKALE~1\Temp\noprghdl.sys [?]
S3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\pfc027.sys [2005-02-24 162176]
S3 SaiHFF0C;SaiHFF0C;c:\windows\system32\drivers\SaiHFF0C.sys [2004-06-11 56576]
S3 SaiNtSub;SaiNtSub;c:\windows\system32\drivers\SaiNtSub.sys [2005-11-11 19200]
S3 SaiUFF0C;SaiUFF0C;c:\windows\system32\drivers\saiuFF0C.sys [2004-06-11 19584]
.
Inhalt des "geplante Tasks" Ordners

2009-01-09 c:\windows\Tasks\1-Klick-Wartung.job
- c:\programme\TuneUp Utilities 2007\SystemOptimizer.exe []

2009-01-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q105&bd=pavilion&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q105&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = about:blank
IE: &Google Search - c:\programme\google\GoogleToolbar2.dll/cmsearch.html
IE: &ICQ Toolbar Search - c:\programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: &Winamp Search - c:\dokumente und einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download all with Free Download Manager - file://c:\programme\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\programme\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\programme\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\programme\Free Download Manager\dllink.htm
IE: Im Cache gespeicherte Seite - c:\programme\google\GoogleToolbar2.dll/cmcache.html
IE: Verweisseiten - c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
IE: Ähnliche Seiten - c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
IE: {{FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - c:\programme\Free Download Manager\FUM\fumiebtn.dll
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
FF - ProfilePath - c:\dokumente und einstellungen\HP_Besitzer\Anwendungsdaten\Mozilla\Firefox\Profiles\1ersnd8x.Standard-Benutzer\
FF - component: c:\dokumente und einstellungen\HP_Besitzer\Anwendungsdaten\Mozilla\Firefox\Profiles\1ersnd8x.Standard-Benutzer\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampPlayer.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npvlc.dll
FF - plugin: c:\programme\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\programme\Opera\program\plugins\npdrmv2.dll
FF - plugin: c:\programme\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-23 20:29:02
Windows 5.1.2600 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-2330714953-4184890358-700378639-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-2330714953-4184890358-700378639-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:63,cf,ba,ba,e5,47,37,be,ac,e6,79,16,1b,23,c3,af,b7,b6,1b,ef,11,16,e6,
d9,17,12,c9,5e,1f,ab,a1,6f,7a,e1,45,da,32,4f,74,96,2f,3b,39,bf,cc,8c,a3,a9,\
"??"=hex:d0,b6,67,98,e9,3d,99,eb,73,51,81,07,e8,d7,81,90
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(1092)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\klogon.dll
.
Zeit der Fertigstellung: 2009-01-23 20:31:59
ComboFix-quarantined-files.txt 2009-01-23 19:31:06
ComboFix2.txt 2009-01-23 19:00:11

Vor Suchlauf: 47 Verzeichnis(se), 14.128.947.200 Bytes frei
Nach Suchlauf: 47 Verzeichnis(se), 14,117,335,040 Bytes frei

214 --- E O F --- 2009-01-15 02:00:51

#6 Poste nochmal ein Log von Hijack This
__________
MfG Argus

#7 okay, aber nach der ausführung von malware und combofix scheint wieder alles zu funktionieren, naja zur sicherheit poste ich nochmal den Hijack This Log



