| |
| |||||||
Log-Analyse und Auswertung: Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.04.2011, 19:54
| #1 |
 |  Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Hi, ich habe seit heute einen Ordner, mit dem Namen "Recycler", auf meinem USB-Stick. Mein Antivirenprogramm Avast zeigt mir die ganze Zeit an, dass er den Trojaner "Recycler" und die Malware "Copy of Shortcut to (4).Ink" blockiert. Der greift anscheinend mein Mozilla Firefox an. Nun habe ich ein wenig im Forum gestöbert und mir die beiden Programme Malwarebytes und OTL geladen und die Logs kopiert. Ich hoffe ihr könnt mir helfen!  Malwarebytes Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6235
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
01.04.2011 19:57:33
mbam-log-2011-04-01 (19-57-33).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|G:\|)
Durchsuchte Objekte: 260410
Laufzeit: 44 Minute(n), 9 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 413
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz27B6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz56B7.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz849F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB19D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz7192.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz2454.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5353.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB94D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzE679.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz1C9B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4BAC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz7BF4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzAB04.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzDDFB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD1B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz413A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA7F2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzDAAA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9CA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz3CC1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz6E51.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9D9F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzCCBF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzFBEF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz2ED6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz62E5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz931E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC23E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF15E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5AA5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz8ADE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB9FE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzE90E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzAC9A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz183D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzEA0C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4895.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz7CA5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz1F44.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzAF8C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz8C24.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzDEAC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC580.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF04.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF848.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz3F5B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz6F94.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA28B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD3EC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz31B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz3373.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz6774.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9694.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC96B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzFB0B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz2F0B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz62EC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz95C3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC87B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzFF0A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz32FB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz6C77.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA547.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD82E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzAF6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz3EF6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz72F6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA5CD.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzDC4D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF14.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz45E2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz79D2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\uGnxcDpg.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC58.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD90F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz42E7.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzDDA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz73DB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz48EB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzAD28.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz76A4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzDD22.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA5B5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB87.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD5ED.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8782.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz655.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3F29.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz340E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6EF5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz1668.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6437.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9AF9.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2966.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9200.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC380.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC826.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF3F7.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF552.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5692.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2613.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2BF1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz584F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6753.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8617.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz597B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB92D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB4CE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzE947.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzE333.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz175D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9589.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz4545.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5543.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz7475.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz447F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA395.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz72F3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD1BB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA158.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFFA3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD835.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2FEB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6A9.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz62B3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3E60.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz909B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6EE7.