|
Log-Analyse und Auswertung: sshnas.dll nicht gefunden! Mailware Log...was nun?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
17.10.2010, 21:10 | #1 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? Habe das selbe Problem, wenn ich meinen PC neu starte steht da: sshnas.dll wurde nicht gefunden. Habe herrausgefunden das es ein Trojaner ist, muss ich jetzt meinen PC komplett neu machen???*zitter*... Habe die Mailware durchlaufen lassen und folgendes kam bei raus: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4862 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 17.10.2010 21:48:55 mbam-log-2010-10-17 (21-48-55).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 140678 Laufzeit: 17 Minute(n), 7 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 6 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 1 Infizierte Dateien: 3 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\bifrost (Bifrose.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\sshnas21_rasapi32 (Worm.KoobFace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\sshnas21_rasmancs (Worm.KoobFace) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: C:\Users\TinaJessi\AppData\Roaming\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully. Infizierte Dateien: C:\Users\TinaJessi\AppData\Local\Temp\Qtm.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully. C:\Users\TinaJessi\downloads\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Users\TinaJessi\AppData\Roaming\addons.dat (Bifrose.Trace) -> Quarantined and deleted successfully. |
17.10.2010, 21:14 | #2 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? Hi,
__________________sofort von einem sauberen Rechner aus alle Passwörter (EBay, etc.) ändern... Mit Bifrost auf dem Rechner warst Du nie alleine auf dem Rechner... Wenn Du kannst solltst Du neu aufsetzen! Malwarebytes Antimalware (MAM) Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen: http://filepony.de/download-chameleon/ Danach bitte update der Signaturdateien (Reiter "Update" -> Suche nach Aktualisierungen") Fullscan und alles bereinigen lassen! Log posten. OTL Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
chris
__________________ |
17.10.2010, 21:18 | #3 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? Den ersten Schritt habe ich ja gemacht....habe alles bereinigt....und nun einfach neu Windows 7 installieren?Dann ist alles weg?Kann ich dann von dem aus die Passwörter ändern?Habe keinen anderen PC da?
__________________ |
17.10.2010, 21:21 | #4 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? Hi, nein das war ein Quickscann, bitte Fullscan von MAM (und alles bereinigen lassen!), Log posten... Kein Notebook etc.? Machst du Homebanking? Dann solltest du auch sicherheitshalber das Konto sperren... chris
__________________ Don't bring me down Vor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
17.10.2010, 21:21 | #5 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? Das ist ein Notebook....und ja ich mache onlinebanking habe aber noch nie ein Problem gehabt..... Ok mache jetzt den vollständigen Scan erstmal... OTL habe ich jetzt...:OTL Logfile: OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 17.10.2010 22:32:38 - Run 1 OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\TinaJessi\Downloads Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222,24 Gb Total Space | 94,86 Gb Free Space | 42,68% Space Free | Partition Type: NTFS Drive D: | 10,64 Gb Total Space | 1,79 Gb Free Space | 16,84% Space Free | Partition Type: NTFS Computer Name: TINAJESSI-PC | User Name: TinaJessi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\TinaJessi\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) PRC - C:\Programme\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) PRC - C:\Programme\Alwil Software\Avast4\ashServ.exe (ALWIL Software) PRC - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) PRC - C:\Programme\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) PRC - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe (IDT, Inc.) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () PRC - C:\Programme\Lexmark 1200 Series\LXCZbmgr.exe (Lexmark International, Inc.) PRC - C:\Programme\Lexmark 1200 Series\LXCZbmon.exe (Lexmark International, Inc.) PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\AEstSrv.exe (Andrea Electronics Corporation) PRC - C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe () PRC - C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe () PRC - C:\Programme\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.) PRC - C:\Programme\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) PRC - C:\Programme\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.) PRC - C:\Programme\SMINST\BLService.exe () PRC - C:\Programme\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) PRC - C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard) PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone) PRC - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) PRC - C:\Windows\System32\lxczcoms.exe ( ) ========== Modules (SafeList) ========== MOD - C:\Users\TinaJessi\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe File not found SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe (IDT, Inc.) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (OMSI download service) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\AEstSrv.exe (Andrea Electronics Corporation) SRV - (TVCapSvc) TV Background Capture Service (TVBCS) -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe () SRV - (TVSched) TV Task Scheduler (TVTS) -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe () SRV - (Recovery Service for Windows) -- C:\Programme\SMINST\BLService.exe () SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone) SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS) SRV - (lxcz_device) -- C:\Windows\System32\lxczcoms.exe ( ) ========== Driver Services (SafeList) ========== DRV - (ALSysIO) -- C:\Users\TINAJE~1\AppData\Local\Temp\ALSysIO.sys File not found DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation) DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.) DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\System32\drivers\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation) DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation) DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation) DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation) DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation) DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation) DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- C:\Programme\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.) DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices Inc.) DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.) DRV - (hpdskflt) -- C:\Windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation) DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Corporation) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications) DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Notebook | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP Notebook | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Notebook | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Jappy - Die Internet-Community [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.jappy.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.0.6 FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11 FF - prefs.js..extensions.enabledItems: {6226BA26-C017-4007-928C-DE9715C6FA67}:1.0.0 FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36949 FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.2 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11 FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:3.6 FF - prefs.js..extensions.enabledItems: info@youtube-mp3.org:1.0.2 FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10 FF - prefs.js..extensions.enabledItems: {e7348bc0-16f6-11de-8c30-0800200c9a66}:3.6.19.02.10 FF - prefs.js..extensions.enabledItems: {3ffb7be0-8bde-11de-8a39-0800200c9a66}:3.6.05.02.10 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=skins7&tb_ver=2.0.0.2&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.07 22:42:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.07 22:42:41 | 000,000,000 | ---D | M] [2009.12.08 01:21:28 | 000,000,000 | ---D | M] -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Extensions [2010.10.17 12:47:20 | 000,000,000 | ---D | M] -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions [2010.01.27 21:08:37 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d} [2010.10.09 23:05:10 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010.02.24 09:55:11 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{241aae70-0022-11de-87af-0800200c9a66} [2010.02.24 09:55:11 | 000,000,000 | ---D | M] (Purple Fox) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{3ffb7be0-8bde-11de-8a39-0800200c9a66} [2010.08.23 16:14:19 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010.02.18 09:52:09 | 000,000,000 | ---D | M] (Blingee Toolbar) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{6226BA26-C017-4007-928C-DE9715C6FA67} [2010.10.14 23:33:41 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} [2010.10.09 23:05:08 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.08.10 18:45:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.10.11 22:10:56 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} [2010.10.09 23:05:09 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2010.10.09 23:05:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.07.29 00:01:27 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.02.24 09:55:11 | 000,000,000 | ---D | M] (Pink Fox) -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\{e7348bc0-16f6-11de-8c30-0800200c9a66} [2009.12.08 01:21:30 | 000,000,000 | ---D | M] -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\elemhidehelper@adblockplus.org [2010.10.11 22:16:29 | 000,000,000 | ---D | M] -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\fastYoutubeDownloader@yevgenyandrov.net [2010.10.11 22:29:39 | 000,000,000 | ---D | M] -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\info@youtube-mp3.org [2010.10.09 23:05:10 | 000,000,000 | ---D | M] -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\personas@christopher.beard [2010.07.29 00:17:13 | 000,000,000 | ---D | M] -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\piclens@cooliris.com [2010.10.11 22:18:11 | 000,000,000 | ---D | M] -- C:\Users\TinaJessi\AppData\Roaming\mozilla\Firefox\Profiles\c5mciz0p.default\extensions\youtube2mp3@mondayx.de [2009.09.24 19:46:10 | 000,002,673 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\collectr.xml [2010.03.29 18:45:33 | 000,002,055 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\daemon-search.xml [2009.09.01 09:37:30 | 000,009,838 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\ddl-search-v2.xml [2010.06.23 18:01:12 | 000,000,687 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\icq-search.xml [2010.07.23 22:47:20 | 000,000,950 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\icqplugin-1.xml [2010.07.26 09:56:00 | 000,000,950 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\icqplugin-2.xml [2010.10.07 22:43:55 | 000,000,950 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\icqplugin-3.xml [2010.10.07 22:56:24 | 000,000,950 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\icqplugin-4.xml [2010.06.28 19:48:05 | 000,000,950 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\icqplugin.xml [2010.05.07 17:59:50 | 000,000,472 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\iloadto.xml [2010.06.10 00:37:19 | 000,004,103 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\omega-music.xml [2010.05.03 17:55:11 | 000,002,019 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\pl.xml [2009.11.01 23:05:46 | 000,002,619 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\power-torrent-search.xml [2010.04.22 14:16:17 | 000,002,125 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\rapidsharesrchdb.xml [2010.05.04 22:23:26 | 000,010,413 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\wsearchin.xml [2010.10.11 16:08:41 | 000,002,087 | ---- | M] () -- C:\Users\TinaJessi\AppData\Roaming\Mozilla\FireFox\Profiles\c5mciz0p.default\searchplugins\youtube.xml [2010.08.21 10:51:41 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.04.22 17:45:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.21 10:51:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2007.03.02 15:17:24 | 000,095,200 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPAPIX.dll [2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2007.01.17 13:18:04 | 000,095,200 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPFluxBrowserHelper.dll [2007.09.07 16:25:50 | 000,103,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPMPDRM.dll [2007.09.07 15:46:48 | 000,098,968 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPWMDRMWrapper.dll [2010.10.07 22:42:34 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.10.07 22:42:34 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.10.07 22:42:34 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.10.07 22:42:34 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.10.07 22:42:34 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast!] C:\Programme\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [lxczbmgr.exe] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) O4 - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard) O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [TSMAgent] C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O8 - Extra context menu item: Free YouTube Download - C:\Users\TinaJessi\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\TinaJessi\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} hxxp://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab (PhotoPickConvert Class) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: CabBuilder hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax () O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax () O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{5c98e658-11c2-11df-b7e2-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{5c98e658-11c2-11df-b7e2-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{5c98e65b-11c2-11df-b7e2-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{5c98e65b-11c2-11df-b7e2-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{a1ba6225-f05e-11de-96f8-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{a1ba6225-f05e-11de-96f8-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{a1ba6227-f05e-11de-96f8-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{a1ba6227-f05e-11de-96f8-00269e0d195a}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{a67f7cc8-2fa8-11df-afe2-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{a67f7cc8-2fa8-11df-afe2-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{a67f7cca-2fa8-11df-afe2-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{a67f7cca-2fa8-11df-afe2-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{afa962d4-e616-11de-8973-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{afa962d4-e616-11de-8973-00269e0d195a}\Shell\AutoRun\command - "" = F:\Startme.exe -- File not found O33 - MountPoints2\{bb8bbe5d-2da4-11df-80b7-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{bb8bbe5d-2da4-11df-80b7-00269e0d195a}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{fdb23c2a-148e-11df-9a3c-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{fdb23c2a-148e-11df-9a3c-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.10.17 21:28:46 | 000,000,000 | ---D | C] -- C:\Users\TinaJessi\AppData\Roaming\Malwarebytes [2010.10.17 21:28:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.10.17 21:28:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.10.17 21:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.10.17 21:28:32 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.10.14 15:56:53 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.10.14 15:56:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.10.14 15:56:51 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.10.14 15:56:51 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.10.14 15:56:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.10.14 15:56:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.10.14 15:56:51 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.10.14 15:56:50 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.10.14 15:56:50 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.10.14 15:56:50 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.10.14 15:56:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.10.14 15:56:49 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010.10.14 15:56:40 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010.10.14 15:56:40 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010.10.14 15:56:36 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.10.14 15:56:31 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.10.14 15:56:27 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010.10.14 15:56:26 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll [2010.10.12 11:57:36 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2010.10.12 10:56:17 | 000,000,000 | ---D | C] -- C:\Programme\Adobe Media Player [2010.10.12 10:53:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe AIR [2010.10.12 09:51:17 | 000,000,000 | ---D | C] -- C:\Users\TinaJessi\AppData\Roaming\HP [2010.10.12 09:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2010.10.07 23:22:13 | 000,030,528 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2010.10.07 23:22:08 | 000,030,016 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2010.10.07 23:22:08 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2010.10.07 23:21:16 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2010 [2010.10.07 23:20:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010.10.07 23:20:21 | 000,000,000 | ---D | C] -- C:\Users\TinaJessi\TUU4700 [2010.10.07 23:02:02 | 000,000,000 | ---D | C] -- C:\Users\TinaJessi\AppData\Roaming\TuneUp Software [2010.10.07 23:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2010.10.07 23:01:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357} [2010.10.07 23:00:22 | 000,000,000 | ---D | C] -- C:\Users\TinaJessi\TuneUpUtilities2009.8.0.2000.35 [2010.10.04 09:45:54 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2010.10.03 21:34:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.04.04 20:58:16 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll [2010.04.04 20:58:16 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll [2010.04.04 20:58:16 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll [2010.04.04 20:58:16 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll [2010.04.04 20:58:16 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll [2010.04.04 20:58:16 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll [2010.04.04 20:58:16 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll [2010.04.04 20:58:16 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll [2010.04.04 20:58:16 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll [2010.04.04 20:58:15 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll [2010.04.04 20:58:15 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll [2010.04.04 20:58:15 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll [2009.12.11 11:43:50 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe85D6.dll ========== Files - Modified Within 30 Days ========== [2010.10.17 21:28:40 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.17 21:04:04 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.17 21:04:04 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.17 20:58:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.10.17 20:58:34 | 2414,215,168 | -HS- | M] () -- C:\hiberfil.sys [2010.10.15 17:41:28 | 003,754,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.10.12 23:56:31 