Habe mir auch einen sshnas.dll - Virus eingefangen

alex0815 · 22.09.2010, 20:32

Hallo,
ich habe mir auch einen Virus eingefangen und zwar kahm beim neustart die Meldung : "sshnas.dll nicht gefunden".
Ich habe dann alle Tipps aus diesem Forum abgearbeitet. (CCleaner, Mailware und DTL)
Jetzt sagt mein Mailware es wäre alles sauber jedoch wollte ich das mal von euch überprüfen lassen ob das wirklich so stimmt und ich wieder ohne grosse Angst an den Rechner gehen kann.
Also hier sind beid Logfiles vom OTL:
Vielen Dank schonmal

Code:

ATTFilter

OTL logfile created on: 22.09.2010 21:11:39 - Run 3
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\AlexK\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 71,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,01 Gb Total Space | 67,38 Gb Free Space | 67,38% Space Free | Partition Type: NTFS
Drive D: | 219,27 Gb Total Space | 196,21 Gb Free Space | 89,49% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 146,48 Gb Total Space | 144,94 Gb Free Space | 98,94% Space Free | Partition Type: NTFS
Drive G: | 29,30 Gb Total Space | 17,74 Gb Free Space | 60,55% Space Free | Partition Type: NTFS
Drive H: | 97,65 Gb Total Space | 19,12 Gb Free Space | 19,58% Space Free | Partition Type: NTFS
Drive I: | 22,09 Gb Total Space | 13,62 Gb Free Space | 61,64% Space Free | Partition Type: NTFS
 
Computer Name: ALEXK-PC
Current User Name: AlexK
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\AlexK\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\AlexK\AppData\Local\Apps\2.0\P43YLK04.TX7\KB9E0P21.98T\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe (AVM Berlin)
PRC - C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\AlexK\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (avg9wd) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9emc) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (pgsql-8.3) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avmaura) -- C:\Windows\SysNative\drivers\avmaura.sys (AVM Berlin)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (AvgTdiA) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AvgMfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AvgLdx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (nvamacpi) -- C:\Windows\SysNative\drivers\nvamacpi.sys (NVIDIA Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.kiebel.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.kiebel.de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.odins-erben.de/"
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.10 19:34:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.10 19:34:15 | 000,000,000 | ---D | M]
 