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC363.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9F9D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF2E0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzCDC3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8398.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2606.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFA44.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz543C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz27DE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz84B3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5D83.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB059.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz89A6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzDE9F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB66F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5607.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB5AB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzE39C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzEA66.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF90.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz20B6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3EEF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz4E02.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6AD4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz7A83.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9DEA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA688.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD035.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD402.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFD71.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz11F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz727.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3139.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5E27.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz87A5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8B44.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB4E2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB758.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzE0E6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzE37C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzE70.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz222.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz1691.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3B01.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz444B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz7D0B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC90C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA900.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFBD4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD552.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz293F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz29E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3769.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3112.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5DE1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB1BF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz89E6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzDDC3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB81C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9A8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzE6AF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3B95.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz13DC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6A39.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3FC1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA07A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz76EC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzCC5F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF853.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA3F9.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD70F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz259F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz42C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz7062.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3021.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz844C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5C16.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB62A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9237.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8933.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFA5E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzE22E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2BA0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF7A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz63E4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3DFE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9913.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz7529.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9EE6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA60D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD298.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzDBE1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz64A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzBAD.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz38C3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3B4A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6A73.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6BFF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz985A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9B8C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC9EA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzCD6A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFC64.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFCF7.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2DE4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2918.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3396.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5F55.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB806.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9AE3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzEC63.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz1325.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2478.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD347.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5A4C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz39C0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8DDF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6B31.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC3E2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9CB1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF61D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3474.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2887.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzCF5A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5AC3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8D0E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6E18.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzBF69.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9FD6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF1B4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD6D3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2716.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2833.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz97B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5EA3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3B0B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz94B5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC848.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA30B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFBCB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD5C3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2E07.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz89B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2174.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6090.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz368.