| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-AddyWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.12.2011, 22:06
| #1 |
 |  Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy Moin zusammen, ich habe mir schon oft Tipps aus diesem Forum rausgesucht aber nun stehe ich auf dem Schlauch... Ich habe das Problem, das mein Mailprogramm "Windows Live Mail" Spam versendet. Könnt Ihr mir helfen dieses Schädling, der das verursacht zu entfernen? Das eine oder andere Programm habe ich schon probiert.. habe aber Schwierigkeiten 1. die LOGS auszuwerten und 2. dann die entsprechenden Gegenmaßnahmen zu leisten. Bin über jede Hilfe außerordentlich dankbar. LG Ch4uv1e |
|
23.12.2011, 06:28
| #2 | |||
| /// Helfer-Team    | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Zitat:
► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen: Für Vista und Win7: Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
2. Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
3. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool CCleaner herunter → Download installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein Zitat:
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw grußkira
__________________ |
|
23.12.2011, 18:52
| #3 |
| | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy Vielen Dank für die Hilfe!!!
__________________Habe bis jetzt Malwarebytes Anti-Malware benützt. Hier das Ergebnis: Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 911122306
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
23.12.2011 18:39:11
mbam-log-2011-12-23 (18-39-11).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 499246
Laufzeit: 1 Stunde(n), 44 Minute(n), 13 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
LG |
|
23.12.2011, 19:41
| #4 |
| | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy Hier die OLt.txt Code:
ATTFilter OTL logfile created on: 23.12.2011 18:55:21 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\UserXY\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,93 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 35,21% Memory free 7,87 Gb Paging File | 4,89 Gb Available in Paging File | 62,13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 420,33 Gb Total Space | 172,72 Gb Free Space | 41,09% Space Free | Partition Type: NTFS Drive D: | 30,48 Gb Total Space | 28,23 Gb Free Space | 92,62% Space Free | Partition Type: NTFS Computer Name: UserXY-PC | User Name: UserXY | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\UserXY\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe () PRC - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) PRC - C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe (Lenovo) PRC - C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone) PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avutil-51.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avformat-53.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avcodec-53.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f5659a792c1f6832d9a45c1509d03497\System.Transactions.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\ccba14fc93de40f4f53d401f07b9bcb8\System.Security.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe () MOD - C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll () MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll () MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll () MOD - C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe () MOD - C:\Windows\SysWOW64\msjetoledb40.dll () MOD - C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (Slidebar Notifier Service) -- C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe (Lenovo) SRV:64bit: - (Lenovo ReadyComm ConnSvc) -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited) SRV:64bit: - (Lenovo ReadyComm AppSvc) -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (btwdins) -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited) SRV - (ReadyComm.DirectRouter) -- C:\windows\SysWow64\IgrsSvcs.exe (Microsoft Corporation) SRV - (PS_MDP) -- C:\windows\SysWow64\IgrsSvcs.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.) ========== Driver Services (SafeList) ========== DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc) DRV:64bit: - (vm332avs) -- C:\Windows\SysNative\drivers\vm332avs.sys (Vimicro Corporation) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (ss_bmdm) -- C:\Windows\SysNative\drivers\ss_bmdm.sys (MCCI Corporation) DRV:64bit: - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\SysNative\drivers\ss_bbus.sys (MCCI) DRV:64bit: - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\SysNative\drivers\ss_bmdfl.sys (MCCI Corporation) DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation) DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink) DRV:64bit: - (ATIAVPCI) -- C:\Windows\SysNative\drivers\atinavrr.sys (ATI Technologies Inc.) DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Lenovo) DRV:64bit: - (Bridge0) -- C:\Windows\SysNative\drivers\WDBridge.sys (Lenovo) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de-de.facebook.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.einsatz.bundeswehr.de/portal/a/einsatzbw/kcxml/04_Sj9SPykssy0xPLMnMz0vM0Y_QjzKLN_SJdw0xB8lB2EGu-pFw0aCUVH1fj_zcVH1v_QD9gtyIckdHRUUAFEVdhA!!/delta/base64xml/L3dJdyEvd0ZNQUFzQUMvNElVRS82XzFMX0VTMQ!!" FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q=" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011.05.10 13:04:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.05.10 13:04:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.05.10 13:04:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.10 18:28:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.20 22:49:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Extensions [2011.11.09 22:27:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions [2011.11.09 22:27:45 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2011.10.05 21:18:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.12.21 19:34:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2011.11.10 18:28:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011.05.21 16:44:53 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} File not found (No name found) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF File not found (No name found) -- C:\USERS\BJöRN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0GJSYBMO.DEFAULT\EXTENSIONS\{A5475360-A7EA-437B-9A79-29208F476940}.XPI File not found (No name found) -- C:\USERS\BJöRN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0GJSYBMO.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847} [2011.11.10 18:28:16 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.02 10:08:48 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.02 10:08:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.02 10:08:48 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.02 10:08:48 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.02 10:08:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.02 10:08:48 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: PriceGong = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.5.0_0\ CHR - Extension: YouTube = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\ CHR - Extension: Google-Suche = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\ CHR - Extension: Google Mail = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\ O1 HOSTS File: ([2011.12.23 00:01:11 | 000,439,956 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 15125 more lines... O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll (PriceGong) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SynBtnAsst] C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe (Synaptics Incorporated) O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Ferret Gaming Mouse] C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Lenovo SlideNav2] C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe (Lenovo) O4 - HKLM..\Run: [Lenovo SplitScreen] C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe (Lenovo) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) O4 - HKLM..\Run: [MuteSync] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe (Lenovo) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo) O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [MediaGet2] C:\Users\UserXY\AppData\Local\MediaGet2\mediaget.exe --minimized File not found O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\UserXY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\UserXY\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\UserXY\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31151D60-D04C-4C60-AC9C-5CE4955C99C4}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BA91CBA-DC8C-43FF-9C36-49994A0F6F56}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82CADA82-B818-4FE4-B28F-3CDA6D559DA7}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B5605E6-C357-478E-9252-0BC3D7DF10CD}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7276388-C15C-4634-B5AE-C23E6D14E15E}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0EE1716-A8A0-4357-995A-AC2B02165EF4}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\Shell - "" = AutoRun O33 - MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\Shell - "" = AutoRun O33 - MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\Shell - "" = AutoRun O33 - MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\Shell - "" = AutoRun O33 - MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\Shell - "" = AutoRun O33 - MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\Shell - "" = AutoRun O33 - MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun O33 - MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun O33 - MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun O33 - MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun O33 - MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun O33 - MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun O33 - MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun O33 - MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\Shell - "" = AutoRun O33 - MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\Shell - "" = AutoRun O33 - MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun O33 - MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.12.23 13:05:00 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Roaming\Malwarebytes [2011.12.23 13:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.12.23 13:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.12.23 13:04:35 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2011.12.23 13:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.12.23 11:17:21 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F0F9E42B-D95B-4E4B-BA4E-4987735B32FE} [2011.12.22 21:17:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E761172F-4A41-4248-9381-30A816C3EDCF} [2011.12.22 21:17:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{DE4A941F-C868-4DD6-B85A-FD7280DF3FB2} [2011.12.22 07:10:43 | 000,000,000 | -HSD | C] -- C:\windows\SysNative\%APPDATA% [2011.12.21 22:54:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\UserXY\Desktop\OTL.exe [2011.12.21 22:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Virus MSN [2011.12.21 22:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AxBx [2011.12.21 20:28:24 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{23820886-A6F5-4B53-B0E6-A283BF248B94} [2011.12.21 20:28:06 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{58F3DF79-C147-4721-BA61-623A52F6F513} [2011.12.21 19:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011.12.21 19:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.12.21 19:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011.12.21 18:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.12.21 18:51:28 | 000,074,880 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys [2011.12.21 18:51:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\SysWow64\drivers\ssmdrv.sys [2011.12.21 18:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.12.21 18:51:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2011.12.21 07:28:41 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CEB77FAC-EE8E-4437-A963-E3BEF9002E86} [2011.12.21 07:28:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CBB24A00-D4F9-445E-8071-7C0091E08119} [2011.12.21 06:34:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5E8DB4A2-19F5-4F3F-BE7F-ECAA46A6BBA3} [2011.12.20 18:33:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{EC66862A-2DF5-490F-9508-5AEEAC431E21} [2011.12.20 18:33:31 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{697BB127-4524-4453-AB01-275367CA3951} [2011.12.20 