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:44:35, on 24.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Java\jre6\bin\jqs.exe
c:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Free Download Manager\fum\fum.exe
C:\Programme\Free Download Manager\FUM\fumoei.exe
C:\Programme\Veoh Networks\Veoh\VeohClient.exe
C:\Programme\phonostar\ps_timer.exe
C:\Programme\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\explorer.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\freecell.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q105&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O2 - BHO: (no name) - {000F05AE-126D-439B-9251-BC57561D1ED8} - (no file)
O2 - BHO: (no name) - {002CF808-B062-4F63-9160-18ABEAA3D3CA} - (no file)
O2 - BHO: (no name) - {01B3560D-0551-49E6-AF74-26F0A3BC4829} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {044FEAD5-B6A4-40A4-843C-A363B100E165} - (no file)
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: (no name) - {062FEC8C-81D8-424F-B3E8-35160E430971} - (no file)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {079A05CF-BD05-E4AE-2E51-BBCE65C9BEC7} - (no file)
O2 - BHO: (no name) - {07C5CC09-1B02-4DE0-949E-F8102B2FE5F7} - (no file)
O2 - BHO: (no name) - {09B46725-555B-45B1-A019-4790202A368D} - (no file)
O2 - BHO: (no name) - {0C7840AA-CACE-4DC9-BD6C-28E09AA44093} - (no file)
O2 - BHO: (no name) - {0D7FD7CE-5540-44BC-A1F3-0A3FDD61ED68} - (no file)
O2 - BHO: (no name) - {10C3CA71-8F17-40B7-8BC3-CAE57388A7FD} - (no file)
O2 - BHO: (no name) - {112375E4-ACA7-4AA7-9BEA-FB39DC710719} - (no file)
O2 - BHO: (no name) - {12BDC269-C33F-4C4E-ABB0-3B4B16479B26} - (no file)
O2 - BHO: (no name) - {1320DDFA-96CB-450A-9632-638A531C76DB} - (no file)
O2 - BHO: (no name) - {14C460EB-8167-49EF-ADF4-A04D6780003E} - (no file)
O2 - BHO: (no name) - {16783DE6-53B5-4FAC-A6F2-2FB8D4860426} - (no file)
O2 - BHO: (no name) - {17C24294-2065-4CD1-9140-CF2E270CFAFD} - (no file)
O2 - BHO: (no name) - {1A94B6C3-1D91-486F-8321-F7128AB02612} - (no file)
O2 - BHO: (no name) - {1B1C5B1A-D7B6-4E55-BE75-D056F4861DB1} - (no file)
O2 - BHO: (no name) - {1D13B922-FF3F-453C-AB72-D450EB4DD59D} - (no file)
O2 - BHO: (no name) - {1ECA16CA-84E6-44F3-A48B-17D2C7871B9D} - (no file)
O2 - BHO: (no name) - {20097157-EEEA-42F7-B100-991CD94706A1} - (no file)
O2 - BHO: (no name) - {22C8E33E-BA15-47A6-A498-069EC83FCB46} - (no file)
O2 - BHO: (no name) - {23B0D651-0CEB-4711-A891-F6FA9FA1C0A2} - (no file)
O2 - BHO: (no name) - {2469AB73-2A9E-4A38-9733-9206F6C2F9D2} - (no file)
O2 - BHO: (no name) - {2495E53C-3A38-4984-946C-A64BB2A78DA8} - (no file)
O2 - BHO: (no name) - {24FAB84D-BB03-42E5-9686-54EA4D7D5EB0} - (no file)
O2 - BHO: (no name) - {255E0B4E-2AF4-404F-A36F-BEB416C78AA9} - (no file)
O2 - BHO: (no name) - {258D9432-4ADE-4881-ABCC-A30134E8B76F} - (no file)
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {265A91E4-B0A7-4D53-A92A-3D1314BE6FA6} - (no file)
O2 - BHO: (no name) - {27405B5A-F816-4807-B49F-78C45AD914A3} - (no file)
O2 - BHO: (no name) - {27F888F2-095B-4669-8166-607F0B64E405} - (no file)
O2 - BHO: (no name) - {284193F2-BC52-4970-A8A7-9D0956A0FD13} - (no file)
O2 - BHO: (no name) - {28E4450E-1115-4A1B-B30D-B204294E9D0F} - (no file)
O2 - BHO: (no name) - {2984E896-06E3-44B0-A3E2-8FA8595593B6} - (no file)
O2 - BHO: (no name) - {2A311348-B023-4D16-97AD-AED02D2722FB} - (no file)
O2 - BHO: (no name) - {2D0116AC-9E91-430B-94F3-CCEDDB34B222} - (no file)
O2 - BHO: (no name) - {2D02C4D0-B03E-47AD-89EC-4025129D2D5B} - (no file)
O2 - BHO: (no name) - {2F5177B6-CDE8-433F-8CDE-F76C4EEC271E} - (no file)
O2 - BHO: (no name) - {30B232E2-1C52-4CCA-B72C-53ACDFE1FFDB} - (no file)
O2 - BHO: (no name) - {3129D7E7-93ED-46C4-869E-3EF41E435E4E} - (no file)
O2 - BHO: (no name) - {33D0A6EF-8701-420C-B357-E690DB9DB1A4} - (no file)
O2 - BHO: (no name) - {35C037D1-D467-48BC-B5C2-072BE7985838} - (no file)
O2 - BHO: (no name) - {36C69452-69AD-49EF-B9CD-0F6C0B4DA21B} - (no file)
O2 - BHO: (no name) - {375DF4AB-4430-4BC1-42E7-4091F0A18ACF} - (no file)
O2 - BHO: (no name) - {3883F76A-C6AC-4479-946D-7E9625C83706} - (no file)
O2 - BHO: (no name) - {3ACFB30A-6785-4B52-87F9-76E8739E3A4C} - (no file)
O2 - BHO: (no name) - {3AD84DB8-CCB5-422F-A5C6-7BE8F75FC8EC} - (no file)
O2 - BHO: (no name) - {3B43EE87-4F56-4B7C-A0B0-7FA1486B8A38} - (no file)
O2 - BHO: (no name) - {3BDA5C02-F0A9-495E-8292-98A03DE603BB} - (no file)
O2 - BHO: (no name) - {3C247F93-47FA-478F-8F80-83C0264F4C55} - (no file)
O2 - BHO: (no name) - {3DA16C06-6908-4D21-A0FE-327B762F5058} - (no file)
O2 - BHO: (no name) - {3E30AC01-F147-4231-A1F4-15DED7061E15} - (no file)
O2 - BHO: (no name) - {3EEFEA10-2F4E-4B4A-A302-82D4A0990794} - (no file)
O2 - BHO: (no name) - {3F0B1F86-BFC7-43FE-BD81-9B280241856F} - (no file)
O2 - BHO: (no name) - {4074765F-3155-4B6D-9131-48FF742AA9FE} - (no file)
O2 - BHO: (no name) - {435A8033-F9FB-429A-8F66-A05DCC0023DC} - (no file)
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - (no file)
O2 - BHO: (no name) - {49CA8B48-0397-427F-90E4-BCE1C351EF76} - (no file)