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9348.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3A0B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF109.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC6FA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6B9B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz27D6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9DA8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5F21.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzCE0F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFE96.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC675.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2DE5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFAD2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6129.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9088.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz32E8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC024.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz65FD.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF222.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2038.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD1F3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz4BFE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz68F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz7EB6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3B98.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzAA5D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6C2E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD9BB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz98FE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC64.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC4A4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3F7A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF07A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6EC9.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz1FD8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA078.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz4F36.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD88D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz7E95.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzCAC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB053.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3FF0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzE359.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz72D8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz1B8E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA9B5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5A18.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzDDF3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8D1F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz1222.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC025.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz495C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF33B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz7C63.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz274A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzAF59.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5B5A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzE5D9.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8E41.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz1F83.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC166.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz527A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF4AB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz85DE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzBCBB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz641A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9B45.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz4CB1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzCAD2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz7C1F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF927.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzAB6D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2AE6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzDADB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6349.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA2A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz966F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3AB1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC975.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6F2E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFC9A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9E8D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz30D9.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzCDFA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6A83.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFD88.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA170.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6C6A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD496.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz683.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9ED4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz35E1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6666.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzCA9A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz95C8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF7A8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC536.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5FB7.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF779.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8F35.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz280F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzBEA2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5C8C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzEE20.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8E5A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC298.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5CA5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF5CD.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8F9C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz2673.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzC6A7.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz5AE0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzFBFF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz8A2F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz302D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB98D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz69F7.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzE8DC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz9D1D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz184A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD042.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz48FF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz7EC4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3B4E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB073.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz6FEA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzDFE1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA724.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzD902.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz89F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz3D6A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz75DC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzA912.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzDE88.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz123A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz45EC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trz7E7D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzB117.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-4-5-58-7307846082-1607154576-402031742-7058\trzF3F5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
Code:
ATTFilter OTL logfile created on: 01.04.2011 20:16:57 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Vee\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 205,80 Gb Total Space | 126,96 Gb Free Space | 61,69% Space Free | Partition Type: NTFS Drive E: | 27,07 Gb Total Space | 17,09 Gb Free Space | 63,11% Space Free | Partition Type: FAT32 Drive G: | 15,66 Gb Total Space | 7,19 Gb Free Space | 45,90% Space Free | Partition Type: FAT32 Computer Name: VEE-PC | User Name: Vee | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Vee\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) ========== Modules (SafeList) ========== MOD - C:\Users\Vee\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp) DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation) DRV - (DCamUSBGene) -- C:\Windows\System32\drivers\USBGENE.sys (Genesys Logic, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Programme\NCH\tbNCH.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F9 9C E4 08 78 F0 CB 01 [binary data] IE - HKCU\..\URLSearchHook: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Programme\NCH\tbNCH.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {c2db4fe6-8409-45ce-8010-189a7b5cce86}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {2097BC94-5230-4225-A608-435736D47FAB}:1.9.1 FF - prefs.js..extensions.enabledItems: {E7D4207A-0C83-41F1-89B1-19535F5AE88C}:1.9.1 FF - HKLM\software\mozilla\Firefox\Extensions\\{2097BC94-5230-4225-A608-435736D47FAB}: C:\Users\Vee\AppData\Local\{2097BC94-5230-4225-A608-435736D47FAB} [2011.03.31 19:46:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{E7D4207A-0C83-41F1-89B1-19535F5AE88C}: C:\Windows\system32\config\systemprofile\AppData\Local\{E7D4207A-0C83-41F1-89B1-19535F5AE88C}\ [2011.04.01 15:54:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 22:10:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 22:10:05 | 000,000,000 | ---D | M] [2009.12.20 19:31:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vee\AppData\Roaming\mozilla\Extensions [2011.04.01 16:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vee\AppData\Roaming\mozilla\Firefox\Profiles\oj67mgft.default\extensions [2010.12.02 23:02:40 | 000,000,000 | ---D | M] (NCH Toolbar) -- C:\Users\Vee\AppData\Roaming\mozilla\Firefox\Profiles\oj67mgft.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86} [2011.04.01 16:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.12.27 23:37:59 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2011.03.31 19:46:33 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\VEE\APPDATA\LOCAL\{2097BC94-5230-4225-A608-435736D47FAB} [2011.04.01 15:54:30 | 000,000,000 | ---D | M] (XULRunner) -- C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\{E7D4207A-0C83-41F1-89B1-19535F5AE88C} [2010.05.25 18:09:48 | 000,225,772 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll [2010.07.10 19:14:47 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.07.10 19:14:48 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.07.10 19:14:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.07.10 19:14:48 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.07.10 19:14:48 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Programme\NCH\tbNCH.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Programme\NCH\tbNCH.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (NCH Toolbar) - {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - C:\Programme\NCH\tbNCH.dll (Conduit Ltd.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software) O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKCU..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.) O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Program Files\sdguurri\bjukjdaw.exe) - C:\Programme\sdguurri\bjukjdaw.exe File not found O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.04.01 20:17:42 | 000,000,003 | RHS- | M] () - G:\autorun.inf -- [ FAT32 ] O33 - MountPoints2\{73c75133-f5c8-11db-b1db-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{73c75133-f5c8-11db-b1db-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CD_Start.exe O33 - MountPoints2\{d6a8ea25-2318-11e0-9210-001060d10d32}\Shell - "" = AutoRun O33 - MountPoints2\{d6a8ea25-2318-11e0-9210-001060d10d32}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{fa392afb-cd4b-11df-af83-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{fa392afb-cd4b-11df-af83-806e6f6e6963}\Shell\AutoRun\command - "" = H:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.01 20:16:24 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Vee\Desktop\OTL.exe [2011.04.01 20:01:07 | 000,000,000 | ---D | C] -- C:\Users\Vee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011.04.01 16:29:47 | 000,000,000 | ---D | C] -- C:\Users\Vee\AppData\Roaming\Malwarebytes [2011.04.01 16:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.01 16:29:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.01 16:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.01 16:29:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.04.01 16:29:28 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.04.01 15:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2011.04.01 15:29:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover [2011.04.01 15:29:40 | 000,000,000 | ---D | C] -- C:\Programme\Trojan Remover [2011.04.01 15:29:06 | 010,905,616 | ---- | C] (Simply Super Software ) -- C:\Users\Vee\Desktop\trjsetup682.exe [2011.04.01 15:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.04.01 15:21:22 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2011.04.01 15:19:52 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll [2011.04.01 15:19:52 | 000,000,000 | ---D | C] -- C:\Users\Vee\Documents\Simply Super Software [2011.04.01 15:19:48 | 000,000,000 | ---D | C] -- C:\Users\Vee\AppData\Roaming\Simply Super Software [2011.04.01 15:19:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software [2011.04.01 13:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011.04.01 13:54:18 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy [2011.04.01 13:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.04.01 13:41:30 | 000,000,000 | ---D | C] -- C:\Programme\sdguurri [2011.04.01 12:49:27 | 000,000,000 | ---D | C] -- C:\Users\Vee\Desktop\Prom [2011.03.31 19:46:33 | 000,000,000 | ---D | C] -- C:\Users\Vee\AppData\Local\{2097BC94-5230-4225-A608-435736D47FAB} [2011.03.31 18:51:54 | 000,000,000 | ---D | C] -- C:\Users\Vee\Desktop\AirForce VS Navy [2011.03.26 14:23:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Elaborate Bytes [2011.03.26 14:22:35 | 000,000,000 | ---D | C] -- C:\Programme\Elaborate Bytes [2011.03.26 14:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2011.03.26 14:04:09 | 000,000,000 | ---D | C] -- C:\Users\Vee\Documents\AnyDVDHD [2011.03.26 14:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SlySoft [2011.03.26 14:01:07 | 000,000,000 | ---D | C] -- C:\Programme\SlySoft [2011.03.26 14:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft [2011.03.23 23:08:10 | 000,000,000 | ---D | C] -- C:\Users\Vee\Desktop\[1992] Iron Maiden - Fear of the Dark [2011.03.09 17:30:36 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011.03.09 17:30:35 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011.03.09 17:10:18 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2011.03.09 17:10:18 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2011.03.09 17:10:18 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2011.03.09 17:10:18 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2011.03.07 18:54:59 | 000,000,000 | ---D | C] -- C:\Users\Vee\Desktop\(2011) Adapt - Death Dealers [2011.03.07 04:08:13 | 000,093,552 | ---- | C] (Elaborate Bytes AG) -- C:\Windows\System32\ElbyCDIO.dll [1 C:\Users\Vee\Desktop\*.tmp files -> C:\Users\Vee\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.01 20:16:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Vee\Desktop\OTL.exe [2011.04.01 20:05:31 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.01 20:05:31 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.01 20:05:31 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.01 20:05:31 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.01 20:04:53 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.01 20:04:53 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.01 19:59:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.01 19:59:12 | 1609,363,456 | -HS- | M] () -- C:\hiberfil.sys [2011.04.01 16:29:32 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.01 16:24:07 | 000,731,136 | ---- | M] () -- C:\Users\Vee\Desktop\avenger.exe [2011.04.01 15:29:46 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2011.04.01 15:29:12 | 010,905,616 | ---- | M] (Simply Super Software ) -- C:\Users\Vee\Desktop\trjsetup682.exe [2011.04.01 15:21:23 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.01 14:57:25 | 000,000,120 | ---- | M] () -- C:\Users\Vee\AppData\Local\Idujetac.dat [2011.04.01 14:57:25 | 000,000,000 | ---- | M] () -- C:\Users\Vee\AppData\Local\Mfasuzup.bin [2011.04.01 13:54:29 | 000,001,220 | ---- | M] () -- C:\Users\Vee\Desktop\Spybot - Search & Destroy.lnk [2011.03.26 17:25:23 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib [2011.03.26 14:22:45 | 000,001,161 | ---- | M] () -- C:\Users\Public\Desktop\CloneDVD2.lnk [2011.03.26 14:01:16 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\AnyDVD.lnk [2011.03.07 04:08:13 | 000,093,552 | ---- | M] (Elaborate Bytes AG) -- C:\Windows\System32\ElbyCDIO.dll [1 C:\Users\Vee\Desktop\*.tmp files -> C:\Users\Vee\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.01 16:29:32 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.01 16:24:01 | 000,731,136 | ---- | C] () -- C:\Users\Vee\Desktop\avenger.exe [2011.04.01 15:29:46 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2011.04.01 15:21:23 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.01 15:19:52 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll [2011.04.01 15:19:52 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar3.dll [2011.04.01 15:19:52 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll [2011.04.01 15:19:52 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll [2011.04.01 14:57:25 | 000,000,120 | ---- | C] () -- C:\Users\Vee\AppData\Local\Idujetac.dat [2011.04.01 14:57:25 | 000,000,000 | ---- | C] () -- C:\Users\Vee\AppData\Local\Mfasuzup.bin [2011.04.01 13:54:29 | 000,001,220 | ---- | C] () -- C:\Users\Vee\Desktop\Spybot - Search & Destroy.lnk [2011.03.26 14:22:45 | 000,001,161 | ---- | C] () -- C:\Users\Public\Desktop\CloneDVD2.lnk [2011.03.26 14:03:29 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.03.26 14:01:16 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\AnyDVD.lnk [2010.10.29 16:43:21 | 000,000,917 | ---- | C] () -- C:\Users\Vee\AppData\Roaming\coreavc.ini [2010.09.26 21:29:40 | 000,000,462 | ---- | C] () -- C:\Windows\{A67C4EF9-725D-4C83-A67A-BB7B7DE96CF4}_WiseFW.ini [2010.04.12 10:42:21 | 000,000,032 | ---- | C] () -- C:\Windows\CD_START.INI [2009.12.20 19:31:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2009.07.14 10:47:43 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:47:43 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,321,024 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2007.10.02 17:03:19 | 000,515,328 | ---- | C] () -- C:\Windows\System32\drivers\USBGENE1.sys [2007.10.02 17:03:19 | 000,232,704 | ---- | C] () -- C:\Windows\System32\drivers\USBGENE0.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > Code:
ATTFilter OTL Extras logfile created on: 01.04.2011 20:16:57 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Vee\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 205,80 Gb Total Space | 126,96 Gb Free Space | 61,69% Space Free | Partition Type: NTFS
Drive E: | 27,07 Gb Total Space | 17,09 Gb Free Space | 63,11% Space Free | Partition Type: FAT32
Drive G: | 15,66 Gb Total Space | 7,19 Gb Free Space | 45,90% Space Free | Partition Type: FAT32
Computer Name: VEE-PC | User Name: Vee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{A67C4EF9-725D-4C83-A67A-BB7B7DE96CF4}" = Sibelius 6 Demo
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"AnyDVD" = AnyDVD
"avast5" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"CloneDVD2" = CloneDVD2
"conduitEngine" = Conduit Engine
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"HaaliMkx" = Haali Media Splitter
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.5.18)" = Mozilla Firefox (3.5.18)
"NCH Toolbar" = NCH Toolbar
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PhotomatixPro3x32_is1" = Photomatix Pro version 3.2.9
"Prism" = Prism Videodatei-Konverter
"PS3 Video 9" = PS3 Video 9 6
"Tansee iPhone Transfer_is1" = Tansee iPhone Transfer
"Trojan Remover_is1" = Trojan Remover 6.8.2
"Uninstall_is1" = Uninstall 1.0.0.1
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Code:
ATTFilter OTL logfile created on: 01.04.2011 20:16:57 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Vee\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 205,80 Gb Total Space | 126,96 Gb Free Space | 61,69% Space Free | Partition Type: NTFS Drive E: | 27,07 Gb Total Space | 17,09 Gb Free Space | 63,11% Space Free | Partition Type: FAT32 Drive G: | 15,66 Gb Total Space | 7,19 Gb Free Space | 45,90% Space Free | Partition Type: FAT32 Computer Name: VEE-PC | User Name: Vee | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Vee\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) ========== Modules (SafeList) ========== MOD - C:\Users\Vee\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp) DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation) DRV - (DCamUSBGene) -- C:\Windows\System32\drivers\USBGENE.sys (Genesys Logic, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Programme\NCH\tbNCH.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F9 9C E4 08 78 F0 CB 01 [binary data] IE - HKCU\..\URLSearchHook: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Programme\NCH\tbNCH.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {c2db4fe6-8409-45ce-8010-189a7b5cce86}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {2097BC94-5230-4225-A608-435736D47FAB}:1.9.1 FF - prefs.js..extensions.enabledItems: {E7D4207A-0C83-41F1-89B1-19535F5AE88C}:1.9.1 FF - HKLM\software\mozilla\Firefox\Extensions\\{2097BC94-5230-4225-A608-435736D47FAB}: C:\Users\Vee\AppData\Local\{2097BC94-5230-4225-A608-435736D47FAB} [2011.03.31 19:46:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{E7D4207A-0C83-41F1-89B1-19535F5AE88C}: C:\Windows\system32\config\systemprofile\AppData\Local\{E7D4207A-0C83-41F1-89B1-19535F5AE88C}\ [2011.04.01 15:54:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 22:10:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 22:10:05 | 000,000,000 | ---D | M] [2009.12.20 19:31:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vee\AppData\Roaming\mozilla\Extensions [2011.04.01 16:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vee\AppData\Roaming\mozilla\Firefox\Profiles\oj67mgft.default\extensions [2010.12.02 23:02:40 | 000,000,000 | ---D | M] (NCH Toolbar) -- C:\Users\Vee\AppData\Roaming\mozilla\Firefox\Profiles\oj67mgft.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86} [2011.04.01 16:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.12.27 23:37:59 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2011.03.31 19:46:33 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\VEE\APPDATA\LOCAL\{2097BC94-5230-4225-A608-435736D47FAB} [2011.04.01 15:54:30 | 000,000,000 | ---D | M] (XULRunner) -- C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\{E7D4207A-0C83-41F1-89B1-19535F5AE88C} [2010.05.25 18:09:48 | 000,225,772 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll [2010.07.10 19:14:47 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.07.10 19:14:48 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.07.10 19:14:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.07.10 19:14:48 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.07.10 19:14:48 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Programme\NCH\tbNCH.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Programme\NCH\tbNCH.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (NCH Toolbar) - {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - C:\Programme\NCH\tbNCH.dll (Conduit Ltd.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software) O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKCU..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.) O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Program Files\sdguurri\bjukjdaw.exe) - C:\Programme\sdguurri\bjukjdaw.exe File not found O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.04.01 20:17:42 | 000,000,003 | RHS- | M] () - G:\autorun.inf -- [ FAT32 ] O33 - MountPoints2\{73c75133-f5c8-11db-b1db-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{73c75133-f5c8-11db-b1db-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CD_Start.exe O33 - MountPoints2\{d6a8ea25-2318-11e0-9210-001060d10d32}\Shell - "" = AutoRun O33 - MountPoints2\{d6a8ea25-2318-11e0-9210-001060d10d32}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{fa392afb-cd4b-11df-af83-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{fa392afb-cd4b-11df-af83-806e6f6e6963}\Shell\AutoRun\command - "" = H:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.01 20:16:24 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Vee\Desktop\OTL.exe [2011.04.01 20:01:07 | 000,000,000 | ---D | C] -- C:\Users\Vee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011.04.01 16:29:47 | 000,000,000 | ---D | C] -- C:\Users\Vee\AppData\Roaming\Malwarebytes [2011.04.01 16:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.01 16:29:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.01 16:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.01 16:29:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.04.01 16:29:28 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.04.01 15:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2011.04.01 15:29:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover [2011.04.01 15:29:40 | 000,000,000 | ---D | C] -- C:\Programme\Trojan Remover [2011.04.01 15:29:06 | 010,905,616 | ---- | C] (Simply Super Software ) -- C:\Users\Vee\Desktop\trjsetup682.exe [2011.04.01 15:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.04.01 15:21:22 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2011.04.01 15:19:52 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll [2011.04.01 15:19:52 | 000,000,000 | ---D | C] -- C:\Users\Vee\Documents\Simply Super Software [2011.04.01 15:19:48 | 000,000,000 | ---D | C] -- C:\Users\Vee\AppData\Roaming\Simply Super Software [2011.04.01 15:19:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software [2011.04.01 13:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011.04.01 13:54:18 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy [2011.04.01 13:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.04.01 13:41:30 | 000,000,000 | ---D | C] -- C:\Programme\sdguurri [2011.04.01 12:49:27 | 000,000,000 | ---D | C] -- C:\Users\Vee\Desktop\Prom [2011.03.31 19:46:33 | 000,000,000 | ---D | C] -- C:\Users\Vee\AppData\Local\{2097BC94-5230-4225-A608-435736D47FAB} [2011.03.31 18:51:54 | 000,000,000 | ---D | C] -- C:\Users\Vee\Desktop\AirForce VS Navy [2011.03.26 14:23:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Elaborate Bytes [2011.03.26 14:22:35 | 000,000,000 | ---D | C] -- C:\Programme\Elaborate Bytes [2011.03.26 14:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2011.03.26 14:04:09 | 000,000,000 | ---D | C] -- C:\Users\Vee\Documents\AnyDVDHD [2011.03.26 14:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SlySoft [2011.03.26 14:01:07 | 000,000,000 | ---D | C] -- C:\Programme\SlySoft [2011.03.26 14:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft [2011.03.23 23:08:10 | 000,000,000 | ---D | C] -- C:\Users\Vee\Desktop\[1992] Iron Maiden - Fear of the Dark [2011.03.09 17:30:36 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011.03.09 17:30:35 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011.03.09 17:10:18 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2011.03.09 17:10:18 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2011.03.09 17:10:18 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2011.03.09 17:10:18 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2011.03.07 18:54:59 | 000,000,000 | ---D | C] -- C:\Users\Vee\Desktop\(2011) Adapt - Death Dealers [2011.03.07 04:08:13 | 000,093,552 | ---- | C] (Elaborate Bytes AG) -- C:\Windows\System32\ElbyCDIO.dll [1 C:\Users\Vee\Desktop\*.tmp files -> C:\Users\Vee\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.01 20:16:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Vee\Desktop\OTL.exe [2011.04.01 20:05:31 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.01 20:05:31 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.01 20:05:31 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.01 20:05:31 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.01 20:04:53 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.01 20:04:53 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.01 19:59:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.01 19:59:12 | 1609,363,456 | -HS- | M] () -- C:\hiberfil.sys [2011.04.01 16:29:32 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.01 16:24:07 | 000,731,136 | ---- | M] () -- C:\Users\Vee\Desktop\avenger.exe [2011.04.01 15:29:46 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2011.04.01 15:29:12 | 010,905,616 | ---- | M] (Simply Super Software ) -- C:\Users\Vee\Desktop\trjsetup682.exe [2011.04.01 15:21:23 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.01 14:57:25 | 000,000,120 | ---- | M] () -- C:\Users\Vee\AppData\Local\Idujetac.dat [2011.04.01 14:57:25 | 000,000,000 | ---- | M] () -- C:\Users\Vee\AppData\Local\Mfasuzup.bin [2011.04.01 13:54:29 | 000,001,220 | ---- | M] () -- C:\Users\Vee\Desktop\Spybot - Search & Destroy.lnk [2011.03.26 17:25:23 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib [2011.03.26 14:22:45 | 000,001,161 | ---- | M] () -- C:\Users\Public\Desktop\CloneDVD2.lnk [2011.03.26 14:01:16 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\AnyDVD.lnk [2011.03.07 04:08:13 | 000,093,552 | ---- | M] (Elaborate Bytes AG) -- C:\Windows\System32\ElbyCDIO.dll [1 C:\Users\Vee\Desktop\*.tmp files -> C:\Users\Vee\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.01 16:29:32 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.01 16:24:01 | 000,731,136 | ---- | C] () -- C:\Users\Vee\Desktop\avenger.exe [2011.04.01 15:29:46 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2011.04.01 15:21:23 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.01 15:19:52 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll [2011.04.01 15:19:52 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar3.dll [2011.04.01 15:19:52 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll [2011.04.01 15:19:52 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll [2011.04.01 14:57:25 | 000,000,120 | ---- | C] () -- C:\Users\Vee\AppData\Local\Idujetac.dat [2011.04.01 14:57:25 | 000,000,000 | ---- | C] () -- C:\Users\Vee\AppData\Local\Mfasuzup.bin [2011.04.01 13:54:29 | 000,001,220 | ---- | C] () -- C:\Users\Vee\Desktop\Spybot - Search & Destroy.lnk [2011.03.26 14:22:45 | 000,001,161 | ---- | C] () -- C:\Users\Public\Desktop\CloneDVD2.lnk [2011.03.26 14:03:29 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.03.26 14:01:16 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\AnyDVD.lnk [2010.10.29 16:43:21 | 000,000,917 | ---- | C] () -- C:\Users\Vee\AppData\Roaming\coreavc.ini [2010.09.26 21:29:40 | 000,000,462 | ---- | C] () -- C:\Windows\{A67C4EF9-725D-4C83-A67A-BB7B7DE96CF4}_WiseFW.ini [2010.04.12 10:42:21 | 000,000,032 | ---- | C] () -- C:\Windows\CD_START.INI [2009.12.20 19:31:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2009.07.14 10:47:43 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:47:43 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,321,024 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2007.10.02 17:03:19 | 000,515,328 | ---- | C] () -- C:\Windows\System32\drivers\USBGENE1.sys [2007.10.02 17:03:19 | 000,232,704 | ---- | C] () -- C:\Windows\System32\drivers\USBGENE0.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > |
|
03.04.2011, 14:48
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________
__________________ |
|
03.04.2011, 17:34
| #3 |
| | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Vielen Dank schonmal dass du dich gemeldet hast!
__________________Ich stelle dir mal alle zusätzlichen rein. Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6235
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
01.04.2011 17:37:12
mbam-log-2011-04-01 (17-37-12).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|G:\|)
Durchsuchte Objekte: 259178
Laufzeit: 46 Minute(n), 22 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 2
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 315
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
c:\Users\Vee\AppData\Local\icajahoz.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\Vee\AppData\Local\mtaup6nu.dll (Trojan.Hiloti.Gen) -> Delete on reboot.
Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{ff5f7390-22b6-c3fb-7617-e1e3b2c0e1f6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF5F7390-22B6-C3FB-7617-E1E3B2C0E1F6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FF5F7390-22B6-C3FB-7617-E1E3B2C0E1F6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF5F7390-22B6-C3FB-7617-E1E3B2C0E1F6} (Trojan.Agent) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lbowigivajiy (Trojan.Agent) -> Value: Lbowigivajiy -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Pcihox (Trojan.Hiloti.Gen) -> Value: Pcihox -> Delete on reboot.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\Users\Vee\AppData\Local\icajahoz.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\Vee\AppData\Local\mtaup6nu.dll (Trojan.Hiloti.Gen) -> Delete on reboot.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\miUmshxN.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\aZLAidQF.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\wFnDDRvR.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\SESIYeoh.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\CxRhjDHq.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\ZpbAbmFO.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\myMTJwcj.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\ObwcYsFh.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\cUJXhGsV.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\AcpyNkrV.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\lXbrSTHg.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\nblTIvRc.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\OjIatRAC.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\ouhMDNTE.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\KFBQpcfl.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\YgAtfyAo.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\IBZwjKSL.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\XHecUspq.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\UShUprFx.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\GoIXhyDT.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\jAaiRuAJ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\wAAMVkOY.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\GsiCdaAa.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\unShpBdi.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\NNVKocxJ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\rqpVElnW.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\wAHxacce.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\VKADTJsO.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\eeknCQcm.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\saVyEubA.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\MUYIgbqT.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\RTWnHKVv.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\HQdTZKYZ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\klTcjUuW.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\BjAEAbTA.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\uFgZYUdK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\KsTWdkBy.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\IsCBnDRf.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\eNjXYIyx.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\TxSLfILJ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\VvjvDoUY.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\tdmhoKta.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\MQXRTgqv.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\GaYpvhDb.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\HSZSedQC.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\acpvoJDF.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\kqfrGObG.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\SlHnIyLN.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\aMZsmBKY.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\dNMUenCJ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\eAvPTLKE.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\YndOFoQD.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\IpVrWKSg.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\ulVmwmvb.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\kRqkMlTE.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\gwNkBSxx.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\HwwXuGcR.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\iQtYjnDx.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\LFqDTYtd.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\MNJyofQC.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\OUfCdwNV.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\FyxbEDPV.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\nLQQMOto.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\mOhjTtDp.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\oiJadIHN.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\coFxxJKr.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\ourZqCCZ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\jWejgKvp.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\UBLRiZxC.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\wpcHykYw.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\nWyRBCse.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\bQPfNRho.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\siPnqSXl.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\XpGHhmPn.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\nWpbDEwf.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\YiKHWGhS.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\JGItfCkK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\upnofSGk.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\KPXKtwrQ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-1-2-74-5825112452-8188745007-071311758-7532\aXwSDQIr.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4F2C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz539B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz8406.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9212.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA345.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB03A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD043.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzE3BD.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzFC47.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzFF0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz2ACB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz6700.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5901.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz3F9C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz861E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz730F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB31C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9ED5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzDEF2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzCBF2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzAE6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF7C8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz38AF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz24E5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz6EF0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz51F2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB1DE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz7DB8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzDD56.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzAAB6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz8ED.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD6BA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz34B3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB56.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz65D5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz38A2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz92E3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz64E5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzBE8A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC0F3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzEA01.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF013.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz15B8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz23D4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz416E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4F9A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz6E9B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz7CA8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB7B0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA87D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzE366.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzE1F9.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF2C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz2810.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4020.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF45.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz6CFF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz3B2A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz99AF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz93EE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC8EE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzBFC3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF4B4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzECF0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz21E0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz1B35.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5491.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz6773.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz472A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz7FDA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz7A30.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzAB32.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA625.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD66C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD361.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA2D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC80.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz37E6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz3A0A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz664D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz99FD.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz1146.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9222.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC527.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzBF3F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF070.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzEC5C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9331.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz1832.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz1F61.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4989.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4494.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4A9A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz6FAE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz75E4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9E60.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA12D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzCAB3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzCC76.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF908.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzFA3E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz276D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz27C9.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz55E1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz814.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz8243.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz566C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzAFFC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz81C4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzDB06.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB048.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz2702.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz768.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5641.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz3292.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzE3AC.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5EF4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz3C8F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz8B46.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz67E8.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB670.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzE2F1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC0F9.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz19A0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzEEC2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz8957.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4601.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz1B43.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz787B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA3A5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz74D2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzCEDF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA2AA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzFA47.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzE1F0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz990.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD360.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz222.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz117D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz2D8A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz45BB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5C6C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz74FA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz88ED.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA449.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB54F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD78E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzE1C0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz39B4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD09.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz3852.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz68F3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz689A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9D31.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9856.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzCE92.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC4F7.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzFF19.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF459.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz2F80.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz1FC6.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5ECF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4F1D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz930D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz7D05.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC23D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA88C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzF2C4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD626.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz16F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz3205.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB8C5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5EB5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzE94B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz8A2D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz19B3.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzBBAD.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4A3A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzED5C.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz7FA0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz1CAB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzAF0E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4AF1.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz7668.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzDF95.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA20F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz102B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzCEBF.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz45D0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzFA48.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz750F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz2ACD.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA44E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5867.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz8536.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD4E5.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzB659.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz2EE9.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz390E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz6743.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5E67.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9309.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz8BD2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC026.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzEE4D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz200B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4BC2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz78B0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA495.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD8F2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz767.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz37CE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz651A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz9350.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC2BE.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzEF7D.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz1B53.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz4B2E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz7973.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA9DB.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD6AA.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz83A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz340F.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz5FF4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz955B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzC20B.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzEDA2.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz1949.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz44E0.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trz742E.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzA4E4.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzD08A.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
g:\RECYCLER\s-2-4-11-6122122767-4302404450-452443232-6576\trzFE92.tmp (Virus.Ramnit) -> Quarantined and deleted successfully.