18:33:08 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{41B42598-67BF-4517-919A-73358311B963} [2011.12.20 06:32:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{54C49EB5-0534-4A39-8050-23E75C07E051} [2011.12.20 06:32:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D7CA888B-E28B-4AE2-BFFF-C6B5A8416F25} [2011.12.20 06:31:30 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{1D5BE593-FF20-4559-A367-F955538BA7A1} [2011.12.19 18:31:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C0BB5707-38ED-4C52-84CE-51748F9F25D0} [2011.12.19 18:30:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4C406F28-C620-407D-9319-A689B740C5E4} [2011.12.19 18:30:32 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F7817153-F764-4A96-A721-6FADCBEF8169} [2011.12.19 06:29:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{B2131290-3AE3-4142-AFF5-A43F71CC52D9} [2011.12.19 06:27:38 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{8F9453BA-8A62-41C1-B88F-81AF254418E7} [2011.12.18 11:45:44 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{93ABE7DE-35BF-4EF7-9E20-FC1940FB9B24} [2011.12.18 11:45:32 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3F5C1D84-500F-44DC-AEF1-7B5C26B74827} [2011.12.18 11:45:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E2CA1C26-4E1A-4E5C-A7CD-352365EC5145} [2011.12.18 11:44:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{807A31A5-76AB-4F78-A333-3367D7D5021D} [2011.12.17 23:45:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{305DA6BA-C871-4E75-B63C-1E2A22683FBB} [2011.12.17 23:44:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6A554F19-A490-463C-8C20-9D0048D39F3D} [2011.12.17 11:17:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{05A9C5E3-EE3E-4B4A-94F7-4E2DB2F6FA69} [2011.12.17 11:16:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{19DB6FA2-1699-4B0E-A56F-C16BFB239EE5} [2011.12.17 11:15:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{21F762EB-F5F2-4C88-89A4-C15C6FAEC545} [2011.12.16 12:02:04 | 000,000,000 | ---D | C] -- C:\34dbc5b24e8377ada30ef2a4a1 [2011.12.16 11:59:10 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll [2011.12.16 11:59:10 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll [2011.12.16 11:59:07 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll [2011.12.16 11:59:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll [2011.12.16 11:59:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2011.12.16 11:59:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2011.12.16 11:59:02 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2011.12.16 11:59:01 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2011.12.16 11:59:01 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2011.12.16 11:59:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2011.12.16 11:58:59 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2011.12.16 11:46:44 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\Lehrgang Plön 2011 [2011.12.16 11:46:31 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\2011 12 15 HS12 [2011.12.16 06:25:03 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5C13D8F7-4F45-4244-8D1B-6C077F0F89C0} [2011.12.15 23:10:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll [2011.12.15 23:10:44 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll [2011.12.15 23:10:43 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll [2011.12.15 17:42:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{970AA118-FC0B-445B-B464-AA5B2EB42BE3} [2011.12.13 22:39:00 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{EE0B5AD9-33D6-4130-8B1F-AF190BC67732} [2011.12.13 22:38:49 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{88D8C8BC-FD1B-40F1-A81C-B1FFFF200EC0} [2011.12.13 22:38:07 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CACFBB0E-87C6-49F1-82EE-577645099B4A} [2011.12.13 10:37:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6AF9EC01-09AD-4412-BBD5-2FDE8EE7A028} [2011.12.13 10:37:30 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{31722CC3-4C73-4AA1-9526-B2FD1BF9EA92} [2011.12.13 10:37:09 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{97474F36-0DE5-445D-A7D7-436AC47745B0} [2011.12.12 22:36:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0E593BE1-CABE-4429-B207-BD944441BA1D} [2011.12.12 22:36:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{113B489D-6A9A-4359-A5D5-5646D07099FC} [2011.12.12 22:35:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{13D31F98-0CD1-44C2-8772-E43EA81B99E8} [2011.12.12 19:09:53 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\MF Fragenkatalog [2011.12.12 16:30:17 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\Bw [2011.12.12 10:35:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5AABA16F-A2EB-41E0-91D3-EA69DA35EFEA} [2011.12.12 10:34:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{74A83997-9CE3-40B2-9881-B5DB808D96F2} [2011.12.11 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{74BD2357-8232-4C8B-BF0E-D9D48C282298} [2011.12.11 08:25:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{BAB85B9E-8E61-4C8E-B696-ECF926D35427} [2011.12.10 20:24:53 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C3BFF58D-9D89-4A9B-9EF4-8BC52C042533} [2011.12.10 20:24:37 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6E5FD438-4B12-4F5C-A6A5-A4D0806AF4E4} [2011.12.10 20:13:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F810C697-14B5-47B4-8DA2-FBFE26159E90} [2011.12.10 11:23:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F9D64CC6-D057-47BF-B634-6E25D361A12C} [2011.12.10 11:19:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{305BBCB9-598F-4A3C-987D-4CA19205AF39} [2011.12.09 06:19:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0FC2882B-FDFA-4F75-8EAE-FD08C2B0308D} [2011.12.08 18:18:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{491EFE69-1C81-4800-BFEA-7ACC72E6FD37} [2011.12.08 06:17:17 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{8F1098C5-6BC3-4702-8F42-576FB6F5D929} [2011.12.07 18:16:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0EA8698C-DD91-46A2-B961-1122783E121E} [2011.12.07 18:16:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E07A583F-30F9-4590-B9A4-BB647CE512C6} [2011.12.07 06:39:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\PokerStars [2011.12.07 06:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars [2011.12.07 06:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars [2011.12.07 06:15:45 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9EE2AD73-4899-4594-83C2-660A46C4B24D} [2011.12.07 06:13:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\PokerStars.NET [2011.12.07 06:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.NET [2011.12.06 18:19:08 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2AC2E61A-8864-47AA-8987-827074C124EE} [2011.12.06 18:18:56 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C7D362AE-8706-49B8-8EB0-10C772C88EFA} [2011.12.06 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{85ECF006-D851-402E-BF00-1F3C36543F66} [2011.12.06 06:17:59 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{865A431B-ED15-48E2-A596-3B2FE317CC99} [2011.12.06 06:17:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2676B89B-4E29-4343-99A6-3C72B7146D28} [2011.12.06 06:17:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CBA9598D-A0A6-4114-B8F3-2EC895C38E8C} [2011.12.05 18:16:34 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{DD852F19-28B5-4A75-B1EF-46CCC9528C33} [2011.12.05 18:15:41 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{B93CD67A-A7A9-4593-BDBE-0FE89665D5FB} [2011.12.05 18:15:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C44382B1-CE69-4830-8F75-E329B19210FE} [2011.12.05 13:34:07 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\WSO Kuipel [2011.12.05 06:18:34 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C18C5B99-81F6-41D3-8524-7098AA903B05} [2011.12.05 06:15:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{60521F1E-8875-4202-BB39-5E396956AAC5} [2011.12.04 13:18:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F847F304-0115-4DA5-AAEB-3D4FE2A5B8F0} [2011.12.04 13:18:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{93A035A6-6C33-44C6-951D-CA21195C8711} [2011.12.04 13:18:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2A62B45E-C20C-4BC8-ADAE-14C86F08AF86} [2011.12.04 13:18:17 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6DC57428-F417-41E7-97CA-8FCEE0C9FBDC} [2011.12.03 15:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011.12.03 15:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011.12.03 11:12:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{40814D1B-AF76-4E88-88C4-652B229BAD67} [2011.12.03 11:11:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{287CAAE8-EFA7-4D6F-8843-90934BE26E14} [2011.12.03 11:07:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F7CCBB42-0054-4ADE-B2E5-BC88BF3EED72} [2011.12.02 17:39:14 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D3CEB3C2-486C-4DB2-A6B2-6AD4E951536B} [2011.12.02 17:38:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{51BA23A8-0542-4EEB-AA67-A16114A18E1D} [2011.12.02 12:14:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4A9787D1-8646-45AF-A34D-676526BB1CEE} [2011.12.02 06:41:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4793DBCB-66A8-4FB0-B07B-D9580B955078} [2011.12.01 18:40:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{073684C9-669F-441E-91CF-9C6F0EC160E2} [2011.12.01 18:40:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{560D7B62-CB23-498B-A449-5E312FA063A9} [2011.12.01 18:39:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{551C8537-084C-4940-A72C-4D5E793A477A} [2011.12.01 18:39:36 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{058CCC41-4A4E-43D8-8A40-246C18BE1B46} [2011.12.01 06:38:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E1D6E61E-19D7-4160-98D7-B363AC86FE24} [2011.12.01 06:38:46 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9A608524-F609-4FC9-B009-D3D08B635FCD} [2011.12.01 06:38:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4CAE9F50-BF07-4177-BFFD-0B14A7AF6C4E} [2011.11.30 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4EB76B30-BA11-4D00-91DD-111950A7362F} [2011.11.30 18:37:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{32C1EABC-BD75-4CFF-81B7-B35E34032172} [2011.11.30 18:37:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{098F093B-D328-4C6F-A24A-B070339875C5} [2011.11.30 14:59:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\Fragenkatalog [2011.11.30 06:36:27 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{06EB71A9-9AD0-43F0-BFCE-8556CD5BD646} [2011.11.30 06:35:01 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{510135DB-2FA0-4D2D-A9A9-E2D59D5CF3FA} [2011.11.29 17:26:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4A364C7A-B7D8-4BDD-902D-8EC4095948D6} [2011.11.29 05:41:45 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{AA088DCA-72AC-4DD5-879A-BB2B11845959} [2011.11.29 05:28:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3CEBDD1D-3563-494F-870F-0A375A3474FC} [2011.11.28 12:07:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{73FE2BCA-E1B0-4CF7-B065-0382560973DE} [2011.11.28 12:06:44 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E3BE7BB0-FA64-4891-8668-B5EE519D4575} [2011.11.28 12:06:23 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3FC2D951-AD94-49C1-87F3-6F183F38C1D1} [2011.11.28 12:06:02 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9F121627-F028-4593-A91B-D2B582616B4E} [2011.11.28 00:05:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{A82A9321-AB02-4633-85FB-6AFEC96C0A1F} [2011.11.28 00:04:07 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{05D885C5-39C2-4071-BC4C-34D9C985F235} [2011.11.27 23:06:37 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3B2832DD-C063-462B-B08A-91059C8115EE} [2011.11.27 10:02:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2F3C11DA-A800-421F-B788-200D352AA354} [2011.11.27 10:02:33 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6206C6DE-F5D9-4330-9371-98052D88A512} [2011.11.27 10:02:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{650C1E02-7A27-4702-8D68-1E73BE44673A} [2011.11.27 10:02:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{401740B1-B4D1-4089-83F8-82DA06FF7FFE} [2011.11.26 16:02:33 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9A96B614-5A0F-4DD6-9804-822AAA5E6F69} [2011.11.26 16:01:56 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C7B0A24E-5FF8-43F0-B470-3B6641975071} [2011.11.26 16:01:42 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6D54C6D4-55DC-4759-A135-2E145F0ABC63} [2011.11.25 06:13:16 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{A1E90A5C-0EED-4404-9C9D-1A2E45D54674} [2011.11.25 