| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Kazy/mekl.1 habe ich auch :(Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
22.04.2011, 22:09
| #1 |
| |  TR/Kazy/mekl.1 habe ich auch :( hallo ich habe auch diesen virus. habe bisher anti malware durchgeführt und auch infizierte sachen löschen lassen. nun ist aber noch immer die becks werbung ohne bild und manchmal öffnet sich ein fenster wo sowas steht wie skript fehler auf dieser seite und irgendwas von gossip und katy perry im bikini hilfe =( achso und hier die otl dinger achja und meine ordner sind auch alle wegOTL Logfile: Code:
ATTFilter OTL logfile created on: 22.04.2011 22:34:14 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Lene\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.015,00 Mb Total Physical Memory | 227,00 Mb Available Physical Memory | 22,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 47,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 139,15 Gb Total Space | 68,25 Gb Free Space | 49,05% Space Free | Partition Type: NTFS Drive D: | 9,90 Gb Total Space | 1,35 Gb Free Space | 13,68% Space Free | Partition Type: NTFS Computer Name: LENE-PC | User Name: Lene | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Lene\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Verbindungsassistent\WTGService.exe () PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - c:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE (Symantec Corporation) PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\System32\schtasks.exe (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Windows\PixArt\i-Look110\Monitor.exe (PixArt Imaging Incorporation) PRC - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation) PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) PRC - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro) PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated) ========== Modules (SafeList) ========== MOD - C:\Users\Lene\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (WTGService) -- C:\Program Files\Verbindungsassistent\WTGService.exe () SRV - (LiveUpdate Notice) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (CLTNetCnService) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccSetMgr) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccEvtMgr) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe () SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (Automatic LiveUpdate Scheduler) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation) SRV - (LiveUpdate) -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation) SRV - (comHost) -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation) ========== Driver Services (SafeList) ========== DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation) DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation) DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation) DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation) DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation) DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation) DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation) DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation) DRV - (SYMNDISV) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation) DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (SYMFW) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation) DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SYMDNS) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (COH_Mon) -- C:\Windows\System32\drivers\COH_Mon.sys (Symantec Corporation) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080807.005\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080807.005\NAVENG.SYS (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20080806.001\IDSvix86.sys (Symantec Corporation) DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.) DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation) DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation) DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation) DRV - (XG762_VS) -- C:\Windows\System32\drivers\WlanGZG.sys (Atheros Communications, Inc.) DRV - (CO_Mon) -- C:\Windows\System32\drivers\CO_Mon.sys (Symantec Corporation) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = NetCologne - Telefon, Internet, TV und Mobilfunk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = NetCologne - Telefon, Internet, TV und Mobilfunk IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official" FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.06.22 13:55:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 23:31:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 23:31:43 | 000,000,000 | ---D | M] [2009.05.14 09:14:43 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Lene\AppData\Roaming\mozilla\Extensions [2011.04.22 09:49:46 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Lene\AppData\Roaming\mozilla\Firefox\Profiles\aoqdy8v3.default\extensions [2010.07.27 10:04:14 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lene\AppData\Roaming\mozilla\Firefox\Profiles\aoqdy8v3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.07.27 10:04:14 | 000,000,000 | -H-D | M] (Zynga Toolbar) -- C:\Users\Lene\AppData\Roaming\mozilla\Firefox\Profiles\aoqdy8v3.