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.10.12 23:56:31 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.10.12 23:56:31 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.10.12 23:56:31 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.10.11 21:09:15 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys [2010.10.09 23:01:07 | 000,003,472 | ---- | M] () -- C:\bootsqm.dat [2010.09.30 17:03:46 | 000,030,528 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2010.09.30 16:58:12 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2010.09.30 16:58:02 | 000,030,016 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2010.09.19 19:16:05 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTinaJessi.job ========== Files Created - No Company Name ========== [2010.10.17 21:28:40 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.09 23:01:07 | 000,003,472 | ---- | C] () -- C:\bootsqm.dat [2010.04.09 22:32:03 | 000,000,218 | ---- | C] () -- C:\Users\TinaJessi\AppData\Roaming\default.rss [2010.04.04 20:58:16 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll [2010.04.04 20:58:16 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll [2010.03.29 18:13:41 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010.03.29 18:13:39 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010.03.29 16:37:14 | 000,000,039 | ---- | C] () -- C:\Windows\WININIT.INI [2010.03.09 16:53:20 | 000,000,344 | ---- | C] () -- C:\Users\TinaJessi\AppData\Roaming\wklnhst.dat [2010.01.01 22:39:14 | 000,008,192 | ---- | C] () -- C:\Users\TinaJessi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.12.09 16:10:12 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini [2009.12.08 02:13:40 | 000,000,000 | ---- | C] () -- C:\Users\TinaJessi\AppData\Local\QSwitch.txt [2009.12.08 02:13:40 | 000,000,000 | ---- | C] () -- C:\Users\TinaJessi\AppData\Local\DSwitch.txt [2009.12.08 02:13:40 | 000,000,000 | ---- | C] () -- C:\Users\TinaJessi\AppData\Local\AtStart.txt [2009.12.08 02:13:34 | 000,013,317 | ---- | C] () -- C:\ProgramData\HPWALog.txt [2009.10.03 13:18:16 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009.09.17 18:04:10 | 000,000,116 | ---- | C] () -- C:\Windows\lexstat.ini [2009.09.01 08:53:19 | 000,047,104 | ---- | C] () -- C:\Programme\1031.MST [2009.09.01 08:53:18 | 011,574,784 | ---- | C] () -- C:\Programme\Vodafone Mobile Connect.msi [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008.06.23 14:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2008.05.23 18:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml [2007.02.07 19:58:12 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini [2007.01.22 09:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll [2006.06.07 15:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll [2006.03.27 12:19:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll [2006.03.07 13:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll [2006.01.10 19:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll [2006.01.10 18:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll [1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys < End of report > --- --- --- Und:OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 17.10.2010 22:32:38 - Run 1 OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\TinaJessi\Downloads Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222,24 Gb Total Space | 94,86 Gb Free Space | 42,68% Space Free | Partition Type: NTFS Drive D: | 10,64 Gb Total Space | 1,79 Gb Free Space | 16,84% Space Free | Partition Type: NTFS Computer Name: TINAJESSI-PC | User Name: TinaJessi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [dm Fotowelt] -- "C:\Program Files\dm\dm Fotowelt\dm Fotowelt.exe" "%1" () Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm Fotowelt\dm-Fotowelt.exe" "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support "{018A980E-99CC-E6E1-1103-460538A91B39}" = CCC Help Dutch "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{04758F02-79E9-A64D-6C95-65EF84E435EA}" = ccc-core-static "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{0C1EBF39-FB4C-106D-56C6-91F926F5E283}" = Catalyst Control Center Graphics Light "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F2C3198-6FA0-78E7-48CF-82F766D0AD60}" = Catalyst Control Center Core Implementation "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM "{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights "{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM "{1E8FDA17-C7AB-4610-1F54-B5A6695E8B6F}" = CCC Help Danish "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 21 "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart "{2FD8E82F-55A4-358A-D74A-DA017F011200}" = Catalyst Control Center Graphics Previews Vista "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00 "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 L1 "{34FB8E02-74B4-8018-A2D3-ADB69E06A24A}" = Catalyst Control Center Graphics Previews Common "{367BC374-0115-EEF1-8471-6EC87AF0D8C3}" = CCC Help Norwegian "{37BD3ECA-C926-8CF1-4FFF-BC473CF892E1}" = Catalyst Control Center Graphics Full Existing "{37D31156-0666-0A8B-1313-6120E0FA40D0}" = CCC Help Italian "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help "{3FA73E2A-50B6-DCAE-0BDD-FAA128934EE8}" = Catalyst Control Center Graphics Full New "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{478FAEA5-00EB-F676-89C1-3822B94B09A7}" = CCC Help Japanese "{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update "{490951ED-21E8-0B65-0BF5-32F1A3242F28}" = CCC Help English "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements "{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help "{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision "{5BAB951D-956E-4D20-CCD5-10BB8E1D4AF0}" = CCC Help Czech "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help "{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help "{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live "{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{632240E4-0BC9-704E-D71F-4C5D396D2CCF}" = CCC Help Chinese Standard "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6ABE0E28-3A8E-4ADC-A050-784064B76236}" = HP User Guides 0134 "{720FEF0C-7CE6-C8F6-2CF1-41FBB8846700}" = ATI Catalyst Install Manager "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library "{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed "{78605EFA-1076-A2B3-AA59-526536BA93E3}" = CCC Help Polish "{79CB708A-AD4F-A11B-4CA0-713A152C1705}" = CCC Help Portuguese "{7A9531EF-11A2-D53C-FCB9-8DFCCAD7F2B7}" = CCC Help Spanish "{7ab2a788-597a-4a9a-a094-86c13dd19d97}" = Nero 9 "{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90EB79E8-6A0F-1660-86C2-9E36A8B01D4A}" = CCC Help Korean "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime "{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer "{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter "{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center "{A1D37D8A-876C-5A1E-AC00-454D0C024C9B}" = Skins "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A7AC8E69-01FF-494E-9A2C-423B82CEA604}" = HP MediaSmart SmartMenu "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed "{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2AD681E-6741-AB24-90BC-51B2326F8680}" = CCC Help Russian "{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help "{BA3733E3-CABE-EA21-F351-69BCFC30CF88}" = CCC Help Hungarian "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit "{BDFA1F29-03E7-C59F-F9A5-E727F6E1A857}" = ccc-utility "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}" = Vodafone Mobile Connect Lite "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}" = ProtectSmart Hard Drive Protection "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent "{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library "{D0379E71-7CB9-893E-1A20-9581E10999EC}" = Catalyst Control Center InstallProxy "{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D2F31CF3-F83D-6863-4F8A-C8502802E0DD}" = CCC Help Thai "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{D3887E31-A821-9D46-48B2-240E0613EB12}" = CCC Help Chinese Traditional "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DB5B22F8-D4C2-A320-5151-B3D4CFEF733C}" = CCC Help German "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software "{DD74F03D-8DDC-E124-C971-C3217832EE19}" = CCC Help Turkish "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{E1060959-A299-9D88-60EC-187A55809145}" = CCC Help Swedish "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget "{E551D855-4EE6-852E-5AB8-E9AE95F73B37}" = CCC Help French "{E5E29403-3D25-40C6-892B-F9FEE2A95585}" = HP Wireless Assistant "{E6B042BC-3F10-609E-CDC1-2DE2AEB2552F}" = CCC Help Greek "{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help "{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EE656C90-7D67-ECAA-B2E4-F4A768CDA1D0}" = CCC Help Finnish "{EFB7727F-76AF-43B0-E9AC-3F89181A188B}" = Catalyst Control Center Localization All "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision "{F722E488-A5B5-47ff-AA9B-4DE6CE7914CA}" = Windows 7 Upgrade Advisor "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "7DE39862CC26DCE2446838AAF7CD5C163F835A57" = Windows-Treiberpaket - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010 "avast!" = avast! Antivirus "AviSynth" = AviSynth 2.5 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup.divx.com" = DivX-Setup "dm Fotowelt" = dm Fotowelt "dm-Fotowelt" = dm-Fotowelt "ENTERPRISE" = Microsoft Office Enterprise 2007 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free Studio_is1" = Free Studio version 4.8 "Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "IrfanView" = IrfanView (remove only) "JDownloader" = JDownloader "Lexmark 1200 Series" = Lexmark 1200 Series "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messenger Plus! Live" = Messenger Plus! Live "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10) "SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009) "SynTPDeinstKey" = Synaptics Pointing Device Driver "TuneUp