06:11:09 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{82EFFA90-8CA0-4C82-B839-74434A98B4D2} [2011.11.24 17:55:21 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{7D3CE9C5-869F-466E-B5D7-AC3E7239F6D0} [2011.11.24 17:54:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D2172C03-4393-491D-B142-06B2B750679D} [2011.11.24 17:36:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{B4F8A086-0D81-49B6-B6C6-11FE35C152E9} [1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.12.23 18:11:06 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2011.12.23 11:18:19 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat [2011.12.23 00:01:11 | 000,439,956 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts [2011.12.22 23:28:47 | 000,439,956 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20111223-000111.backup [2011.12.22 22:03:57 | 000,074,880 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys [2011.12.22 21:24:36 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.22 21:24:36 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.22 21:17:00 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2011.12.22 21:15:54 | 3168,190,464 | -HS- | M] () -- C:\hiberfil.sys [2011.12.21 22:50:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\UserXY\Desktop\OTL.exe [2011.12.21 22:47:53 | 000,001,056 | ---- | M] () -- C:\Users\UserXY\Desktop\Clean Virus MSN.lnk [2011.12.21 20:32:23 | 000,439,956 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20111222-232847.backup [2011.12.21 18:51:31 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.12.20 17:13:26 | 001,498,742 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2011.12.20 17:13:26 | 000,654,400 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2011.12.20 17:13:26 | 000,616,242 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2011.12.20 17:13:26 | 000,130,240 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2011.12.20 17:13:26 | 000,106,622 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2011.12.17 11:13:35 | 000,453,560 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2011.12.07 06:38:57 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.lnk [2011.12.04 13:36:03 | 569,953,398 | ---- | M] () -- C:\windows\MEMORY.DMP [2011.12.01 20:26:36 | 000,717,397 | ---- | M] () -- C:\Users\UserXY\Desktop\dsa btsm t2.pdf [2011.12.01 15:58:44 | 000,696,305 | ---- | M] () -- C:\Users\UserXY\Desktop\DSA_Prüfblock(1).pdf [2011.12.01 06:46:02 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt [2011.11.30 15:05:15 | 020,279,163 | ---- | M] () -- C:\Users\UserXY\Desktop\Fragenkatalog.rar [2011.11.28 20:52:15 | 000,001,443 | ---- | M] () -- C:\Users\UserXY\Desktop\Notenberechung UL2.lnk [2011.11.28 19:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe [2011.11.28 16:04:22 | 000,012,956 | ---- | M] () -- C:\Users\UserXY\Bilder\Documents\Leistungsabzeichen BtsmLhrg2 - 2.odt [2011.11.25 11:43:09 | 000,013,363 | ---- | M] () -- C:\Users\UserXY\Bilder\Documents\Leistungsabzeichen BtsmLhrg2 - 1.odt [1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.12.21 22:47:53 | 000,001,056 | ---- | C] () -- C:\Users\UserXY\Desktop\Clean Virus MSN.lnk [2011.12.21 18:51:31 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.12.07 06:38:57 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.lnk [2011.12.05 16:06:29 | 867,147,252 | ---- | C] () -- C:\Users\UserXY\Desktop\Full Metal Jacket.avi [2011.12.02 20:15:27 | 000,012,800 | ---- | C] () -- C:\Users\UserXY\Desktop\Betreuung Jolanta Laschewski.odt [2011.12.01 17:05:52 | 000,717,397 | ---- | C] () -- C:\Users\UserXY\Desktop\dsa btsm t2.pdf [2011.12.01 16:00:50 | 000,696,305 | ---- | C] () -- C:\Users\UserXY\Desktop\DSA_Prüfblock(1).pdf [2011.11.30 15:05:08 | 020,279,163 | ---- | C] () -- C:\Users\UserXY\Desktop\Fragenkatalog.rar [2011.11.28 20:52:15 | 000,001,443 | ---- | C] () -- C:\Users\UserXY\Desktop\Notenberechung UL2.lnk [2011.11.28 16:03:33 | 000,012,956 | ---- | C] () -- C:\Users\UserXY\Bilder\Documents\Leistungsabzeichen BtsmLhrg2 - 2.odt [2011.11.25 08:50:17 | 000,013,363 | ---- | C] () -- C:\Users\UserXY\Bilder\Documents\Leistungsabzeichen BtsmLhrg2 - 1.odt [2011.11.25 08:43:29 | 000,015,769 | ---- | C] () -- C:\Users\UserXY\Desktop\Gesuch Offzlaufbahn.odt [2011.10.06 19:30:32 | 000,004,608 | ---- | C] () -- C:\Users\UserXY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.07.02 19:42:26 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011.07.01 08:06:48 | 001,526,948 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2011.05.21 16:46:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.05.21 09:33:59 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml [2011.05.10 13:09:25 | 000,016,648 | R--- | C] () -- C:\windows\SysWow64\LogAPI.dll [2011.05.10 12:54:12 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll [2011.05.10 12:54:12 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll [2011.05.10 12:54:05 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll [2011.05.10 12:36:01 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2010.08.09 09:28:09 | 000,002,857 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat [2010.07.06 02:54:55 | 000,001,341 | ---- | C] () -- C:\windows\vm332Rmv.ini [2009.07.14 06:38:36 | 000,067,584 | ---- | C] () -- C:\windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll [2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin [2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin [2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin [2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat [2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\windows\SysWow64\physxcudart_20.dll [2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelKorean.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelGerman.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelFrench.dll [2008.06.23 12:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2008.05.23 16:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml [2007.10.25 16:26:10 | 000,005,632 | ---- | C] () -- C:\windows\SysWow64\drivers\StarOpen.sys < End of report > |
|
23.12.2011, 19:43
| #5 |
| | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy Extra.txt Code:
ATTFilter OTL Extras logfile created on: 23.12.2011 18:55:21 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Björn\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,93 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 35,21% Memory free
7,87 Gb Paging File | 4,89 Gb Available in Paging File | 62,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 420,33 Gb Total Space | 172,72 Gb Free Space | 41,09% Space Free | Partition Type: NTFS
Drive D: | 30,48 Gb Total Space | 28,23 Gb Free Space | 92,62% Space Free | Partition Type: NTFS
Computer Name: PC-Name | User Name: Björn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2C88B925-0033-2866-2091-60FBA46FCE2F}" = ATI Catalyst Install Manager
"{39BED0C8-6EC1-EE1E-E6B3-DF98B47C8F34}" = ccc-utility64
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CF29845C-705E-4450-A3FF-1D4754455AB9}" = Hybrid TV
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"BC15EA930074932BB2C4B4493C9FD4EA95087D1A" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"DF9F23E360B18E10871A49C3BC1AEDA269B8E0E2" = Windows Driver Package - YUAN High-Tech Development Co., Ltd (ATIAVPCI) MEDIA (07/16/2009 6.14.10.373)
"DFEA59689C004DFD0378309F3A583EA32D78A1B3" = Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0180EA2E-5C9D-FBDD-547E-07CE7479AA7D}" = CCC Help Thai
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management
"{0F744AF2-FF1B-C6A5-832D-C3FF984EAA48}" = CCC Help Greek
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F822778-E050-51A9-02E6-848347F4A7C8}" = CCC Help English
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20426F3A-85B2-4955-D76B-D81EBE92AA92}" = Catalyst Control Center Localization All
"{2099FED4-7E46-9048-DBE2-EBAAE86B46C0}" = CCC Help Turkish
"{23A8CBF1-BB33-1F65-6444-7BC38A25B2D2}" = ccc-core-static
"{25AC9DDB-6EEF-82FB-237D-7F47E3A32894}" = CCC Help Italian
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync
"{29E62586-8B65-B6EC-E2EF-42CBFD52D4DD}" = CCC Help Danish
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D805381-CFD3-FEE4-D0ED-03A7763226E7}" = CCC Help Korean
"{33262E08-96D8-8ADC-5F0B-893DE5FA5B72}" = CCC Help Spanish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{37C1B7DA-C81B-D088-AAF1-A2D7CF0126DC}" = Catalyst Control Center InstallProxy
"{39E4B5E9-74D2-A4DF-1647-36C972EE7F64}" = CCC Help French
"{3D84CAA7-76E9-44D1-4C55-FDC72F25EFAC}" = CCC Help Swedish
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01]
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{420D0798-DE9C-7A70-CD13-ABDDD41DB69A}" = CCC Help German
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5657E1BE-3E82-298B-8C2C-48878A01D47B}" = CCC Help Dutch
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5885739F-97FF-4907-AC74-065515FFAFF0}" = Catalyst Control Center - Branding
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FB1408-630F-94FF-0B33-3CE203A0012E}" = CCC Help Chinese Traditional
"{750DB974-A6E3-2A08-57BC-4B67DC0BEF00}" = CCC Help Portuguese
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{759C9701-3966-2AF8-6366-088D91EAC342}" = CCC Help Russian
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77C4850C-3592-4A2F-B652-ACB77A1EF77C}" = Bing Bar Platform
"{7D3DEF5C-ADAF-EE77-0FBD-339A31C9B73D}" = CCC Help Chinese Standard
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{8029B4A6-9C8A-6D6C-9C77-C5AAEFBED72F}" = CCC Help Hungarian
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C06EE31-AE51-4589-B53F-1406F6BBA229}" = F.E.A.R. Ultimate Shooter Edition - F.E.A.R. 2
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A67A910-120B-7D87-5FE7-0CA84FB76C09}" = CCC Help Polish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}" = Lenovo EasyCamera
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"{B249E44B-8F72-E14D-6560-40E070C1C70E}" = CCC Help Czech
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}" = Vodafone Mobile Connect Lite
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CC9779B1-1A22-5400-B919-7A518F882038}" = CCC Help Japanese
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"{D7C51D0A-9E0F-4B95-3F57-ECEFEBE14E3B}" = CCC Help Norwegian
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC7AA43-D354-8FD8-5336-69CD4C1E4A06}" = Catalyst Control Center Graphics Previews Vista
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA1FB2F3-93C4-9CB7-C3D3-CF82228FE259}" = CCC Help Finnish
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Azureus" = Azureus
"Clean Virus MSN_is1" = Clean Virus MSN
"Counter-Strike 1.6" = Counter-Strike 1.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Ferret Gaming Mouse" = Ferret Gaming Mouse driver
"FileZilla" = FileZilla (remove only)
"Free YouTube Download_is1" = Free YouTube Download version 3.0.13.815
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IrfanView" = IrfanView (remove only)
"Lenovo Games Console" = Lenovo Games Console
"Lenovo SlideNav2" = Lenovo SlideNav
"Lenovo SplitScreen" = Lenovo SplitScreen
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Pidgin" = Pidgin
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"PriceGong" = PriceGong 2.5.1
"VeriFace" = VeriFace
"VLC media player" = VLC media player 1.1.10
"WinLiveSuite" = Windows Live Essentials
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.12.2011 13:04:22 | Computer Name = PC-Name | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 16.12.2011 13:04:24 | Computer Name = PC-Name | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 16.12.2011 13:04:30 | Computer Name = PC-Name | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 17.12.2011 06:09:48 | Computer Name = PC-Name | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 17.12.2011 06:09:51 | Computer Name = PC-Name | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 17.12.2011 06:09:53 | Computer Name = PC-Name | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 17.12.2011 06:13:54 | Computer Name = PC-Name | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 17.12.2011 07:14:44 | Computer Name = PC-Name | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 17.12.2011 08:03:57 | Computer Name = PC-Name | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 17.12.2011 15:20:45 | Computer Name = PC-Name | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
[ Media Center Events ]
Error - 11.12.2011 01:53:11 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 06:53:11 - Fehler beim Herstellen der Internetverbindung. 06:53:11
- Serververbindung konnte nicht hergestellt werden..