O2 - BHO: (no name) - {4B0C2823-AD11-4738-A826-031723F3C8BE} - (no file)
O2 - BHO: (no name) - {4DB53098-895A-8CFF-2691-872D1BAFF690} - (no file)
O2 - BHO: (no name) - {4E205EA1-62E0-4F0D-BBCA-B1BD756B81F0} - (no file)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - (no file)
O2 - BHO: (no name) - {4E8C71B3-85B6-4BA2-BC0D-4DFD0BF1D77B} - (no file)
O2 - BHO: (no name) - {502BBF21-B531-4EAE-8AB9-7E77F32D9659} - (no file)
O2 - BHO: (no name) - {51408CF3-4B79-4ECB-A4F3-B1BCFB2B36FD} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5469A9D3-4549-41E8-6F25-1CE4C7C0BD98} - (no file)
O2 - BHO: (no name) - {5473D5E0-7CB8-4CAC-8976-B2C16DB445F3} - (no file)
O2 - BHO: (no name) - {54EF3E4D-760D-4A6C-8CBE-EF9B3D0286C8} - (no file)
O2 - BHO: (no name) - {5576B6D9-0DD0-414F-9F31-E9F24751764A} - (no file)
O2 - BHO: (no name) - {564F977F-5551-438F-8319-5EC21946102C} - (no file)
O2 - BHO: (no name) - {588C6185-DD4E-80ED-6B85-86AD730BE2C7} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {5A258A72-EAB0-48B5-95D6-2630C2B9A81C} - (no file)
O2 - BHO: (no name) - {5A94ED5A-BAAC-4F47-9AB5-EB0950338BE4} - (no file)
O2 - BHO: (no name) - {5F069498-AD6C-42EE-B42F-17FE8020A44C} - (no file)
O2 - BHO: (no name) - {5FD806B8-A598-40D5-9CA8-A6C355FE7CAD} - (no file)
O2 - BHO: (no name) - {5FD89D19-215D-48D9-A5B7-A45E5177FD27} - (no file)
O2 - BHO: (no name) - {5FE47436-B4C4-416D-A1FE-DB8051DF27C4} - (no file)
O2 - BHO: (no name) - {6194F980-3487-4C4D-961B-356ABE8C731D} - (no file)
O2 - BHO: (no name) - {62F55B92-BC09-4A1E-8634-54906FB749A9} - (no file)
O2 - BHO: (no name) - {632EBA7A-9BBB-4A1E-A406-5632CD7649E5} - (no file)
O2 - BHO: (no name) - {65FB382E-8CB6-D31B-C32F-8CCD5519D690} - (no file)
O2 - BHO: (no name) - {66DFB8B4-2391-49A9-8A13-93B7264AC6ED} - (no file)
O2 - BHO: (no name) - {6758C81E-494C-44E3-AFB5-CF16C3424FC5} - (no file)
O2 - BHO: (no name) - {68D5CF1D-EC5C-4bdd-A9EF-F0E517565D50} - (no file)
O2 - BHO: (no name) - {6A3CBD4E-A44D-4206-B7EA-7943683E0AAB} - (no file)
O2 - BHO: (no name) - {6A7DFCF7-451F-49C2-8696-1571997F11E3} - (no file)
O2 - BHO: (no name) - {6CBEB598-8BE4-4831-A842-DF859CAFA3DB} - (no file)
O2 - BHO: (no name) - {6DAFA222-FFF7-4B88-B662-AD86B7E9D536} - (no file)
O2 - BHO: (no name) - {6FB57ED1-ED2C-4996-8F4E-48D2CA5F48FE} - (no file)
O2 - BHO: (no name) - {704A3515-17C2-4B03-B737-4DF699460AE9} - (no file)
O2 - BHO: (no name) - {725D6290-D96F-4E8F-9B8A-E4D6E25B2E59} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7699CC6F-7FDE-40E6-BAB3-CC3DAF0670DD} - (no file)
O2 - BHO: (no name) - {76C7B490-C3CD-47CE-A6D1-3BF47834C870} - (no file)
O2 - BHO: (no name) - {76DF1BA6-B09C-4073-BEE2-11B5FB20B0B6} - (no file)
O2 - BHO: (no name) - {781A46E3-8CF3-47D0-987C-04D197C0BE8F} - (no file)
O2 - BHO: (no name) - {7B7A9B82-A20A-435A-B219-7D995C342E85} - (no file)
O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - (no file)
O2 - BHO: (no name) - {7EB426B1-0EBD-4567-9794-FF55EF7B7C06} - (no file)
O2 - BHO: (no name) - {80B4EA4D-8DF6-4658-93CF-CD2077C274DA} - (no file)
O2 - BHO: (no name) - {86CC3C58-4CF2-49D3-B2A7-D0AED17D1E4D} - (no file)
O2 - BHO: (no name) - {87796580-F4C9-4343-A95A-C1DC6A63F440} - (no file)
O2 - BHO: (no name) - {8ACF63E2-D39C-4D8E-BB8A-A6C3086C482A} - (no file)
O2 - BHO: (no name) - {8BDCABB7-47B2-4750-AB99-F777B81E8F2C} - (no file)
O2 - BHO: (no name) - {8C5AB057-06B6-481F-8F04-3BDCFEE3D24C} - (no file)
O2 - BHO: (no name) - {8FC12517-C67F-402F-8436-085799E7AE7E} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {93F31708-1376-49CB-866C-D37591B88A7C} - (no file)
O2 - BHO: (no name) - {95AA84A6-3DD5-4B61-800C-0877ADF2943F} - (no file)
O2 - BHO: (no name) - {95FC5C3D-2222-4D56-9F3C-B75089CA3EF1} - (no file)
O2 - BHO: (no name) - {97878771-5F64-4DA8-8B13-2AA2DDBC48C5} - (no file)
O2 - BHO: (no name) - {9D0C7181-6822-432E-A767-57592DB6AB4E} - (no file)
O2 - BHO: (no name) - {A0A99133-7775-4908-96D5-322B0DA655A7} - (no file)
O2 - BHO: (no name) - {A18F2FF8-824D-46FB-A3AB-77893BC5E838} - (no file)
O2 - BHO: (no name) - {A2749ED7-9A4C-4150-841F-418C324CF1AB} - (no file)
O2 - BHO: (no name) - {A73056B7-B573-E1D8-0426-EC1BC8771090} - (no file)
O2 - BHO: (no name) - {A8DC0FDC-9C6B-41C5-9940-9CFD27BDB9C5} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O2 - BHO: (no name) - {AB5B1177-D2E4-48E1-A8F7-BF597D7DA9F4} - (no file)
O2 - BHO: (no name) - {AD50134E-5923-4998-A3CA-552ED92FA219} - (no file)
O2 - BHO: (no name) - {AD5931BF-6741-4566-B1B0-152079DE1CB4} - (no file)
O2 - BHO: (no name) - {ADF58A3C-7C92-4065-A87B-58C500C97405} - (no file)
O2 - BHO: (no name) - {AE1135E9-7FEE-4859-97E5-B48BBC18EDF4} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: (no name) - {AFC8C37A-8648-4DE5-9600-8CFC944FE5A5} - (no file)
O2 - BHO: (no name) - {B15443C2-6770-45BE-B592-F9E1C5A51058} - (no file)
O2 - BHO: (no name) - {B287149E-C3B9-4DC6-90FC-2F4CF6D6FDDB} - (no file)
O2 - BHO: (no name) - {B3171E56-FAC4-A43D-B768-F87AEF960D94} - (no file)
O2 - BHO: (no name) - {B3CA5A57-84AE-493E-B1E9-819C5225DB0B} - (no file)