Utilities" = TuneUp Utilities "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.0.1 "WildTangent hp Master Uninstall" = My HP Games "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR Archivierer ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 09.12.2009 09:41:50 | Computer Name = TinaJessi-PC | Source = avast! | ID = 33554522 Description = Error in aswChestC: chestOpenList Error 1753. Error - 09.12.2009 09:41:51 | Computer Name = TinaJessi-PC | Source = avast! | ID = 33554522 Description = aswChestInterface - Program error description: CChestListView::LoadFiles() chestOpenList() failed: 2147422219. Error - 09.12.2009 09:42:04 | Computer Name = TinaJessi-PC | Source = avast! | ID = 33554522 Description = aswChestInterface - Program error description: CChestListView::OnCreate() !m_strErrorWnd.IsEmpty(). ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > Mhhh der andere dauert anscheinend noch.... Wenn ich jetzt mein Windows neu installiere behält er doch einen alten Ornder mit dem vorherigen Programm....dann hab ich den Virus oder Trojaner doch immer noch drauf oder? |
18.10.2010, 00:14 | #6 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? So Warnung kommt beim Neustart nicht mehr...habe nochmal das Malewarprogramm drüber laufen lassen, dabei kam herraus: Malwarebytes' Anti-Malware 1.46 Malwarebytes Datenbank Version: 4862 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 18.10.2010 01:13:38 mbam-log-2010-10-18 (01-13-38).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 140423 Laufzeit: 12 Minute(n), 33 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Mache Morgen nochmal den kompletten Scan.... |
18.10.2010, 06:50 | #7 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? Hi, poste das Log vom Komplettscan... Fix für OTL:
Code:
ATTFilter :OTL DRV - (ALSysIO) -- C:\Users\TINAJE~1\AppData\Local\Temp\ALSysIO.sys File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O33 - MountPoints2\{5c98e658-11c2-11df-b7e2-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{5c98e658-11c2-11df-b7e2-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{5c98e65b-11c2-11df-b7e2-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{5c98e65b-11c2-11df-b7e2-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{a1ba6225-f05e-11de-96f8-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{a1ba6225-f05e-11de-96f8-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{a1ba6227-f05e-11de-96f8-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{a1ba6227-f05e-11de-96f8-00269e0d195a}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{a67f7cc8-2fa8-11df-afe2-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{a67f7cc8-2fa8-11df-afe2-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{a67f7cca-2fa8-11df-afe2-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{a67f7cca-2fa8-11df-afe2-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{afa962d4-e616-11de-8973-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{afa962d4-e616-11de-8973-00269e0d195a}\Shell\AutoRun\command - "" = F:\Startme.exe -- File not found O33 - MountPoints2\{bb8bbe5d-2da4-11df-80b7-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{bb8bbe5d-2da4-11df-80b7-00269e0d195a}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- File not found O33 - MountPoints2\{fdb23c2a-148e-11df-9a3c-00269e0d195a}\Shell - "" = AutoRun O33 - MountPoints2\{fdb23c2a-148e-11df-9a3c-00269e0d195a}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found :Commands [purity] [emptytemp] [EMPTYFLASH] [Reboot]
chris
__________________ Don't bring me down Vor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
18.10.2010, 15:07 | #8 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? Komplettscan: Malwarebytes' Anti-Malware 1.46 Malwarebytes Datenbank Version: 4865 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 18.10.2010 16:04:20 mbam-log-2010-10-18 (16-04-20).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 338056 Laufzeit: 2 Stunde(n), 44 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 2 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Users\TinaJessi\TuneUpUtilities2009.8.0.2000.35\Keygen(FFF)\TuneUp.Utilities.2009-keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. C:\Users\TinaJessi\TUU4700\TuneUp Utilities 2010-9.0.4700.21\Keygen\core-keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. |