Error - 11.12.2011 01:53:24 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 06:53:17 - Fehler beim Herstellen der Internetverbindung. 06:53:17
- Serververbindung konnte nicht hergestellt werden..
Error - 15.12.2011 12:42:14 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 17:42:13 - Fehler beim Herstellen der Internetverbindung. 17:42:14
- Serververbindung konnte nicht hergestellt werden..
Error - 15.12.2011 12:42:38 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 17:42:19 - Fehler beim Herstellen der Internetverbindung. 17:42:19
- Serververbindung konnte nicht hergestellt werden..
Error - 17.12.2011 08:06:31 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 13:06:31 - Fehler beim Herstellen der Internetverbindung. 13:06:31
- Serververbindung konnte nicht hergestellt werden..
Error - 17.12.2011 08:07:09 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 13:06:40 - Fehler beim Herstellen der Internetverbindung. 13:06:40
- Serververbindung konnte nicht hergestellt werden..
Error - 19.12.2011 01:03:40 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 06:03:40 - Fehler beim Herstellen der Internetverbindung. 06:03:40
- Serververbindung konnte nicht hergestellt werden..
Error - 19.12.2011 01:04:01 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 06:03:45 - Fehler beim Herstellen der Internetverbindung. 06:03:45
- Serververbindung konnte nicht hergestellt werden..
Error - 21.12.2011 17:20:35 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 22:20:35 - Fehler beim Herstellen der Internetverbindung. 22:20:35
- Serververbindung konnte nicht hergestellt werden..
Error - 21.12.2011 17:21:34 | Computer Name = PC-Name | Source = MCUpdate | ID = 0
Description = 22:20:41 - Fehler beim Herstellen der Internetverbindung. 22:20:41
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 31.10.2011 13:32:20 | Computer Name = PC-Name | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 38985 seconds with 3900 seconds of active time. This session ended with
a crash.
[ System Events ]
Error - 11.09.2011 03:48:20 | Computer Name = PC-Name | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.09.2011 03:48:27 | Computer Name = PC-Name | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.09.2011 03:48:33 | Computer Name = PC-Name | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.09.2011 03:48:39 | Computer Name = PC-Name | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.09.2011 03:48:45 | Computer Name = PC-Name | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.09.2011 03:48:53 | Computer Name = PC-Name | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.09.2011 03:48:59 | Computer Name = PC-Name | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.09.2011 03:49:05 | Computer Name = PC-Name | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.09.2011 03:49:11 | Computer Name = PC-Name | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.09.2011 03:49:18 | Computer Name = PC-Name | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
< End of report >
|
|
23.12.2011, 20:55
| #6 |
| | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy CCCleaner Code:
ATTFilter Adobe Flash Player 10 Plugin Adobe Systems Incorporated 26.07.2011 6,00MB 10.3.181.34
Adobe Reader 9.2 - Deutsch Adobe Systems Incorporated 24.05.2011 239MB 9.2.0
ANNO 1404 Ubisoft 19.10.2011 1.02.0000
ANNO 1404 - Venedig Ubisoft 19.10.2011 2.0.5008.0
ATI Catalyst Install Manager ATI Technologies, Inc. 09.05.2011 22,3MB 3.0.782.0
Avira AntiVir Personal - Free Antivirus Avira GmbH 20.12.2011
Bing Bar Microsoft Corporation 09.05.2011 6.0.2282.0
Broadcom 802.11 Wireless Driver 09.05.2011 1.0.0.0
Broadcom Gigabit NetLink Controller Broadcom Corporation 09.05.2011 0,36MB 12.52.01
CCleaner Piriform 22.12.2011 3.14
Counter-Strike 1.6 21.09.2011
CyberLink YouCam CyberLink Corp. 09.05.2011 134,0MB 3.0.2603
DAEMON Tools Lite DT Soft Ltd 19.11.2011 4.45.1.0236
Energy Management Lenovo 09.05.2011 5.4.1.6
F.E.A.R. Ultimate Shooter Edition - F.E.A.R. 2 WB Games 27.05.2011 1.00.0000
Ferret Gaming Mouse driver 28.05.2011
FileZilla (remove only) 21.05.2011
Google Chrome Google Inc. 02.12.2011 16.0.912.63
Google Earth Google 02.12.2011 92,7MB 6.1.0.5001
Hybrid TV Lenovo 20.08.2011 9,82MB 6.14.10373
ICQ7.5 ICQ 19.05.2011 7.5
Intel(R) Control Center Intel Corporation 10.05.2011 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 10.05.2011 6.0.0.1179
Intel(R) Rapid Storage Technology Intel Corporation 10.05.2011 9.6.0.1014
IrfanView (remove only) Irfan Skiljan 08.11.2011 1,50MB 4.30
Java(TM) 6 Update 26 Oracle 20.05.2011 97,1MB 6.0.260
JMicron Flash Media Controller Driver JMicron Technology Corp. 09.05.2011 1.0.41.2
Lenovo Bluetooth with Enhanced Data Rate Software Broadcom Corporation 09.05.2011 144,4MB 6.2.1.1200
Lenovo DirectShare ArcSoft 09.05.2011 37,9MB 1.0.1.38
Lenovo EasyCamera Lenovo EasyCamera 09.05.2011 1.10.0510.01
Lenovo Games Console Oberon Media Inc. 09.05.2011 0.38.389.2
Lenovo MuteSync Lenovo 09.05.2011 0,38MB 1.0.0.2
Lenovo OneKey Recovery CyberLink Corp. 09.05.2011 7.0.1230
Lenovo ReadyComm 5 Lenovo 09.05.2011 5.1.1.22
Lenovo SlideNav Lenovo 09.05.2011 2.0.1230.0003
Lenovo SplitScreen Lenovo 09.05.2011 1.00.1823.0001
Malwarebytes' Anti-Malware Version 1.51.2.1300 Malwarebytes Corporation 22.12.2011 13,8MB 1.51.2.1300
Medal of Honor (TM) Electronic Arts 06.06.2011 7.549MB 1.0.0.0
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 21.05.2011 38,8MB 4.0.30319
Microsoft Office Enterprise 2007 Microsoft Corporation 22.10.2011 12.0.6425.1000
Microsoft Office File Validation Add-In Microsoft Corporation 16.11.2011 7,95MB 14.0.5130.5003
Microsoft PowerPoint Viewer Microsoft Corporation 15.12.2011 196,0MB 14.0.6029.1000
Microsoft Silverlight Microsoft Corporation 13.10.2011 79,7MB 4.0.60831.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 09.05.2011 1,70MB 3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 20.05.2011 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 20.05.2011 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 18.06.2011 0,29MB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 09.05.2011 0,69MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 09.05.2011 0,77MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 18.06.2011 0,77MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 06.06.2011 0,24MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 20.12.2011 0,22MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 19.05.2011 0,58MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 18.06.2011 0,59MB 9.0.30729.6161
Mobile Partner Huawei Technologies Co.,Ltd 03.10.2011 16.002.03.02.705
Mozilla Firefox 8.0 (x86 de) Mozilla 09.11.2011 36,0MB 8.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 10.09.2011 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 10.09.2011 1,33MB 4.20.9876.0
NVIDIA PhysX NVIDIA Corporation 06.06.2011 119,9MB 9.09.0203
OneKey Recovery CyberLink Corp. 10.05.2011 7.0.1230
Onekey Theater Lenovo 09.05.2011 1,63MB 2.0.2.6
OpenOffice.org 3.3 OpenOffice.org 20.05.2011 415MB 3.3.9567
PC Connectivity Solution Nokia 08.09.2011 15,0MB 8.15.0.0
Pidgin 23.05.2011 2.7.11
PlayReady PC Runtime amd64 Microsoft Corporation 20.05.2011 2,06MB 1.3.0
PokerStars PokerStars 06.12.2011
PokerStars.net PokerStars.net 06.12.2011
Power2Go CyberLink Corp. 09.05.2011 5.6.0.4809d4
PriceGong 2.5.1 PriceGong 08.11.2011 2.5.1
Realtek HDMI Audio Driver for ATI Realtek Semiconductor Corp. 09.05.2011 6.0.1.6121
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 09.05.2011 6.0.1.6278
S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01] bitComposer Games 24.05.2011 1.6.01
Samsung Mobile phone USB driver Drive Software 08.09.2011
Samsung New PC Studio Samsung Electronics Co., Ltd. 08.09.2011 297MB 1.00.0000
SAMSUNG USB Driver for Mobile Phones SAMSUNG Electronics Co., Ltd. 08.09.2011 35,5MB 1.3.650.0
SamsungConnectivityCableDriver Samsung 08.09.2011 0,72MB 6.83.6.2.1
Skype Toolbars Skype Technologies S.A. 20.05.2011 6,95MB 5.3.7280
Skype™ 5.3 Skype Technologies S.A. 20.05.2011 22,6MB 5.3.111
Spybot - Search & Destroy Safer Networking Limited 20.12.2011 1.6.2
Synaptics Pointing Device Driver Synaptics Incorporated 09.05.2011 46,4MB 15.0.19.1
VeriFace Lenovo 09.05.2011 3.6.0.1211
VLC media player 1.1.10 VideoLAN 18.06.2011 1.1.10
Vodafone Mobile Connect Lite Vodafone 03.10.2011 23,7MB 9.3.3.10523
Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416) Broadcom 09.05.2011 01/06/2010 6.2.0.9416
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) Broadcom 09.05.2011 07/28/2009 6.2.0.9800
Windows Driver Package - YUAN High-Tech Development Co., Ltd (ATIAVPCI) MEDIA (07/16/2009 6.14.10.373) YUAN High-Tech Development Co., Ltd 09.05.2011 07/16/2009 6.14.10.373