[2010.08.06 11:10:41 | 000,000,000 | ---D | M] -- C:\Users\AlexK\AppData\Roaming\mozilla\Extensions
[2010.08.06 11:10:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AlexK\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.09.22 19:41:47 | 000,000,000 | ---D | M] -- C:\Users\AlexK\AppData\Roaming\mozilla\Firefox\Profiles\045mdssw.default\extensions
[2010.09.04 19:31:08 | 000,000,000 | ---D | M] -- C:\Users\AlexK\AppData\Roaming\mozilla\Firefox\Profiles\045mdssw.default\extensions\toolbar@ask.com
[2010.08.05 16:27:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Users\AlexK\AppData\Local\Apps\2.0\P43YLK04.TX7\KB9E0P21.98T\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\AVMAutoStart.exe (AVM Berlin)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.12 17:38:29 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.09.24 14:44:45 | 000,035,328 | ---- | M] () - H:\Autohaus_Schmidt.doc -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.22 19:52:08 | 000,000,000 | ---D | C] -- C:\Users\AlexK\AppData\Roaming\Malwarebytes
[2010.09.22 19:51:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.22 19:51:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.22 19:51:51 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.22 19:51:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.22 19:43:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.09.20 19:03:15 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010.09.20 18:59:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.09.20 18:48:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TableNinja
[2010.09.20 18:30:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoHotkey
[2010.09.15 20:12:23 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.09.12 11:43:46 | 000,000,000 | ---D | C] -- C:\Users\AlexK\AppData\Roaming\Media Player Classic
[2010.09.11 18:31:08 | 000,000,000 | ---D | C] -- C:\Users\AlexK\AppData\Local\TechSmith
[2010.09.11 18:30:01 | 000,000,000 | ---D | C] -- C:\Users\AlexK\Documents\Camtasia Studio
[2010.09.11 18:29:56 | 000,411,480 | ---- | C] (TechSmith Corporation) -- C:\Windows\SysWow64\tsccvid.dll
[2010.09.11 18:29:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2010.09.11 18:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.09.11 18:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2010.09.11 18:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2010.09.11 18:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2010.09.10 19:36:56 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2010.09.04 19:15:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BurnAware Free
[2010.09.04 19:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2010.09.04 18:39:03 | 000,000,000 | ---D | C] -- C:\Users\AlexK\AppData\Local\Ahead
[2010.09.04 18:08:59 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\Windows\SysWow64\TwnLib20.dll
[2010.09.04 18:08:51 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\Windows\SysWow64\NeroCheck.exe
[2010.09.04 18:08:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead
[2010.09.04 18:08:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ahead
[2010.09.04 17:37:28 | 000,000,000 | ---D | C] -- C:\Users\AlexK\AppData\Roaming\Nero
[2010.09.02 20:54:53 | 000,000,000 | ---D | C] -- C:\Users\AlexK\Documents\Wordpress
[2010.09.02 20:49:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macromedia
[2010.09.02 20:48:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Macromedia
[2010.09.02 20:48:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.08.25 19:47:32 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.22 21:09:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.22 21:09:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.22 21:09:27 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.22 21:08:42 | 001,835,008 | -HS- | M] () -- C:\Users\AlexK\NTUSER.DAT
[2010.09.22 21:08:40 | 003,436,212 | -H-- | M] () -- C:\Users\AlexK\AppData\Local\IconCache.db
[2010.09.22 19:51:55 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.22 19:43:37 | 000,001,007 | ---- | M] () -- C:\Users\AlexK\Desktop\CCleaner.lnk
[2010.09.22 19:38:35 | 000,019,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.22 19:38:35 | 000,019,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.22 19:37:23 | 001,507,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.22 19:37:23 | 000,657,428 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.09.22 19:37:23 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.22 19:37:23 | 000,130,818 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.09.22 19:37:23 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.22 19:35:24 | 065,139,593 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010.09.20 18:48:28 | 000,000,045 | ---- | M] () -- C:\Users\AlexK\AppData\Local\machpro.dat
[2010.09.20 18:35:55 | 000,001,352 | ---- | M] () -- C:\Users\AlexK\Documents\AutoHotkey.ahk
[2010.09.20 18:30:29 | 000,001,049 | ---- | M] () -- C:\Users\AlexK\Desktop\AutoHotkey.lnk
[2010.09.15 19:52:22 | 000,002,665 | ---- | M] () -- C:\Users\AlexK\Desktop\Microsoft Office Picture Manager.lnk
[2010.09.11 18:44:42 | 000,005,120 | ---- | M] () -- C:\Users\AlexK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.11 18:29:46 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2010.09.10 20:20:28 | 000,000,380 | ---- | M] () -- C:\Windows\WINCMD.INI
[2010.09.10 20:16:58 | 000,000,181 | ---- | M] () -- C:\Windows\wcx_ftp.ini
[2010.09.10 20:08:57 | 000,001,167 | ---- | M] () -- C:\Users\AlexK\Desktop\Adobe Photoshop 7.0.lnk
[2010.09.10 20:04:13 | 000,001,553 | ---- | M] () -- C:\Users\AlexK\Desktop\Snipping Tool.lnk
[2010.09.04 19:28:15 | 000,000,136 | ---- | M] () -- C:\Users\AlexK\AppData\Roaming\burnaware.ini
[2010.09.04 19:15:20 | 000,000,978 | ---- | M] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2010.09.02 20:50:58 | 000,002,145 | ---- | M] () -- C:\Users\AlexK\Desktop\Macromedia Dreamweaver MX.lnk
[2010.08.31 07:19:12 | 002,441,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
 
========== Files Created - No Company Name ==========
 
[2010.09.22 19:51:55 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.22 19:43:37 | 000,001,007 | ---- | C] () -- C:\Users\AlexK\Desktop\CCleaner.lnk
[2010.09.20 18:48:28 | 000,000,045 | ---- | C] () -- C:\Users\AlexK\AppData\Local\machpro.dat
[2010.09.20 18:35:55 | 000,001,352 | ---- | C] () -- C:\Users\AlexK\Documents\AutoHotkey.ahk
[2010.09.20 18:30:29 | 000,001,049 | ---- | C] () -- C:\Users\AlexK\Desktop\AutoHotkey.lnk
[2010.09.15 19:52:22 | 000,002,665 | ---- | C] () -- C:\Users\AlexK\Desktop\Microsoft Office Picture Manager.lnk
[2010.09.11 18:36:12 | 000,005,120 | ---- | C] () -- C:\Users\AlexK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.11 18:29:46 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2010.09.10 20:08:57 | 000,001,167 | ---- | C] () -- C:\Users\AlexK\Desktop\Adobe Photoshop 7.0.lnk
[2010.09.10 20:04:13 | 000,001,553 | ---- | C] () -- C:\Users\AlexK\Desktop\Snipping Tool.lnk
[2010.09.04 19:16:13 | 000,000,136 | ---- | C] () -- C:\Users\AlexK\AppData\Roaming\burnaware.ini
[2010.09.04 19:15:20 | 000,000,978 | ---- | C] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2010.09.02 20:50:58 | 000,002,145 | ---- | C] () -- C:\Users\AlexK\Desktop\Macromedia Dreamweaver MX.lnk
[2010.08.06 12:05:58 | 000,000,181 | ---- | C] () -- C:\Windows\wcx_ftp.ini
[2010.08.06 12:04:41 | 000,000,380 | ---- | C] () -- C:\Windows\WINCMD.INI
[2010.08.06 11:02:54 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.08.06 09:43:31 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.08.06 08:43:23 | 000,019,579 | ---- | C] () -- C:\Users\AlexK\AppData\Local\internal.grp
[2010.08.05 18:38:06 | 000,000,381 | ---- | C] () -- C:\Users\AlexK\AppData\Local\postgresinstall.bat
[2010.07.28 13:10:13 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.07.28 13:10:13 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.07.28 13:10:12 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.07.28 13:10:12 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.07.28 13:10:12 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.07.28 13:10:12 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
< End of report >