O2 - BHO: (no name) - {B4D7F587-31E9-4534-A603-86F9F9BC3F0B} - (no file)
O2 - BHO: (no name) - {B4F4E639-2C11-4618-A18B-B24BA10D566F} - (no file)
O2 - BHO: (no name) - {B5141620-C2B2-4D95-9F0F-134D99C87AB0} - (no file)
O2 - BHO: (no name) - {B579C006-E418-4219-B2B7-06BD3A0873E8} - (no file)
O2 - BHO: (no name) - {B5AD8E50-A31C-40FA-8C51-ADB320272245} - (no file)
O2 - BHO: (no name) - {B6BBCA5A-0AC2-4D33-9B0B-662E242C0D06} - (no file)
O2 - BHO: (no name) - {B6CB5892-D796-4D85-9894-2A8F017CFD13} - (no file)
O2 - BHO: (no name) - {B7B25911-3136-4AED-9DF7-8FF73195DBC5} - (no file)
O2 - BHO: (no name) - {B8A60364-0AD1-4F22-980F-E457223C5575} - (no file)
O2 - BHO: (no name) - {B96490F1-01E7-46D7-A57E-286E5DB5F6CC} - (no file)
O2 - BHO: (no name) - {BB738BE9-7B8C-4541-8717-1E3E4415B50F} - (no file)
O2 - BHO: (no name) - {BB97D007-82F4-4DD8-BF11-90158F5847FD} - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)
O2 - BHO: (no name) - {C5B2C8D9-252A-4256-9D6C-6D838D26AA91} - (no file)
O2 - BHO: (no name) - {C64C7712-9489-4B79-95B8-C4AFE95C7488} - (no file)
O2 - BHO: (no name) - {C6C96BC4-3385-43B7-81D6-C3085CB3C27B} - (no file)
O2 - BHO: (no name) - {C704DB3E-ADE4-4037-925A-541DF563502E} - (no file)
O2 - BHO: (no name) - {C7649F8C-A1C7-4053-82B0-B246B777C329} - (no file)
O2 - BHO: (no name) - {CA80B3F5-7918-452F-B8DF-F6A887B538E8} - (no file)
O2 - BHO: (no name) - {CC166AF5-13E2-4E7E-8DCF-DE3DEA942EDC} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll
O2 - BHO: (no name) - {CC9869CC-C184-48D2-ACEC-6451482ECA85} - (no file)
O2 - BHO: (no name) - {CE06A2C9-3F60-4C64-B737-F6FF3F7E8F22} - (no file)
O2 - BHO: (no name) - {CF6EC5FE-2668-709C-12F4-71E296037292} - (no file)
O2 - BHO: (no name) - {D0403D6A-81A8-DF0D-8DAE-D428EB0166CB} - (no file)
O2 - BHO: (no name) - {D2ADC9AE-E7E5-46EC-A1BE-43A586659C39} - (no file)
O2 - BHO: (no name) - {D3025262-2012-45B9-9243-16079C8B398F} - (no file)
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - (no file)
O2 - BHO: (no name) - {D516473D-94A5-4448-A54A-17CE6139FD43} - (no file)
O2 - BHO: (no name) - {D78AFD6E-8320-4613-BA57-A860E3B5E911} - (no file)
O2 - BHO: (no name) - {D7F8FA04-89DC-4864-B1CE-73BC61B41454} - (no file)
O2 - BHO: (no name) - {D8BC770A-5189-4DAD-93C3-FB8B96CB2915} - (no file)
O2 - BHO: (no name) - {DAB2B7EB-8D19-44A5-A94D-D8BE6DDD4FE5} - (no file)
O2 - BHO: (no name) - {DAED71CE-9D59-C4FC-2904-CE89112F69CC} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {DC8EA94D-1F5C-442D-878D-F9DE2498F343} - (no file)
O2 - BHO: (no name) - {E1195B1D-EB8C-BF21-F9DC-B3DEB4C105C6} - (no file)
O2 - BHO: (no name) - {E329FB99-9FD5-40F2-809B-28AD202BEAEC} - (no file)
O2 - BHO: (no name) - {E5FDA641-503D-430C-A63D-45DC61D96029} - (no file)
O2 - BHO: (no name) - {E73FAB54-2F72-40AD-803A-0E9A1143BD1C} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {EAC42571-B62B-4A70-BE16-2B85DBC1517D} - (no file)
O2 - BHO: (no name) - {EB58049C-EC55-BBAA-7DE4-B09EF1175F9B} - (no file)
O2 - BHO: (no name) - {EBB456D8-EE8C-4681-848E-0FF0C1270AC0} - (no file)
O2 - BHO: (no name) - {EC2DBA99-D622-4B48-AC75-522261CEF97A} - (no file)
O2 - BHO: (no name) - {ECA9AD6C-2C06-4984-B96A-922AD84F0100} - (no file)
O2 - BHO: (no name) - {F3853934-6D74-4CC2-BD11-A02204651D03} - (no file)
O2 - BHO: (no name) - {F42EFB6F-3597-416F-8327-94BE59F3CEC7} - (no file)
O2 - BHO: (no name) - {F430F559-E229-418A-A96C-0D6500D7607F} - (no file)
O2 - BHO: (no name) - {F5564D68-9154-498D-9E75-842CAF78EF76} - (no file)
O2 - BHO: (no name) - {F728782C-8AEE-473E-BB06-B2769B1D9322} - (no file)
O2 - BHO: (no name) - {FA2F3174-F39A-4F78-841F-34303FE7DBD3} - (no file)
O2 - BHO: (no name) - {FB0EE508-5D77-490E-932E-F47051228DF8} - (no file)
O2 - BHO: (no name) - {FD51AC16-8B18-486B-A637-08C70C62F097} - (no file)
O2 - BHO: (no name) - {FD8C13EC-3BB4-40EF-950B-65C0839680FE} - (no file)
O3 - Toolbar: HP-Ansicht - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programme\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Programme\Babylon\Babylon Toolbar\BabylonIEToolBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Programme\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Programme\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Programme\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Programme\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [PhonostarTimer] C:\Programme\phonostar\ps_timer.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Programme\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Programme\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Programme\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Programme\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Programme\Free Download Manager\dllink.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Programme\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} -
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) -
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.5.0_03) -
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} -