Windows Live Essentials Microsoft Corporation 19.10.2011 15.4.3538.0513
Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 09.05.2011 5,57MB 15.4.5722.2
Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 09.05.2011 5,58MB 15.4.5722.2
Windows-Treiberpaket - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1) Lenovo 09.05.2011 10/19/2009 5.4.0.1
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) Nokia 08.09.2011 10/12/2007 6.85.4.0
WinRAR 4.01 (64-Bit) win.rar GmbH 10.09.2011 4.01.0
|
|
24.12.2011, 07:48
| #7 | |
| /// Helfer-Team | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-AddyZitat:
► Beschreibe, welche Versuche du unternommen hast, um das Problem zu lösen (die schon vorhandenen Ergebnisse auch posten)
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
24.12.2011, 08:02
| #8 | ||
| /// Helfer-Team | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy 1. Zitat:
meiner Meinung nach bietet nicht mehr ausreichenden Schutz gegen "moderne Malwarearten"... ► Falls Du doch es behalten möchtest: Stelle bitte den TeaTimer ab: Gehe bei Spybot-S&D in den Erweiterten Modus und wähle dort Werkzeuge -> Resident. Deaktiviere hier den "Resident TeaTimer aktiv". (Tea Timer versucht positive änderungen auch zu blockieren) - soll für immer deaktiviert bleiben! 2. Deine Javaversion ist nicht aktuell! → Downloade nun die Offline-Version von Java Version 6 Update 30 von Oracle herunter Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)! 3. Adobe Reader aktualisieren : - Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus") Adobe Reader Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..." 4. reinige dein System mit CCleaner:
5. Zitat:
Code:
ATTFilter :OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de-de.facebook.com/
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
[2011.10.02 10:08:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.02 10:08:48 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll (PriceGong)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\Shell - "" = AutoRun
O33 - MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\Shell - "" = AutoRun
O33 - MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\Shell - "" = AutoRun
O33 - MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\Shell - "" = AutoRun
O33 - MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\Shell - "" = AutoRun
O33 - MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\Shell - "" = AutoRun
O33 - MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\Shell - "" = AutoRun
O33 - MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\Shell - "" = AutoRun
O33 - MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun
O33 - MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
:Commands
[purity]
[emptytemp]
6.
7. Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung 8. -> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< 9. erneut einen Scan mit OTL:
10. MBR mit aswMBR von Avast prüfen Lade aswMBR.exe von Avast herunter und speichere das Tool auf deinem Desktop (nicht woanders hin). XP Benutzer: Doppelklick auf die aswMBR.exe, um das Tool zu starten. Vista und Windows 7 Benutzer: Rechtsklick auf die aswMBR.exe und Als Administrator starten wählen. Es wird sich ein Eingabe-Fenster mit einigen Angaben öffnen. Klicke Scan, um den Suchlauf zu starten. Wenn der Scan beendet ist, was mit Scan finished sucessfull! gemeldet wird, klicke Save log, um das Logfile zu speichern. Poste mir den Inhalt von aswASW.log vom Desktop hier in den Thread. ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
25.12.2011, 13:25
| #9 |
| | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy Hier die txt nach dem fixen! Vielen Dank schon mal und frohe Weihnachten  Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "hxxp://search.sweetim.com/search.asp?src=2&q=" removed from keyword.URL
Prefs.js: "" removed from sweetim.toolbar.previous.keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ not found.
File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ not found.
File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
File C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml not found.
File C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml not found.
File C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll not found.
File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ not found.
File C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
File C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found.
File C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d985343-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d985343-ee8d-11e0-8080-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d985358-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d985358-ee8d-11e0-8080-60eb69d0933c}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\ not found.
File H:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2834ba17-f555-11e0-8e27-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2834ba17-f555-11e0-8e27-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\ not found.
File H:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4099789e-837e-11e0-8bd4-ec55f9df0176}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4099789e-837e-11e0-8bd4-ec55f9df0176}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{409978a3-837e-11e0-8bd4-ec55f9df0176}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{409978a3-837e-11e0-8bd4-ec55f9df0176}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\ not found.
File G:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7468-eeae-11e0-9b3a-001e101f1f81}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7468-eeae-11e0-9b3a-001e101f1f81}\ not found.
File G:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40da-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40da-ee9b-11e0-95a0-001e101f1838}\ not found.
File H:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40de-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40de-ee9b-11e0-95a0-001e101f1838}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa4110-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa4110-ee9b-11e0-95a0-001e101f1838}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db14a23b-896a-11e0-a30f-ec55f9df0176}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db14a23b-896a-11e0-a30f-ec55f9df0176}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dc04f61b-c128-11e0-8878-001e101fe70e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dc04f61b-c128-11e0-8878-001e101fe70e}\ not found.
File H:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
File G:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
File G:\AutoRun.exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: XYUser
->Temp folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
User: Mcx1-XYUser-PC
->Temp folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 12252011_123429
Files\Folders moved on Reboot...
File\Folder C:\Users\XYUser\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
|
|
26.12.2011, 08:38
| #10 |
| | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-AddyCode:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 12/25/2011 at 03:09 PM
Application Version : 5.0.1142
Core Rules Database Version : 8087
Trace Rules Database Version: 5899
Scan type : Complete Scan
Total Scan Time : 01:38:38
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 738
Memory threats detected : 0
Registry items scanned : 72838
Registry threats detected : 0
File items scanned : 122959
File threats detected : 53
Adware.Tracking Cookie
www.googleadservices.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xyxyxy12 [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xyxyxy12 [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xyxyxy12 [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wwwxyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sexad.net [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.crakmedia.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.exoclick.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ww251.smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Trojan.Agent/Gen-SoftonicDownloader
C:\USERS\USERXY\DOWNLOADS\SOFTONICDOWNLOADER_FUER_FREE-YOUTUBE-DOWNLOAD.EXE
Geändert von Ch4uv1e (26.12.2011 um 08:43 Uhr) |
|
26.12.2011, 08:49
| #11 |
| | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy kann man die OLT.txt vom 23.12 aus dem Thread löschen? Die brauchen wir ja nicht mehr oder? |
|
26.12.2011, 14:31
| #12 |
| /// Helfer-Team | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy rauslöschen kann ich das leider nicht mehr - hast Du noch nicht alle vorherigen Schritte erledigt!