Und hier die Extras:

Code:

ATTFilter

OTL Extras logfile created on: 22.09.2010 21:11:39 - Run 3
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\AlexK\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 71,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,01 Gb Total Space | 67,38 Gb Free Space | 67,38% Space Free | Partition Type: NTFS
Drive D: | 219,27 Gb Total Space | 196,21 Gb Free Space | 89,49% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 146,48 Gb Total Space | 144,94 Gb Free Space | 98,94% Space Free | Partition Type: NTFS
Drive G: | 29,30 Gb Total Space | 17,74 Gb Free Space | 60,55% Space Free | Partition Type: NTFS
Drive H: | 97,65 Gb Total Space | 19,12 Gb Free Space | 19,58% Space Free | Partition Type: NTFS
Drive I: | 22,09 Gb Total Space | 13,62 Gb Free Space | 61,64% Space Free | Partition Type: NTFS
 
Computer Name: ALEXK-PC
Current User Name: AlexK
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.js[@ = JSFile] -- C:\Program Files (x86)\Macromedia\Dreamweaver MX\Dreamweaver.exe (Macromedia, Inc.)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Program Files (x86)\Macromedia\Dreamweaver MX\Dreamweaver.exe (Macromedia, Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- "C:\Program Files (x86)\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- "C:\Program Files (x86)\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5200" = Canon iP5200
"{7385C8E4-66A7-91C3-FC45-5640D309F897}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"{1212c026-dc9e-444a-bfc9-e748621a7095}" = Nero 9 Essentials
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{268F3E27-1A49-4B44-BBF8-B6F9DDDB41DE}" = PokerStrategy.com Elephant
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{DE6E4530-4AB0-482E-91DE-7FE6309C6EF1}" = Camtasia Studio 7
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{FFB768E4-E427-4553-BC36-A11F5E62A94D}" = Adobe Flash Player 10 ActiveX
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"ASIO4ALL" = ASIO4ALL
"AutoHotkey" = AutoHotkey 1.0.48.05
"AVG9Uninstall" = AVG Free 9.0
"BurnAware Free_is1" = BurnAware Free 3.0.4
"CanonMyPrinter" = Canon Utilities My Printer
"CCleaner" = CCleaner
"Collab" = Collab
"FL Studio 8" = FL Studio 8
"IL Download Manager" = IL Download Manager
"InstallShield_{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"InstallShield_{268F3E27-1A49-4B44-BBF8-B6F9DDDB41DE}" = PokerStrategy.com Elephant
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PoiZone" = PoiZone
"PokerStars" = PokerStars
"Toxic Biohazard" = Toxic Biohazard
"VLC media player" = VLC media player 1.1.0
"William Hill Poker" = William Hill Poker
"XnView_is1" = XnView 1.97.6
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

cosinus · 22.09.2010, 22:25

Hallo und

Zitat:

Jetzt sagt mein Mailware es wäre alles sauber

Poste bitte alle Logs von Malwarebytes!

alex0815 · 23.09.2010, 05:45

Hi und vielen Dank schonmal.
Ich habe jetzt gerade nur den Quickscan gemacht, werde den vollständigen Scan noch nachreichen wenn der was gefunden hat. Das dauert nur jetzt zu lange (>2h).
Hier ist der Bericht:
(Wie kann ich den eigentlich jetzt als Code posten?)

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4672

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

23.09.2010 06:45:11
mbam-log-2010-09-23 (06-45-11).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 145480
Laufzeit: 2 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Habe mir auch einen sshnas.dll - Virus eingefangen

Log-Analyse und Auswertung: Habe mir auch einen sshnas.dll - Virus eingefangen