|
|
03.04.2011, 17:46
| #4 |
| | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Oh wollte die Datei eigentlich auf dieser seite uppen aber war leider zu groß. Hab sie nun bei File-Upload.net geuppt. Hier der Link: hxxp://www.file-upload.net/download-3333444/mbam-log-2011-04-02--16-22-19-.txt.html |
|
03.04.2011, 17:54
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner?Zitat:
 Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.04.01 20:17:42 | 000,000,003 | RHS- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{73c75133-f5c8-11db-b1db-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{73c75133-f5c8-11db-b1db-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CD_Start.exe
O33 - MountPoints2\{d6a8ea25-2318-11e0-9210-001060d10d32}\Shell - "" = AutoRun
O33 - MountPoints2\{d6a8ea25-2318-11e0-9210-001060d10d32}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{fa392afb-cd4b-11df-af83-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fa392afb-cd4b-11df-af83-806e6f6e6963}\Shell\AutoRun\command - "" = H:\Autorun.exe
[2011.03.31 19:46:33 | 000,000,000 | ---D | C] -- C:\Users\Vee\AppData\Local\{2097BC94-5230-4225-A608-435736D47FAB}
[2011.04.01 14:57:25 | 000,000,120 | ---- | C] () -- C:\Users\Vee\AppData\Local\Idujetac.dat
[2011.04.01 14:57:25 | 000,000,000 | ---- | C] () -- C:\Users\Vee\AppData\Local\Mfasuzup.bin
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:CB0AACC9
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.04.2011, 20:46
| #6 |
| | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Hab grade den Fix ausgeführt, aber dann nach dem Neustart kam sofort ein bluescreen und ich konnte die Logfile von OTL nicht speichern. Da mein avp mir aber immernoch sagt das ich den Recycler Trojaner habe, habe ich den fix nochmal ausgeführt und hier hab ich die Logfile: Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
G:\autorun.inf moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{73c75133-f5c8-11db-b1db-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73c75133-f5c8-11db-b1db-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{73c75133-f5c8-11db-b1db-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73c75133-f5c8-11db-b1db-806e6f6e6963}\ not found.
File E:\CD_Start.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d6a8ea25-2318-11e0-9210-001060d10d32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d6a8ea25-2318-11e0-9210-001060d10d32}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d6a8ea25-2318-11e0-9210-001060d10d32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d6a8ea25-2318-11e0-9210-001060d10d32}\ not found.
File I:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa392afb-cd4b-11df-af83-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa392afb-cd4b-11df-af83-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa392afb-cd4b-11df-af83-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa392afb-cd4b-11df-af83-806e6f6e6963}\ not found.
File H:\Autorun.exe not found.
Folder C:\Users\Vee\AppData\Local\{2097BC94-5230-4225-A608-435736D47FAB}\ not found.
File C:\Users\Vee\AppData\Local\Idujetac.dat not found.
File C:\Users\Vee\AppData\Local\Mfasuzup.bin not found.
Unable to delete ADS C:\ProgramData\TEMP:CB0AACC9 .
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Vee
->Temp folder emptied: 2393 bytes
->Temporary Internet Files folder emptied: 1797675 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 623 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 2,00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 04032011_213433
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
|
|
04.04.2011, 09:11
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Warum hast du nun den Avenger da?? Was hast du mit dem bereits angestellt?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.04.2011, 12:58
| #8 |
| | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Bevor ich auf dieser Seite war, hab ich mir aus nem anderen Forum einen Fall rausgesucht der meinem eigentlich gleich kam.. Hab das Programm glaube ich einmal durchlaufen lassen -.- jetzt, da ich die Hinweise auf dieser Seite gelesen habe, weiß ich auch dass das falsch war! War das ein tödlicher Fehler? |
|
04.04.2011, 13:08
| #9 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner?Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.04.2011, 13:28
| #10 |
| | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Oh also nen Script habe ich auf jedenfall nicht benutzt. Wenn man den avenger nur mit nem Script benutzen kann hab ich auch nichts damit gemacht! Da hat auch nur einer geschrieben das man sich das laden sollte. |
|
04.04.2011, 13:52
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Von allein macht der Avenger aber nichts. Was genau hast du also nun gemacht mit dem Avenger?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.04.2011, 14:18
| #12 |
| | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Dann hab ich ihn auch nur zur Deko geladen. Dachte das wäre ein Programm zum Viren suchen und löschen.. |
|
04.04.2011, 15:02
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.04.2011, 16:25
| #14 |
| | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Ich kann Combofix nicht ausführen, weil ich die ersten Sekunden beim Starten des Programmes einen bluescreen bekomme. Hab's mehrmals versucht und mich auch exakt an die Anweisungen gehalten. Woran kann das liegen? |
|
04.04.2011, 19:22
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? Starte Windows neu, lade CF als cofi neu runter (alte cofi vorher löschen) und probier es nochmal.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Trojaner Recycler und Malware auf dem USB-Stick und dem Rechner? |
| 7-zip, adobe, alternate, antivirus, avast, avast!, bho, bonjour, conduit, defender, error, explorer, firefox, flash player, format, iexplore.exe, install.exe, jdownloader, langs, location, logfile, malware, mozilla, mp3, nvlddmkm.sys, object, oldtimer, otl.exe, photoshop, plug-in, programm, registry, rundll, safer networking, saver, scan, searchplugins, security, shell32.dll, shortcut, software, sptd.sys, start menu, super, taskhost.exe, trojaner, virus.ramnit, webcheck |
Linear-Darstellung