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
26.12.2011, 16:31
| #13 |
| | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy Schritt 9 OLT.txt Code:
ATTFilter OTL logfile created on: 26.12.2011 16:07:26 - Run 4 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\UserXY\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: xxx| Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,93 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 42,41% Memory free 7,87 Gb Paging File | 4,97 Gb Available in Paging File | 63,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 420,33 Gb Total Space | 198,09 Gb Free Space | 47,13% Space Free | Partition Type: NTFS Drive D: | 30,48 Gb Total Space | 28,23 Gb Free Space | 92,62% Space Free | Partition Type: NTFS Computer Name: UserXY-PC | User Name: UserXY | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.12.21 22:50:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\UserXY\Desktop\OTL.exe PRC - [2011.12.15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.12.15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.12.15 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.12.07 12:16:29 | 001,047,096 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2011.11.10 10:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.05.10 12:54:22 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe PRC - [2011.05.10 12:54:10 | 003,122,528 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe PRC - [2011.01.17 17:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 17:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2010.07.04 18:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2010.06.14 08:28:12 | 001,310,720 | ---- | M] () -- C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe PRC - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.03.03 21:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.02.03 23:48:12 | 000,167,008 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe PRC - [2010.01.24 11:47:46 | 001,021,888 | ---- | M] (Lenovo) -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe PRC - [2010.01.19 03:44:40 | 000,536,576 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera2\VM332_STI.EXE PRC - [2009.11.04 22:45:46 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009.11.04 22:45:44 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2008.07.04 11:52:18 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe ========== Modules (No Company Name) ========== MOD - [2011.12.07 12:16:28 | 000,411,192 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll MOD - [2011.12.07 12:16:27 | 003,767,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll MOD - [2011.12.07 12:14:56 | 000,122,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avutil-51.dll MOD - [2011.12.07 12:14:55 | 000,222,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avformat-53.dll MOD - [2011.12.07 12:14:53 | 001,746,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avcodec-53.dll MOD - [2011.12.07 08:22:33 | 008,593,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll MOD - [2011.10.13 01:00:04 | 000,452,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll MOD - [2011.10.13 00:00:46 | 011,819,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll MOD - [2011.10.13 00:00:35 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll MOD - [2011.10.12 23:59:52 | 012,433,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll MOD - [2011.10.12 23:59:43 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll MOD - [2011.10.12 23:59:22 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll MOD - [2011.10.12 23:59:12 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll MOD - [2011.10.12 23:59:06 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll MOD - [2011.10.12 23:59:04 | 007,963,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll MOD - [2011.10.12 23:58:54 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011.05.20 23:47:09 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2011.05.10 19:47:26 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2011.05.10 12:54:22 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe MOD - [2011.05.10 12:54:10 | 000,492,896 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.10.18 15:49:24 | 000,133,024 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll MOD - [2010.10.18 15:46:22 | 000,161,696 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll MOD - [2010.06.14 08:28:12 | 001,310,720 | ---- | M] () -- C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.08.12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010.06.29 15:38:34 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.12.30 07:27:00 | 000,069,568 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe -- (Slidebar Notifier Service) SRV:64bit: - [2009.11.17 16:00:54 | 000,575,304 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc) SRV:64bit: - [2009.08.14 15:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc) SRV - [2011.12.15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.12.15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010.01.12 17:15:24 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009.11.04 22:45:46 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009.11.04 22:45:44 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009.07.15 06:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\windows\SysWow64\IgrsSvcs.exe -- (ReadyComm.DirectRouter) SRV - [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\IgrsSvcs.exe -- (PS_MDP) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.07.04 11:52:18 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService) SRV - [2008.04.07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.12.15 14:59:59 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.12.15 14:59:59 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.11.21 16:31:15 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011.05.24 17:15:43 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.05.24 17:15:43 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2011.04.18 14:43:26 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:64bit: - [2011.04.18 14:43:22 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.06.29 16:09:58 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010.06.29 14:48:34 | 000,265,728 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.06.14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:64bit: - [2010.06.02 07:35:42 | 000,229,456 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm332avs.sys -- (vm332avs) DRV:64bit: - [2010.05.24 13:07:58 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2010.05.11 18:06:18 | 000,246,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2010.05.11 18:06:18 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2010.05.11 18:06:18 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev) DRV:64bit: - [2010.05.03 12:19:40 | 000,317,488 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.04.27 03:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm) DRV:64bit: - [2010.04.27 03:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV:64bit: - [2010.04.27 03:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV:64bit: - [2010.03.26 08:03:20 | 000,160,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.02.02 16:52:02 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2010.01.15 19:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr) DRV:64bit: - [2010.01.15 01:51:20 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010.01.15 01:51:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010.01.15 01:51:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.12.14 09:03:50 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2009.10.19 01:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC) DRV:64bit: - [2009.10.16 04:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009.07.21 15:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:64bit: - [2009.07.16 18:31:24 | 001,383,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atinavrr.sys -- (ATIAVPCI) DRV:64bit: - [2009.07.16 12:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror) DRV:64bit: - [2009.07.16 04:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.04.07 07:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2008.08.06 13:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:64bit: - [2007.09.17 14:53:34 | 000,029,184 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV - [2010.06.14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.einsatz.bundeswehr.de/portal/a/einsatzbw/kcxml/04_Sj9SPykssy0xPLMnMz0vM0Y_QjzKLN_SJdw0xB8lB2EGu-pFw0aCUVH1fj_zcVH1v_QD9gtyIckdHRUUAFEVdhA!!/delta/base64xml/L3dJdyEvd0ZNQUFzQUMvNElVRS82XzFMX0VTMQ!!" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011.05.10 13:04:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.05.10 13:04:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.05.10 13:04:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.10 18:28:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.20 22:49:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Extensions [2011.11.09 22:27:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions [2011.11.09 22:27:45 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2011.10.05 21:18:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.12.21 19:34:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2011.11.10 18:28:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011.05.21 16:44:53 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} File not found (No name found) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF File not found (No name found) -- C:\USERS\BJöRN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0GJSYBMO.DEFAULT\EXTENSIONS\{A5475360-A7EA-437B-9A79-29208F476940}.XPI File not found (No name found) -- C:\USERS\BJöRN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0GJSYBMO.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847} [2011.11.10 18:28:16 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.02 10:08:48 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.02 10:08:48 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.02 10:08:48 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.02 10:08:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: PriceGong = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.5.0_0\ CHR - Extension: YouTube = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\ CHR - Extension: Google-Suche = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\ CHR - Extension: Google Mail = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\ O1 HOSTS File: ([2011.12.26 13:23:54 | 000,000,909 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SynBtnAsst] C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe (Synaptics Incorporated) O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Ferret Gaming Mouse] C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Lenovo SlideNav2] C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe (Lenovo) O4 - HKLM..\Run: [Lenovo SplitScreen] C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe (Lenovo) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MuteSync] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe (Lenovo) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo) O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: C:\Users\UserXY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\UserXY\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\UserXY\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = xxx.xxx.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31151D60-D04C-4C60-AC9C-5CE4955C99C4}: DhcpNameServer = xxx.xxx.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BA91CBA-DC8C-43FF-9C36-49994A0F6F56}: NameServer = xxx.xxx.244.225 xxx.xxx.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82CADA82-B818-4FE4-B28F-3CDA6D559DA7}: NameServer = xxx.xxx.244.225 xxx.xxx.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B5605E6-C357-478E-9252-0BC3D7DF10CD}: NameServer = xxx.xxx.244.225 xxx.xxx.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7276388-C15C-4634-B5AE-C23E6D14E15E}: NameServer = xxx.xxx.244.225 xxx.xxx.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0EE1716-A8A0-4357-995A-AC2B02165EF4}: DhcpNameServer = xxx.xxx.