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} [2011.04.05 19:34:38 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Lene\AppData\Roaming\mozilla\Firefox\Profiles\aoqdy8v3.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.06.07 11:46:20 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Lene\AppData\Roaming\mozilla\Firefox\Profiles\aoqdy8v3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.12.05 11:55:09 | 000,000,000 | -H-D | M] (Adblock Plus) -- C:\Users\Lene\AppData\Roaming\mozilla\Firefox\Profiles\aoqdy8v3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.06.07 13:04:10 | 000,000,000 | -H-D | M] (DVDVideoSoft Toolbar) -- C:\Users\Lene\AppData\Roaming\mozilla\Firefox\Profiles\aoqdy8v3.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} [2011.04.19 21:21:09 | 000,001,056 | -H-- | M] () -- C:\Users\Lene\AppData\Roaming\Mozilla\Firefox\Profiles\aoqdy8v3.default\searchplugins\icqplugin.xml [2010.08.13 08:32:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2008.07.21 15:28:33 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.04.17 20:07:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.13 08:32:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2009.05.14 09:14:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\inspector@mozilla.org [2009.08.31 12:40:32 | 000,000,000 | ---D | M] (DVDVideoSoft YouTube Download Firefox Integration) -- C:\PROGRAM FILES\COMMON FILES\DVDVIDEOSOFT\DLL\FFCONTEXTMENUY [2007.08.24 15:52:00 | 000,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll [2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010.09.24 20:33:48 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.24 20:33:48 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.24 20:33:48 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.24 20:33:48 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.24 20:33:49 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.) O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HP Health Check Scheduler] File not found O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro) O4 - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\i-Look110\Monitor.exe (PixArt Imaging Incorporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Lene\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Lene\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Lene\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.12.13 13:48:05 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0f81e0ef-1ed3-11de-861d-a0945134298f}\Shell\AutoRun\command - "" = hkn6k.bat O33 - MountPoints2\{0f81e0ef-1ed3-11de-861d-a0945134298f}\Shell\open\Command - "" = hkn6k.bat O33 - MountPoints2\{33ff940b-c676-11df-850e-f16763714fbb}\Shell - "" = AutoRun O33 - MountPoints2\{33ff940b-c676-11df-850e-f16763714fbb}\Shell\AutoRun\command - "" = J:\AutoRun.exe O33 - MountPoints2\{33ff9420-c676-11df-850e-9c48f85e7cbd}\Shell - "" = AutoRun O33 - MountPoints2\{33ff9420-c676-11df-850e-9c48f85e7cbd}\Shell\AutoRun\command - "" = K:\AutoRun.exe O33 - MountPoints2\{abc34634-e4db-11df-810b-ceb366556db8}\Shell - "" = AutoRun O33 - MountPoints2\{abc34634-e4db-11df-810b-ceb366556db8}\Shell\AutoRun\command - "" = K:\Startme.exe O33 - MountPoints2\{e6958455-c86e-11df-8ba9-d07edb2173b0}\Shell - "" = AutoRun O33 - MountPoints2\{e6958455-c86e-11df-8ba9-d07edb2173b0}\Shell\AutoRun\command - "" = K:\AutoRun.exe O33 - MountPoints2\{e6958456-c86e-11df-8ba9-d07edb2173b0}\Shell - "" = AutoRun O33 - MountPoints2\{e6958456-c86e-11df-8ba9-d07edb2173b0}\Shell\AutoRun\command - "" = K:\AutoRun.exe O33 - MountPoints2\{e7611d92-cc60-11df-a278-d53d1430b522}\Shell - "" = AutoRun O33 - MountPoints2\{e7611d92-cc60-11df-a278-d53d1430b522}\Shell\AutoRun\command - "" = J:\AutoRun.exe O33 - MountPoints2\{e7611d94-cc60-11df-a278-d53d1430b522}\Shell - "" = AutoRun O33 - MountPoints2\{e7611d94-cc60-11df-a278-d53d1430b522}\Shell\AutoRun\command - "" = J:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.22 17:44:38 | 000,000,000 | -H-D | C] -- C:\Users\Lene\AppData\Roaming\Malwarebytes [2011.04.22 17:44:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.22 17:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.22 17:44:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes [2011.04.22 17:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.04.20 13:01:01 | 000,000,000 | -H-D | C] -- C:\Users\Lene\Desktop\april [2011.04.12 20:04:47 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.12 