#8 Das Log ist nicht Komplett
__________
MfG Argus

#9 Fange schon mal an mit fixen:

Schliesse alle Fenster und starte Hijack This
Klicke: Do a Systemscan only
Setze ein Häckchen in das Kästchen vor den genannten Eintrag bei

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O2 - BHO: (no name) - {000F05AE-126D-439B-9251-BC57561D1ED8} - (no file)
O2 - BHO: (no name) - {002CF808-B062-4F63-9160-18ABEAA3D3CA} - (no file)
O2 - BHO: (no name) - {01B3560D-0551-49E6-AF74-26F0A3BC4829} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {044FEAD5-B6A4-40A4-843C-A363B100E165} - (no file)
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: (no name) - {062FEC8C-81D8-424F-B3E8-35160E430971} - (no file)
O2 - BHO: (no name) - {079A05CF-BD05-E4AE-2E51-BBCE65C9BEC7} - (no file)
O2 - BHO: (no name) - {07C5CC09-1B02-4DE0-949E-F8102B2FE5F7} - (no file)
O2 - BHO: (no name) - {09B46725-555B-45B1-A019-4790202A368D} - (no file)
O2 - BHO: (no name) - {0C7840AA-CACE-4DC9-BD6C-28E09AA44093} - (no file)
O2 - BHO: (no name) - {0D7FD7CE-5540-44BC-A1F3-0A3FDD61ED68} - (no file)
O2 - BHO: (no name) - {10C3CA71-8F17-40B7-8BC3-CAE57388A7FD} - (no file)
O2 - BHO: (no name) - {112375E4-ACA7-4AA7-9BEA-FB39DC710719} - (no file)
O2 - BHO: (no name) - {12BDC269-C33F-4C4E-ABB0-3B4B16479B26} - (no file)
O2 - BHO: (no name) - {1320DDFA-96CB-450A-9632-638A531C76DB} - (no file)
O2 - BHO: (no name) - {14C460EB-8167-49EF-ADF4-A04D6780003E} - (no file)
O2 - BHO: (no name) - {16783DE6-53B5-4FAC-A6F2-2FB8D4860426} - (no file)
O2 - BHO: (no name) - {17C24294-2065-4CD1-9140-CF2E270CFAFD} - (no file)
O2 - BHO: (no name) - {1A94B6C3-1D91-486F-8321-F7128AB02612} - (no file)
O2 - BHO: (no name) - {1B1C5B1A-D7B6-4E55-BE75-D056F4861DB1} - (no file)
O2 - BHO: (no name) - {1D13B922-FF3F-453C-AB72-D450EB4DD59D} - (no file)
O2 - BHO: (no name) - {1ECA16CA-84E6-44F3-A48B-17D2C7871B9D} - (no file)
O2 - BHO: (no name) - {20097157-EEEA-42F7-B100-991CD94706A1} - (no file)
O2 - BHO: (no name) - {22C8E33E-BA15-47A6-A498-069EC83FCB46} - (no file)
O2 - BHO: (no name) - {23B0D651-0CEB-4711-A891-F6FA9FA1C0A2} - (no file)
O2 - BHO: (no name) - {2469AB73-2A9E-4A38-9733-9206F6C2F9D2} - (no file)
O2 - BHO: (no name) - {2495E53C-3A38-4984-946C-A64BB2A78DA8} - (no file)
O2 - BHO: (no name) - {24FAB84D-BB03-42E5-9686-54EA4D7D5EB0} - (no file)
O2 - BHO: (no name) - {255E0B4E-2AF4-404F-A36F-BEB416C78AA9} - (no file)
O2 - BHO: (no name) - {258D9432-4ADE-4881-ABCC-A30134E8B76F} - (no file)
O2 - BHO: (no name) - {265A91E4-B0A7-4D53-A92A-3D1314BE6FA6} - (no file)
O2 - BHO: (no name) - {27405B5A-F816-4807-B49F-78C45AD914A3} - (no file)
O2 - BHO: (no name) - {27F888F2-095B-4669-8166-607F0B64E405} - (no file)
O2 - BHO: (no name) - {284193F2-BC52-4970-A8A7-9D0956A0FD13} - (no file)
O2 - BHO: (no name) - {28E4450E-1115-4A1B-B30D-B204294E9D0F} - (no file)
O2 - BHO: (no name) - {2984E896-06E3-44B0-A3E2-8FA8595593B6} - (no file)
O2 - BHO: (no name) - {2A311348-B023-4D16-97AD-AED02D2722FB} - (no file)
O2 - BHO: (no name) - {2D0116AC-9E91-430B-94F3-CCEDDB34B222} - (no file)
O2 - BHO: (no name) - {2D02C4D0-B03E-47AD-89EC-4025129D2D5B} - (no file)
O2 - BHO: (no name) - {2F5177B6-CDE8-433F-8CDE-F76C4EEC271E} - (no file)
O2 - BHO: (no name) - {30B232E2-1C52-4CCA-B72C-53ACDFE1FFDB} - (no file)
O2 - BHO: (no name) - {3129D7E7-93ED-46C4-869E-3EF41E435E4E} - (no file)
O2 - BHO: (no name) - {33D0A6EF-8701-420C-B357-E690DB9DB1A4} - (no file)
O2 - BHO: (no name) - {35C037D1-D467-48BC-B5C2-072BE7985838} - (no file)
O2 - BHO: (no name) - {36C69452-69AD-49EF-B9CD-0F6C0B4DA21B} - (no file)
O2 - BHO: (no name) - {375DF4AB-4430-4BC1-42E7-4091F0A18ACF} - (no file)
O2 - BHO: (no name) - {3883F76A-C6AC-4479-946D-7E9625C83706} - (no file)
O2 - BHO: (no name) - {3ACFB30A-6785-4B52-87F9-76E8739E3A4C} - (no file)
O2 - BHO: (no name) - {3AD84DB8-CCB5-422F-A5C6-7BE8F75FC8EC} - (no file)
O2 - BHO: (no name) - {3B43EE87-4F56-4B7C-A0B0-7FA1486B8A38} - (no file)
O2 - BHO: (no name) - {3BDA5C02-F0A9-495E-8292-98A03DE603BB} - (no file)
O2 - BHO: (no name) - {3C247F93-47FA-478F-8F80-83C0264F4C55} - (no file)
O2 - BHO: (no name) - {3DA16C06-6908-4D21-A0FE-327B762F5058} - (no file)
O2 - BHO: (no name) - {3E30AC01-F147-4231-A1F4-15DED7061E15} - (no file)
O2 - BHO: (no name) - {3EEFEA10-2F4E-4B4A-A302-82D4A0990794} - (no file)
O2 - BHO: (no name) - {3F0B1F86-BFC7-43FE-BD81-9B280241856F} - (no file)
O2 - BHO: (no name) - {4074765F-3155-4B6D-9131-48FF742AA9FE} - (no file)
O2 - BHO: (no name) - {435A8033-F9FB-429A-8F66-A05DCC0023DC} - (no file)