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.12.26 13:41:42 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Users\UserXY\Desktop\aswMBR.exe [2011.12.26 12:24:35 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E29D4E3E-A243-4215-866E-6CA66356AE6F} [2011.12.26 12:24:25 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{EC35307F-EE00-4103-B7A7-B8B3E0B2267E} [2011.12.26 12:24:15 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D3BCCF37-9EFE-443D-B91E-83A239B11B21} [2011.12.26 12:23:54 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F653607B-7D90-441E-A442-0742E15454B3} [2011.12.26 08:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2011.12.26 00:23:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{1B418F35-C0CE-4E40-A23F-73F79040B309} [2011.12.26 00:23:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CA3D505A-7682-4ADF-9AFC-0839445AFAD0} [2011.12.25 20:20:55 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Roaming\Avira [2011.12.25 20:15:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.12.25 20:15:18 | 000,130,760 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys [2011.12.25 20:15:18 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys [2011.12.25 20:15:18 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avkmgr.sys [2011.12.25 20:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.12.25 20:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2011.12.25 13:29:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Roaming\SUPERAntiSpyware.com [2011.12.25 13:29:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.12.25 13:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.12.25 13:29:17 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2011.12.25 12:32:53 | 000,000,000 | ---D | C] -- C:\_OTL [2011.12.25 12:22:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0AFDD35E-755A-46AF-967F-3152575906D0} [2011.12.25 12:21:55 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{505C299C-AE15-4640-9D7C-F3724E1FA8D5} [2011.12.24 18:12:48 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{8E0AB30B-C568-4F79-82DF-4932D0881A54} [2011.12.24 03:06:02 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{45BBB487-1CB5-488D-9BB5-271B846C8DC7} [2011.12.23 19:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.12.23 13:05:00 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Roaming\Malwarebytes [2011.12.23 13:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.12.23 13:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.12.23 13:04:35 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2011.12.23 13:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.12.23 11:17:21 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F0F9E42B-D95B-4E4B-BA4E-4987735B32FE} [2011.12.22 21:17:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E761172F-4A41-4248-9381-30A816C3EDCF} [2011.12.22 21:17:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{DE4A941F-C868-4DD6-B85A-FD7280DF3FB2} [2011.12.22 07:10:43 | 000,000,000 | -HSD | C] -- C:\windows\SysNative\%APPDATA% [2011.12.21 22:54:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\UserXY\Desktop\OTL.exe [2011.12.21 22:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Virus MSN [2011.12.21 22:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AxBx [2011.12.21 20:28:24 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{23820886-A6F5-4B53-B0E6-A283BF248B94} [2011.12.21 20:28:06 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{58F3DF79-C147-4721-BA61-623A52F6F513} [2011.12.21 19:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.12.21 19:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011.12.21 07:28:41 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CEB77FAC-EE8E-4437-A963-E3BEF9002E86} [2011.12.21 07:28:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CBB24A00-D4F9-445E-8071-7C0091E08119} [2011.12.21 06:34:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5E8DB4A2-19F5-4F3F-BE7F-ECAA46A6BBA3} [2011.12.20 18:33:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{EC66862A-2DF5-490F-9508-5AEEAC431E21} [2011.12.20 18:33:31 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{697BB127-4524-4453-AB01-275367CA3951} [2011.12.20 18:33:08 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{41B42598-67BF-4517-919A-73358311B963} [2011.12.20 06:32:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{54C49EB5-0534-4A39-8050-23E75C07E051} [2011.12.20 06:32:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D7CA888B-E28B-4AE2-BFFF-C6B5A8416F25} [2011.12.20 06:31:30 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{1D5BE593-FF20-4559-A367-F955538BA7A1} [2011.12.19 18:31:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C0BB5707-38ED-4C52-84CE-51748F9F25D0} [2011.12.19 18:30:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4C406F28-C620-407D-9319-A689B740C5E4} [2011.12.19 18:30:32 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F7817153-F764-4A96-A721-6FADCBEF8169} [2011.12.19 06:29:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{B2131290-3AE3-4142-AFF5-A43F71CC52D9} [2011.12.19 06:27:38 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{8F9453BA-8A62-41C1-B88F-81AF254418E7} [2011.12.18 11:45:44 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{93ABE7DE-35BF-4EF7-9E20-FC1940FB9B24} [2011.12.18 11:45:32 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3F5C1D84-500F-44DC-AEF1-7B5C26B74827} [2011.12.18 11:45:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E2CA1C26-4E1A-4E5C-A7CD-352365EC5145} [2011.12.18 11:44:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{807A31A5-76AB-4F78-A333-3367D7D5021D} [2011.12.17 23:45:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{305DA6BA-C871-4E75-B63C-1E2A22683FBB} [2011.12.17 23:44:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6A554F19-A490-463C-8C20-9D0048D39F3D} [2011.12.17 11:17:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{05A9C5E3-EE3E-4B4A-94F7-4E2DB2F6FA69} [2011.12.17 11:16:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{19DB6FA2-1699-4B0E-A56F-C16BFB239EE5} [2011.12.17 11:15:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{21F762EB-F5F2-4C88-89A4-C15C6FAEC545} [2011.12.16 12:02:04 | 000,000,000 | ---D | C] -- C:\34dbc5b24e8377ada30ef2a4a1 [2011.12.16 11:59:10 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll [2011.12.16 11:59:10 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll [2011.12.16 11:59:07 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll [2011.12.16 11:59:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll [2011.12.16 11:59:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2011.12.16 11:59:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2011.12.16 11:59:02 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2011.12.16 11:59:01 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2011.12.16 11:59:01 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2011.12.16 11:59:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2011.12.16 11:58:59 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2011.12.16 06:25:03 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5C13D8F7-4F45-4244-8D1B-6C077F0F89C0} [2011.12.15 23:10:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll [2011.12.15 23:10:44 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll [2011.12.15 23:10:43 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll [2011.12.15 17:42:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{970AA118-FC0B-445B-B464-AA5B2EB42BE3} [2011.12.13 22:39:00 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{EE0B5AD9-33D6-4130-8B1F-AF190BC67732} [2011.12.13 22:38:49 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{88D8C8BC-FD1B-40F1-A81C-B1FFFF200EC0} [2011.12.13 22:38:07 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CACFBB0E-87C6-49F1-82EE-577645099B4A} [2011.12.13 10:37:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6AF9EC01-09AD-4412-BBD5-2FDE8EE7A028} [2011.12.13 10:37:30 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{31722CC3-4C73-4AA1-9526-B2FD1BF9EA92} [2011.12.13 10:37:09 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{97474F36-0DE5-445D-A7D7-436AC47745B0} [2011.12.12 22:36:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0E593BE1-CABE-4429-B207-BD944441BA1D} [2011.12.12 22:36:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{113B489D-6A9A-4359-A5D5-5646D07099FC} [2011.12.12 22:35:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{13D31F98-0CD1-44C2-8772-E43EA81B99E8} [2011.12.12 10:35:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5AABA16F-A2EB-41E0-91D3-EA69DA35EFEA} [2011.12.12 10:34:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{74A83997-9CE3-40B2-9881-B5DB808D96F2} [2011.12.11 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{74BD2357-8232-4C8B-BF0E-D9D48C282298} [2011.12.11 08:25:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{BAB85B9E-8E61-4C8E-B696-ECF926D35427} [2011.12.10 20:24:53 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C3BFF58D-9D89-4A9B-9EF4-8BC52C042533} [2011.12.10 20:24:37 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6E5FD438-4B12-4F5C-A6A5-A4D0806AF4E4} [2011.12.10 20:13:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F810C697-14B5-47B4-8DA2-FBFE26159E90} [2011.12.10 11:23:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F9D64CC6-D057-47BF-B634-6E25D361A12C} [2011.12.10 11:19:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{305BBCB9-598F-4A3C-987D-4CA19205AF39} [2011.12.09 06:19:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0FC2882B-FDFA-4F75-8EAE-FD08C2B0308D} [2011.12.08 18:18:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{491EFE69-1C81-4800-BFEA-7ACC72E6FD37} [2011.12.08 06:17:17 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{8F1098C5-6BC3-4702-8F42-576FB6F5D929} [2011.12.07 18:16:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0EA8698C-DD91-46A2-B961-1122783E121E} [2011.12.07 18:16:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E07A583F-30F9-4590-B9A4-BB647CE512C6} [2011.12.07 06:39:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\PokerStars [2011.12.07 06:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars [2011.12.07 06:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars [2011.12.07 06:15:45 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9EE2AD73-4899-4594-83C2-660A46C4B24D} [2011.12.07 06:13:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\PokerStars.NET [2011.12.07 06:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.NET [2011.12.06 18:19:08 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2AC2E61A-8864-47AA-8987-827074C124EE} [2011.12.06 18:18:56 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C7D362AE-8706-49B8-8EB0-10C772C88EFA} [2011.12.06 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{85ECF006-D851-402E-BF00-1F3C36543F66} [2011.12.06 06:17:59 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{865A431B-ED15-48E2-A596-3B2FE317CC99} [2011.12.06 06:17:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2676B89B-4E29-4343-99A6-3C72B7146D28} [2011.12.06 06:17:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CBA9598D-A0A6-4114-B8F3-2EC895C38E8C} [2011.12.05 18:16:34 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{DD852F19-28B5-4A75-B1EF-46CCC9528C33} [2011.12.05 18:15:41 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{B93CD67A-A7A9-4593-BDBE-0FE89665D5FB} [2011.12.05 18:15:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C44382B1-CE69-4830-8F75-E329B19210FE} [2011.12.05 06:18:34 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C18C5B99-81F6-41D3-8524-7098AA903B05} [2011.12.05 06:15:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{60521F1E-8875-4202-BB39-5E396956AAC5} [2011.12.04 13:18:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F847F304-0115-4DA5-AAEB-3D4FE2A5B8F0} [2011.12.04 13:18:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{93A035A6-6C33-44C6-951D-CA21195C8711} [2011.12.04 13:18:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2A62B45E-C20C-4BC8-ADAE-14C86F08AF86} [2011.12.04 13:18:17 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6DC57428-F417-41E7-97CA-8FCEE0C9FBDC} [2011.12.03 15:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011.12.03 15:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011.12.03 11:12:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{40814D1B-AF76-4E88-88C4-652B229BAD67} [2011.12.03 11:11:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{287CAAE8-EFA7-4D6F-8843-90934BE26E14} [2011.12.03 11:07:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F7CCBB42-0054-4ADE-B2E5-BC88BF3EED72} [2011.12.02 17:39:14 