18.10.2010, 15:22 | #9 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? OTL nach komplett Scan: All processes killed ========== OTL ========== Service ALSysIO stopped successfully! Service ALSysIO deleted successfully! File C:\Users\TINAJE~1\AppData\Local\Temp\ALSysIO.sys File not found not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c98e658-11c2-11df-b7e2-00269e0d195a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c98e658-11c2-11df-b7e2-00269e0d195a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c98e658-11c2-11df-b7e2-00269e0d195a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c98e658-11c2-11df-b7e2-00269e0d195a}\ not found. File F:\setup_vmc_lite.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c98e65b-11c2-11df-b7e2-00269e0d195a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c98e65b-11c2-11df-b7e2-00269e0d195a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c98e65b-11c2-11df-b7e2-00269e0d195a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c98e65b-11c2-11df-b7e2-00269e0d195a}\ not found. File F:\setup_vmc_lite.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1ba6225-f05e-11de-96f8-00269e0d195a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1ba6225-f05e-11de-96f8-00269e0d195a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1ba6225-f05e-11de-96f8-00269e0d195a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1ba6225-f05e-11de-96f8-00269e0d195a}\ not found. File F:\setup_vmc_lite.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1ba6227-f05e-11de-96f8-00269e0d195a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1ba6227-f05e-11de-96f8-00269e0d195a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1ba6227-f05e-11de-96f8-00269e0d195a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1ba6227-f05e-11de-96f8-00269e0d195a}\ not found. File G:\setup_vmc_lite.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a67f7cc8-2fa8-11df-afe2-00269e0d195a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a67f7cc8-2fa8-11df-afe2-00269e0d195a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a67f7cc8-2fa8-11df-afe2-00269e0d195a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a67f7cc8-2fa8-11df-afe2-00269e0d195a}\ not found. File F:\setup_vmc_lite.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a67f7cca-2fa8-11df-afe2-00269e0d195a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a67f7cca-2fa8-11df-afe2-00269e0d195a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a67f7cca-2fa8-11df-afe2-00269e0d195a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a67f7cca-2fa8-11df-afe2-00269e0d195a}\ not found. File F:\setup_vmc_lite.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{afa962d4-e616-11de-8973-00269e0d195a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afa962d4-e616-11de-8973-00269e0d195a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{afa962d4-e616-11de-8973-00269e0d195a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afa962d4-e616-11de-8973-00269e0d195a}\ not found. File F:\Startme.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb8bbe5d-2da4-11df-80b7-00269e0d195a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bb8bbe5d-2da4-11df-80b7-00269e0d195a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb8bbe5d-2da4-11df-80b7-00269e0d195a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bb8bbe5d-2da4-11df-80b7-00269e0d195a}\ not found. File G:\setup_vmc_lite.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fdb23c2a-148e-11df-9a3c-00269e0d195a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fdb23c2a-148e-11df-9a3c-00269e0d195a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fdb23c2a-148e-11df-9a3c-00269e0d195a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fdb23c2a-148e-11df-9a3c-00269e0d195a}\ not found. File F:\setup_vmc_lite.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: TinaJessi ->Temp folder emptied: 2316693696 bytes ->Temporary Internet Files folder emptied: 313720689 bytes ->Java cache emptied: 44833701 bytes ->FireFox cache emptied: 91474124 bytes ->Google Chrome cache emptied: 6119001 bytes ->Flash cache emptied: 113761 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 403793 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 2.645,00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Public User: TinaJessi ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.15.2 log created on 10182010_160900 Files\Folders moved on Reboot... Registry entries deleted on Reboot... |
19.10.2010, 07:02 | #10 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? Hi, leider habt Ihr Euch selber was auf den Rechner gehohlt, und leider endet damit auch unser Support, da wir aus rechtlichen Gründen nicht weiter unterstützen dürfen.... Keygen\core-keygen.exe (Trojan.Agent.CK)... chris&out
__________________ Don't bring me down Vor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
19.10.2010, 17:55 | #11 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? Muss ich das jetzt verstehen? |
22.10.2010, 07:29 | #12 |
| sshnas.dll nicht gefunden! Mailware Log...was nun? Hi, nun, wer Keygens einsetzt "klaut" damit SW und macht sich strafbar... Und das Board will sich da nicht reinziehen lassen, daher wird die Hilfe eingestellt... chris
__________________ Don't bring me down Vor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
Themen zu sshnas.dll nicht gefunden! Mailware Log...was nun? |
anti-malware, appdata, backdoor.bifrose, bifrose.trace, bifrost, bösartige, dateien, downloads, explorer, folge, folgendes, handle, komplett, loader, local\temp, m.exe, microsoft, minute, neu, nicht gefunden, problem, roaming, software, starte, temp, troja, trojan.agent, trojaner, version, verzeichnisse, worm.koobface |