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - (no file)
O2 - BHO: (no name) - {49CA8B48-0397-427F-90E4-BCE1C351EF76} - (no file)
O2 - BHO: (no name) - {4B0C2823-AD11-4738-A826-031723F3C8BE} - (no file)
O2 - BHO: (no name) - {4DB53098-895A-8CFF-2691-872D1BAFF690} - (no file)
O2 - BHO: (no name) - {4E205EA1-62E0-4F0D-BBCA-B1BD756B81F0} - (no file)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - (no file)
O2 - BHO: (no name) - {4E8C71B3-85B6-4BA2-BC0D-4DFD0BF1D77B} - (no file)
O2 - BHO: (no name) - {502BBF21-B531-4EAE-8AB9-7E77F32D9659} - (no file)
O2 - BHO: (no name) - {51408CF3-4B79-4ECB-A4F3-B1BCFB2B36FD} - (no file)
O2 - BHO: (no name) - {5469A9D3-4549-41E8-6F25-1CE4C7C0BD98} - (no file)
O2 - BHO: (no name) - {5473D5E0-7CB8-4CAC-8976-B2C16DB445F3} - (no file)
O2 - BHO: (no name) - {54EF3E4D-760D-4A6C-8CBE-EF9B3D0286C8} - (no file)
O2 - BHO: (no name) - {5576B6D9-0DD0-414F-9F31-E9F24751764A} - (no file)
O2 - BHO: (no name) - {564F977F-5551-438F-8319-5EC21946102C} - (no file)
O2 - BHO: (no name) - {588C6185-DD4E-80ED-6B85-86AD730BE2C7} - (no file)
O2 - BHO: (no name) - {5A258A72-EAB0-48B5-95D6-2630C2B9A81C} - (no file)
O2 - BHO: (no name) - {5A94ED5A-BAAC-4F47-9AB5-EB0950338BE4} - (no file)
O2 - BHO: (no name) - {5F069498-AD6C-42EE-B42F-17FE8020A44C} - (no file)
O2 - BHO: (no name) - {5FD806B8-A598-40D5-9CA8-A6C355FE7CAD} - (no file)
O2 - BHO: (no name) - {5FD89D19-215D-48D9-A5B7-A45E5177FD27} - (no file)
O2 - BHO: (no name) - {5FE47436-B4C4-416D-A1FE-DB8051DF27C4} - (no file)
O2 - BHO: (no name) - {6194F980-3487-4C4D-961B-356ABE8C731D} - (no file)
O2 - BHO: (no name) - {62F55B92-BC09-4A1E-8634-54906FB749A9} - (no file)
O2 - BHO: (no name) - {632EBA7A-9BBB-4A1E-A406-5632CD7649E5} - (no file)
O2 - BHO: (no name) - {65FB382E-8CB6-D31B-C32F-8CCD5519D690} - (no file)
O2 - BHO: (no name) - {66DFB8B4-2391-49A9-8A13-93B7264AC6ED} - (no file)
O2 - BHO: (no name) - {6758C81E-494C-44E3-AFB5-CF16C3424FC5} - (no file)
O2 - BHO: (no name) - {68D5CF1D-EC5C-4bdd-A9EF-F0E517565D50} - (no file)
O2 - BHO: (no name) - {6A3CBD4E-A44D-4206-B7EA-7943683E0AAB} - (no file)
O2 - BHO: (no name) - {6A7DFCF7-451F-49C2-8696-1571997F11E3} - (no file)
O2 - BHO: (no name) - {6CBEB598-8BE4-4831-A842-DF859CAFA3DB} - (no file)
O2 - BHO: (no name) - {6DAFA222-FFF7-4B88-B662-AD86B7E9D536} - (no file)
O2 - BHO: (no name) - {6FB57ED1-ED2C-4996-8F4E-48D2CA5F48FE} - (no file)
O2 - BHO: (no name) - {704A3515-17C2-4B03-B737-4DF699460AE9} - (no file)
O2 - BHO: (no name) - {725D6290-D96F-4E8F-9B8A-E4D6E25B2E59} - (no file)
O2 - BHO: (no name) - {7699CC6F-7FDE-40E6-BAB3-CC3DAF0670DD} - (no file)
O2 - BHO: (no name) - {76C7B490-C3CD-47CE-A6D1-3BF47834C870} - (no file)
O2 - BHO: (no name) - {76DF1BA6-B09C-4073-BEE2-11B5FB20B0B6} - (no file)
O2 - BHO: (no name) - {781A46E3-8CF3-47D0-987C-04D197C0BE8F} - (no file)
O2 - BHO: (no name) - {7B7A9B82-A20A-435A-B219-7D995C342E85} - (no file)
O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - (no file)
O2 - BHO: (no name) - {7EB426B1-0EBD-4567-9794-FF55EF7B7C06} - (no file)
O2 - BHO: (no name) - {80B4EA4D-8DF6-4658-93CF-CD2077C274DA} - (no file)
O2 - BHO: (no name) - {86CC3C58-4CF2-49D3-B2A7-D0AED17D1E4D} - (no file)
O2 - BHO: (no name) - {87796580-F4C9-4343-A95A-C1DC6A63F440} - (no file)
O2 - BHO: (no name) - {8ACF63E2-D39C-4D8E-BB8A-A6C3086C482A} - (no file)
O2 - BHO: (no name) - {8BDCABB7-47B2-4750-AB99-F777B81E8F2C} - (no file)
O2 - BHO: (no name) - {8C5AB057-06B6-481F-8F04-3BDCFEE3D24C} - (no file)
O2 - BHO: (no name) - {8FC12517-C67F-402F-8436-085799E7AE7E} - (no file)
O2 - BHO: (no name) - {93F31708-1376-49CB-866C-D37591B88A7C} - (no file)
O2 - BHO: (no name) - {95AA84A6-3DD5-4B61-800C-0877ADF2943F} - (no file)
O2 - BHO: (no name) - {95FC5C3D-2222-4D56-9F3C-B75089CA3EF1} - (no file)
O2 - BHO: (no name) - {97878771-5F64-4DA8-8B13-2AA2DDBC48C5} - (no file)
O2 - BHO: (no name) - {9D0C7181-6822-432E-A767-57592DB6AB4E} - (no file)
O2 - BHO: (no name) - {A0A99133-7775-4908-96D5-322B0DA655A7} - (no file)
O2 - BHO: (no name) - {A18F2FF8-824D-46FB-A3AB-77893BC5E838} - (no file)
O2 - BHO: (no name) - {A2749ED7-9A4C-4150-841F-418C324CF1AB} - (no file)
O2 - BHO: (no name) - {A73056B7-B573-E1D8-0426-EC1BC8771090} - (no file)
O2 - BHO: (no name) - {A8DC0FDC-9C6B-41C5-9940-9CFD27BDB9C5} - (no file)
O2 - BHO: (no name) - {AB5B1177-D2E4-48E1-A8F7-BF597D7DA9F4} - (no file)
O2 - BHO: (no name) - {AD50134E-5923-4998-A3CA-552ED92FA219} - (no file)
O2 - BHO: (no name) - {AD5931BF-6741-4566-B1B0-152079DE1CB4} - (no file)