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D3CEB3C2-486C-4DB2-A6B2-6AD4E951536B} [2011.12.02 17:38:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{51BA23A8-0542-4EEB-AA67-A16114A18E1D} [2011.12.02 12:14:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4A9787D1-8646-45AF-A34D-676526BB1CEE} [2011.12.02 06:41:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4793DBCB-66A8-4FB0-B07B-D9580B955078} [2011.12.01 18:40:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{073684C9-669F-441E-91CF-9C6F0EC160E2} [2011.12.01 18:40:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{560D7B62-CB23-498B-A449-5E312FA063A9} [2011.12.01 18:39:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{551C8537-084C-4940-A72C-4D5E793A477A} [2011.12.01 18:39:36 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{058CCC41-4A4E-43D8-8A40-246C18BE1B46} [2011.12.01 06:38:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E1D6E61E-19D7-4160-98D7-B363AC86FE24} [2011.12.01 06:38:46 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9A608524-F609-4FC9-B009-D3D08B635FCD} [2011.12.01 06:38:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4CAE9F50-BF07-4177-BFFD-0B14A7AF6C4E} [2011.11.30 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4EB76B30-BA11-4D00-91DD-111950A7362F} [2011.11.30 18:37:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{32C1EABC-BD75-4CFF-81B7-B35E34032172} [2011.11.30 18:37:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{098F093B-D328-4C6F-A24A-B070339875C5} [2011.11.30 06:36:27 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{06EB71A9-9AD0-43F0-BFCE-8556CD5BD646} [2011.11.30 06:35:01 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{510135DB-2FA0-4D2D-A9A9-E2D59D5CF3FA} [2011.11.29 17:26:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4A364C7A-B7D8-4BDD-902D-8EC4095948D6} [2011.11.29 05:41:45 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{AA088DCA-72AC-4DD5-879A-BB2B11845959} [2011.11.29 05:28:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3CEBDD1D-3563-494F-870F-0A375A3474FC} [2011.11.28 12:07:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{73FE2BCA-E1B0-4CF7-B065-0382560973DE} [2011.11.28 12:06:44 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E3BE7BB0-FA64-4891-8668-B5EE519D4575} [2011.11.28 12:06:23 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3FC2D951-AD94-49C1-87F3-6F183F38C1D1} [2011.11.28 12:06:02 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9F121627-F028-4593-A91B-D2B582616B4E} [2011.11.28 00:05:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{A82A9321-AB02-4633-85FB-6AFEC96C0A1F} [2011.11.28 00:04:07 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{05D885C5-39C2-4071-BC4C-34D9C985F235} [2011.11.27 23:06:37 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3B2832DD-C063-462B-B08A-91059C8115EE} [2011.11.27 10:02:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2F3C11DA-A800-421F-B788-200D352AA354} [2011.11.27 10:02:33 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6206C6DE-F5D9-4330-9371-98052D88A512} [2011.11.27 10:02:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{650C1E02-7A27-4702-8D68-1E73BE44673A} [2011.11.27 10:02:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{401740B1-B4D1-4089-83F8-82DA06FF7FFE} ========== Files - Modified Within 30 Days ========== [2011.12.26 16:11:01 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2011.12.26 16:01:49 | 000,000,512 | ---- | M] () -- C:\Users\UserXY\Desktop\MBR.dat [2011.12.26 15:20:14 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.26 15:20:14 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.26 15:11:46 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2011.12.26 15:11:21 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat [2011.12.26 15:11:19 | 639,425,588 | ---- | M] () -- C:\windows\MEMORY.DMP [2011.12.26 15:11:12 | 3168,190,464 | -HS- | M] () -- C:\hiberfil.sys [2011.12.26 13:44:19 | 001,498,742 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2011.12.26 13:44:19 | 000,654,400 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2011.12.26 13:44:19 | 000,616,242 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2011.12.26 13:44:19 | 000,130,240 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2011.12.26 13:44:19 | 000,106,622 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2011.12.26 13:41:54 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\UserXY\Desktop\aswMBR.exe [2011.12.26 13:23:54 | 000,000,909 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts [2011.12.26 09:00:44 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011.12.25 20:15:31 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2011.12.25 13:29:22 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.12.24 11:18:43 | 000,112,028 | ---- | M] () -- C:\Users\UserXY\cc_20111224_111832.reg [2011.12.21 22:50:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\UserXY\Desktop\OTL.exe [2011.12.21 22:47:53 | 000,001,056 | ---- | M] () -- C:\Users\UserXY\Desktop\Clean Virus MSN.lnk [2011.12.17 11:13:35 | 000,453,560 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avkmgr.sys [2011.12.15 14:59:59 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys [2011.12.15 14:59:59 | 000,097,312 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys [2011.12.07 06:38:57 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.lnk [2011.12.01 06:46:02 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt [2011.11.28 19:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe [2011.11.28 16:04:22 | 000,012,956 | ---- | M] () -- C:\Users\UserXY\Bilder\Documents\X.odt ========== Files Created - No Company Name ========== [2011.12.26 16:01:49 | 000,000,512 | ---- | C] () -- C:\Users\UserXY\Desktop\MBR.dat [2011.12.26 14:29:28 | 639,425,588 | ---- | C] () -- C:\windows\MEMORY.DMP [2011.12.26 08:59:44 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2011.12.26 08:59:44 | 000,001,974 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011.12.25 20:15:31 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2011.12.25 13:29:22 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.12.24 11:18:38 | 000,112,028 | ---- | C] () -- C:\Users\UserXY\cc_20111224_111832.reg [2011.12.21 22:47:53 | 000,001,056 | ---- | C] () -- C:\Users\UserXY\Desktop\Clean Virus MSN.lnk [2011.12.07 06:38:57 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.lnk [2011.12.02 20:15:27 | 000,012,800 | ---- | C] () -- C:\Users\UserXY\Bilder\Documents\X.odt [2011.11.28 16:03:33 | 000,012,956 | ---- | C] () -- C:\Users\UserXY\Bilder\Documents\X.odt [2011.10.06 19:30:32 | 000,004,608 | ---- | C] () -- C:\Users\UserXY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.07.02 19:42:26 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011.07.01 08:06:48 | 001,526,948 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2011.05.21 16:46:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.05.21 09:33:59 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml [2011.05.10 13:09:25 | 000,016,648 | R--- | C] () -- C:\windows\SysWow64\LogAPI.dll [2011.05.10 12:54:12 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll [2011.05.10 12:54:12 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll [2011.05.10 12:54:05 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll [2011.05.10 12:36:01 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2010.08.09 09:28:09 | 000,002,857 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat [2010.07.06 02:54:55 | 000,001,341 | ---- | C] () -- C:\windows\vm332Rmv.ini [2009.07.14 06:38:36 | 000,067,584 | ---- | C] () -- C:\windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll [2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin [2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin [2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin [2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat [2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\windows\SysWow64\physxcudart_20.dll [2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelKorean.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelGerman.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelFrench.dll [2008.06.23 12:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2008.05.23 16:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml [2007.10.25 16:26:10 | 000,005,632 | ---- | C] () -- C:\windows\SysWow64\drivers\StarOpen.sys ========== LOP Check ========== [2011.05.21 09:37:40 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\ArcSyncConfig [2011.12.23 20:54:06 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Azureus [2011.12.23 20:54:07 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\DAEMON Tools Lite [2011.10.05 21:18:21 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\DVDVideoSoft [2011.10.05 21:18:13 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\DVDVideoSoftIEHelpers [2011.12.18 19:07:40 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\ICQ [2011.05.20 22:18:26 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Lenovo [2011.05.22 08:22:59 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\OpenOffice.org [2011.09.09 21:00:44 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\PC Suite [2011.09.09 20:58:06 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Samsung [2011.08.12 09:40:39 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\SoftGrid Client [2011.07.01 08:07:51 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\TP [2011.10.24 16:38:38 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Ubisoft [2011.05.21 15:51:39 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Verbindungsassistent [2011.10.04 15:08:49 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Vodafone [2011.05.24 11:33:01 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Windows Live Writer [2011.11.14 05:59:01 | 000,032,640 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > |
|
26.12.2011, 16:34
| #14 |
| | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy aswMBR.txt Code:
ATTFilter aswMBR version 0.9.9.1120 Copyright(c) 2011 AVAST Software
Run date: 2011-12-26 15:13:18
-----------------------------
15:13:18.158 OS Version: Windows x64 6.1.7601 Service Pack 1
15:13:18.158 Number of processors: 8 586 0x1E05
15:13:18.158 ComputerName: Userxy-PC UserName: Userxy
15:13:22.978 Initialize success
15:14:03.086 AVAST engine defs: 11122501
15:14:07.454 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:14:07.454 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
15:14:07.516 Disk 0 MBR read successfully
15:14:07.516 Disk 0 MBR scan
15:14:07.579 Disk 0 Windows 7 default MBR code
15:14:07.594 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
15:14:07.719 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 430420 MB offset 411648
15:14:07.766 Disk 0 Partition - 00 0F Extended LBA 31210 MB offset 881911808
15:14:09.544 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 945829888
15:14:11.291 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 31209 MB offset 881913856
15:14:11.557 Service scanning
15:14:16.549 Modules scanning
15:14:16.549 Disk 0 trace - called modules:
15:14:16.954 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:14:16.954 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004e25790]
15:14:16.970 3 CLASSPNP.SYS[fffff88001b6543f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b97050]
15:14:20.776 AVAST engine scan C:\windows
15:14:35.456 AVAST engine scan C:\windows\system32
15:20:14.613 AVAST engine scan C:\windows\system32\drivers
15:20:38.793 AVAST engine scan C:\Users\Userxy
15:45:35.801 AVAST engine scan C:\ProgramData
15:47:20.272 Scan finished successfully
16:01:49.867 Disk 0 MBR has been saved successfully to "C:\Users\Userxy\Desktop\MBR.dat"
16:01:49.878 The log file has been saved successfully to "C:\Users\Userxy\Desktop\aswMBR.txt"
|
|
26.12.2011, 19:39
| #15 |
| | Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy Wie es aussieht hat es super funktioniert! Es werden soweit ich es beurteilen kann keine Spams mehr von meinem Account versendent. Muss ich nun vorsorglich noch etwas beachten? Besten Gruß und vielen Dank bis dahin! |
|
| Themen zu Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy |
| adresse, adressen, andere, auszuwerten, entferne, entfernen, forum, gegenmaßnahmen, leiste, live, mail, mailprogramm, maßnahme, problem, schwierigkeiten, schädling, spam, spam mails, stehe, tipps, verschickt, verursacht, windows, windows live, windows live mail, zusammen |
.
Linear-Darstellung