O2 - BHO: (no name) - {ADF58A3C-7C92-4065-A87B-58C500C97405} - (no file)
O2 - BHO: (no name) - {AE1135E9-7FEE-4859-97E5-B48BBC18EDF4} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: (no name) - {AFC8C37A-8648-4DE5-9600-8CFC944FE5A5} - (no file)
O2 - BHO: (no name) - {B15443C2-6770-45BE-B592-F9E1C5A51058} - (no file)
O2 - BHO: (no name) - {B287149E-C3B9-4DC6-90FC-2F4CF6D6FDDB} - (no file)
O2 - BHO: (no name) - {B3171E56-FAC4-A43D-B768-F87AEF960D94} - (no file)
O2 - BHO: (no name) - {B3CA5A57-84AE-493E-B1E9-819C5225DB0B} - (no file)
O2 - BHO: (no name) - {B4D7F587-31E9-4534-A603-86F9F9BC3F0B} - (no file)
O2 - BHO: (no name) - {B4F4E639-2C11-4618-A18B-B24BA10D566F} - (no file)
O2 - BHO: (no name) - {B5141620-C2B2-4D95-9F0F-134D99C87AB0} - (no file)
O2 - BHO: (no name) - {B579C006-E418-4219-B2B7-06BD3A0873E8} - (no file)
O2 - BHO: (no name) - {B5AD8E50-A31C-40FA-8C51-ADB320272245} - (no file)
O2 - BHO: (no name) - {B6BBCA5A-0AC2-4D33-9B0B-662E242C0D06} - (no file)
O2 - BHO: (no name) - {B6CB5892-D796-4D85-9894-2A8F017CFD13} - (no file)
O2 - BHO: (no name) - {B7B25911-3136-4AED-9DF7-8FF73195DBC5} - (no file)
O2 - BHO: (no name) - {B8A60364-0AD1-4F22-980F-E457223C5575} - (no file)
O2 - BHO: (no name) - {B96490F1-01E7-46D7-A57E-286E5DB5F6CC} - (no file)
O2 - BHO: (no name) - {BB738BE9-7B8C-4541-8717-1E3E4415B50F} - (no file)
O2 - BHO: (no name) - {BB97D007-82F4-4DD8-BF11-90158F5847FD} - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)
O2 - BHO: (no name) - {C5B2C8D9-252A-4256-9D6C-6D838D26AA91} - (no file)
O2 - BHO: (no name) - {C64C7712-9489-4B79-95B8-C4AFE95C7488} - (no file)
O2 - BHO: (no name) - {C6C96BC4-3385-43B7-81D6-C3085CB3C27B} - (no file)
O2 - BHO: (no name) - {C704DB3E-ADE4-4037-925A-541DF563502E} - (no file)
O2 - BHO: (no name) - {C7649F8C-A1C7-4053-82B0-B246B777C329} - (no file)
O2 - BHO: (no name) - {CA80B3F5-7918-452F-B8DF-F6A887B538E8} - (no file)
O2 - BHO: (no name) - {CC166AF5-13E2-4E7E-8DCF-DE3DEA942EDC} - (no file)
O2 - BHO: (no name) - {CC9869CC-C184-48D2-ACEC-6451482ECA85} - (no file)
O2 - BHO: (no name) - {CE06A2C9-3F60-4C64-B737-F6FF3F7E8F22} - (no file)
O2 - BHO: (no name) - {CF6EC5FE-2668-709C-12F4-71E296037292} - (no file)
O2 - BHO: (no name) - {D0403D6A-81A8-DF0D-8DAE-D428EB0166CB} - (no file)
O2 - BHO: (no name) - {D2ADC9AE-E7E5-46EC-A1BE-43A586659C39} - (no file)
O2 - BHO: (no name) - {D3025262-2012-45B9-9243-16079C8B398F} - (no file)
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - (no file)
O2 - BHO: (no name) - {D516473D-94A5-4448-A54A-17CE6139FD43} - (no file)
O2 - BHO: (no name) - {D78AFD6E-8320-4613-BA57-A860E3B5E911} - (no file)
O2 - BHO: (no name) - {D7F8FA04-89DC-4864-B1CE-73BC61B41454} - (no file)
O2 - BHO: (no name) - {D8BC770A-5189-4DAD-93C3-FB8B96CB2915} - (no file)
O2 - BHO: (no name) - {DAB2B7EB-8D19-44A5-A94D-D8BE6DDD4FE5} - (no file)
O2 - BHO: (no name) - {DAED71CE-9D59-C4FC-2904-CE89112F69CC} - (no file)
O2 - BHO: (no name) - {DC8EA94D-1F5C-442D-878D-F9DE2498F343} - (no file)
O2 - BHO: (no name) - {E1195B1D-EB8C-BF21-F9DC-B3DEB4C105C6} - (no file)
O2 - BHO: (no name) - {E329FB99-9FD5-40F2-809B-28AD202BEAEC} - (no file)
O2 - BHO: (no name) - {E5FDA641-503D-430C-A63D-45DC61D96029} - (no file)
O2 - BHO: (no name) - {E73FAB54-2F72-40AD-803A-0E9A1143BD1C} - (no file)
O2 - BHO: (no name) - {EAC42571-B62B-4A70-BE16-2B85DBC1517D} - (no file)
O2 - BHO: (no name) - {EB58049C-EC55-BBAA-7DE4-B09EF1175F9B} - (no file)
O2 - BHO: (no name) - {EBB456D8-EE8C-4681-848E-0FF0C1270AC0} - (no file)
O2 - BHO: (no name) - {EC2DBA99-D622-4B48-AC75-522261CEF97A} - (no file)
O2 - BHO: (no name) - {ECA9AD6C-2C06-4984-B96A-922AD84F0100} - (no file)
O2 - BHO: (no name) - {F3853934-6D74-4CC2-BD11-A02204651D03} - (no file)
O2 - BHO: (no name) - {F42EFB6F-3597-416F-8327-94BE59F3CEC7} - (no file)
O2 - BHO: (no name) - {F430F559-E229-418A-A96C-0D6500D7607F} - (no file)
O2 - BHO: (no name) - {F5564D68-9154-498D-9E75-842CAF78EF76} - (no file)
O2 - BHO: (no name) - {F728782C-8AEE-473E-BB06-B2769B1D9322} - (no file)
O2 - BHO: (no name) - {FA2F3174-F39A-4F78-841F-34303FE7DBD3} - (no file)
O2 - BHO: (no name) - {FB0EE508-5D77-490E-932E-F47051228DF8} - (no file)
O2 - BHO: (no name) - {FD51AC16-8B18-486B-A637-08C70C62F097} - (no file)
O2 - BHO: (no name) - {FD8C13EC-3BB4-40EF-950B-65C0839680FE} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} -
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Plug-in 1.4.2_03) -
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.5.0_03) -
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD}

-Klicke : Fix Checked

Und poste nochmal ein Log
__________
MfG Argus

#10 oh sorry naja hier das komplette Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:47:09, on 24.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Java\jre6\bin\jqs.exe
c:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Free Download Manager\fum\fum.exe
C:\Programme\Free Download Manager\FUM\fumoei.exe
C:\Programme\Veoh Networks\Veoh\VeohClient.exe
C:\Programme\phonostar\ps_timer.exe
C:\Programme\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\explorer.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: HP-Ansicht - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programme\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Programme\Babylon\Babylon Toolbar\BabylonIEToolBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Programme\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Programme\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Programme\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Programme\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [PhonostarTimer] C:\Programme\phonostar\ps_timer.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Programme\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Programme\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Programme\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Programme\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Programme\Free Download Manager\dllink.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Programme\Free Download Manager\FUM\fumiebtn.dll
O20 - Winlogon Notify: ddccb - C:\WINDOWS\
O20 - Winlogon Notify: snifo - C:\WINDOWS\
O20 - Winlogon Notify: winzzc32 - C:\WINDOWS\
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 10694 bytes

#11 Schliesse alle Fenster und starte Hijack This
Klicke: Do a Systemscan only
Setze ein Häckchen in das Kästchen vor den genannten Eintrag bei

O20 - Winlogon Notify: ddccb - C:\WINDOWS\
O20 - Winlogon Notify: snifo - C:\WINDOWS\
O20 - Winlogon Notify: winzzc32 - C:\WINDOWS\

-Klicke : Fix Checked

Entferne
c:\dokumente und einstellungen\HP_Besitzer\Desktop\1234567890.exe

Download OTCleanIt. by OldTimer zum Desktop
Schliesse alle Fenster
Doppelklick: OTCleanIt.
Klicke: CleanUp

Wenn gefragt wird “Do you want to reboot now?”klicke “Yes”
Dein Rechner wird neu gestartet
Vista benutzer: rechtermausklick auf OTCleanIt.exe und waehle "Run as an Administrator"

Damit werden Reste von benutzten Programme wieder entfernt

Benutze CCleaner

Systemwiederherstellung (de)aktivieren

Happy Surfing again
__________
MfG Argus