20:04:47 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.04.12 20:04:42 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.04.12 20:04:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.04.12 20:04:18 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.12 20:04:07 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.04.12 20:04:06 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.12 20:04:05 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.12 20:04:05 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.12 20:04:05 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2011.04.12 20:04:04 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.04.12 20:03:58 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.04.12 20:03:53 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.12 20:03:52 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.05 19:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4 [2011.04.05 19:33:18 | 000,000,000 | -H-D | C] -- C:\Program Files\ICQ7.4 [2011.03.25 15:45:20 | 000,000,000 | RH-D | C] -- C:\Users\Lene\Contacts [2010.10.31 13:25:26 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpeA959.dll ========== Files - Modified Within 30 Days ========== [2011.04.22 22:21:34 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.22 22:21:34 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.22 22:21:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.22 22:21:18 | 1064,689,664 | -HS- | M] () -- C:\hiberfil.sys [2011.04.22 18:30:17 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~39313160 [2011.04.22 18:30:12 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~39313160r [2011.04.22 18:19:28 | 000,000,336 | -H-- | M] () -- C:\ProgramData\39313160 [2011.04.22 17:44:07 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.22 16:58:38 | 000,000,176 | -H-- | M] () -- C:\ProgramData\~38788872 [2011.04.22 16:58:37 | 000,000,152 | -H-- | M] () -- C:\ProgramData\~38788872r [2011.04.22 16:42:56 | 000,000,336 | -H-- | M] () -- C:\ProgramData\38788872 [2011.04.18 20:00:11 | 000,000,580 | -H-- | M] () -- C:\Windows\tasks\Norton Internet Security - Systemprüfung ausführen - Lene.job [2011.04.15 09:48:12 | 000,310,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.07 14:20:39 | 000,628,210 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.07 14:20:39 | 000,595,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.07 14:20:39 | 000,126,850 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.07 14:20:39 | 000,104,742 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.05 19:35:57 | 000,001,589 | -H-- | M] () -- C:\Users\Lene\Desktop\ICQ7.4.lnk [2011.03.24 23:38:21 | 000,089,868 | -H-- | M] () -- C:\Users\Lene\Desktop\UPDATE_ABRISS_WE_PERSOPLAN.pdf ========== Files Created - No Company Name ========== [2011.04.22 18:30:12 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~39313160r [2011.04.22 18:30:11 | 000,000,120 | -H-- | C] () -- C:\ProgramData\~39313160 [2011.04.22 18:19:28 | 000,000,336 | -H-- | C] () -- C:\ProgramData\39313160 [2011.04.22 17:44:07 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.22 16:58:37 | 000,000,152 | -H-- | C] () -- C:\ProgramData\~38788872r [2011.04.22 16:58:36 | 000,000,176 | -H-- | C] () -- C:\ProgramData\~38788872 [2011.04.22 16:42:56 | 000,000,336 | -H-- | C] () -- C:\ProgramData\38788872 [2011.04.05 19:35:57 | 000,001,589 | -H-- | C] () -- C:\Users\Lene\Desktop\ICQ7.4.lnk [2011.03.24 23:38:21 | 000,089,868 | -H-- | C] () -- C:\Users\Lene\Desktop\UPDATE_ABRISS_WE_PERSOPLAN.pdf [2010.03.27 22:12:00 | 000,000,407 | ---- | C] () -- C:\Windows\System32\Remover.ini [2010.03.27 22:11:54 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP207.ini [2009.09.11 21:53:41 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.09.11 21:53:40 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.09.11 21:52:27 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008.07.27 21:23:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008.06.10 16:17:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2008.06.08 13:46:46 | 000,000,092 | -H-- | C] () -- C:\Users\Lene\AppData\Local\fusioncache.dat [2008.05.28 20:04:39 | 000,001,047 | ---- | C] () -- C:\Windows\eReg.dat [2008.05.27 19:27:03 | 000,002,478 | -H-- | C] () -- C:\Users\Lene\AppData\Roaming\wklnhst.dat [2008.05.27 09:08:58 | 000,069,632 | -H-- | C] () -- C:\Users\Lene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.12.13 21:24:52 | 000,628,210 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2007.12.13 21:24:52 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2007.12.13 21:24:52 | 000,126,850 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2007.12.13 21:24:52 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.12.13 13:38:00 | 000,111,448 | ---- | C] () -- C:\Windows\hpqins13.dat [2007.12.13 13:33:17 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1332.dll [2007.12.13 13:24:37 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe [2007.12.13 13:22:18 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll [2007.12.13 13:22:18 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,310,608 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,595,308 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,104,742 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:25:21 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat < End of report > undOTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.04.2011 22:34:14 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Lene\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.015,00 Mb Total Physical Memory | 227,00 Mb Available Physical Memory | 22,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 47,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,15 Gb Total Space | 68,25 Gb Free Space | 49,05% Space Free | Partition Type: NTFS
Drive D: | 9,90 Gb Total Space | 1,35 Gb Free Space | 13,68% Space Free | Partition Type: NTFS
Computer Name: LENE-PC | User Name: Lene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B8C5FFE-F3CF-4074-93DA-75E1630A5B12}" = rport=138 | protocol=17 | dir=out | app=system |
"{183B0686-4FB0-44E7-8F6B-DEE0E2903100}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1F533D64-4476-4210-8CCC-EDDABCFE3B53}" = rport=139 | protocol=6 | dir=out | app=system |
"{43239F82-D5A9-4BD1-8C60-59234D422794}" = lport=445 | protocol=6 | dir=in | app=system |
"{57AF8CA8-8242-48FC-AA7A-1F3C046CE9FB}" = lport=137 | protocol=17 | dir=in | app=system |
"{5D5727FD-3575-4B46-B665-EE8E1C83626C}" = lport=138 | protocol=17 | dir=in | app=system |
"{5DBE7EEC-835B-4128-B235-65470B3E6307}" = lport=139 | protocol=6 | dir=in | app=system |
"{63BB69F3-3BB0-4781-8B25-158B671E3F63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{84BBA7B9-1197-4165-B347-A954673B7452}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9D294946-9551-4E84-BF25-985F923C08F9}" = rport=445 | protocol=6 | dir=out | app=system |
"{AF60BC7F-BA8E-44E0-AC10-3A139AD4058A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EB60ED35-8676-43CB-9B71-30F5EF51EAF7}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041AB210-C1BB-4FF5-9B89-CFC4B96F3583}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{0A551024-537F-40BC-BDC0-57F218E03362}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{118E6726-D390-4C4D-9149-0C21A50CC05A}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{36987DA7-8BB4-4575-8213-CB6A211289F3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{39E68D6D-2B2B-40DD-B583-6D067B55DD0B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4789D287-6682-4A18-8F61-34838A559D87}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{61F9F752-CE2B-4D60-A242-3C7EA1B01B48}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7221050F-0724-4B4B-BD3F-04A6A35B2FCE}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{7B442045-F120-4A3D-97D9-6E540B11B385}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{7CC75543-7956-4090-BB44-6CAC0ABEC1FE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7D6143D2-15DE-4D98-BEF4-C42CBB44A765}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9599B524-DE9C-44B8-A8B0-199427CC094C}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{AD7B175D-377F-4F59-83D1-23986F05AD01}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AEEA11A6-E079-45F5-A1E3-A5C187DB900A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B3BB6305-D1AF-4205-B5EE-79D6B2F454DA}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{CA362372-A9F2-4B88-A752-92C47C51F036}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{D93889FC-9E66-454A-A631-75FEDB0EABF9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E551A30D-1F22-4791-B41D-C23890EA5E1F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E8A1E347-A49E-46F2-BE8C-F8273E0A8432}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{F8E95E52-8DCC-4C59-A2F1-F68A5878AC75}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{59FF42FD-824E-4E0A-B28C-9EF833DF280F}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{C38C50B7-4CCE-4416-A5F6-F7658AB32C68}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{F03FF194-19CC-4BAE-B81C-0B07704A9574}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{FE511DBE-3C36-4F1A-85B2-F0ED28FA9BD8}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{FEB5045A-8C60-4AA1-BC97-32C80A6CC68F}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{FF7E985C-E9C4-4F97-B5BC-E55C65FD3771}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{1335F217-9DBB-4CE6-A9BB-6D5686F9E8CD}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{14D057FD-09FC-4ADB-B4B8-78E8E7EA78BE}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{16EDF499-8162-4FEA-92EC-1BB39250D09E}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{1949F08F-02A4-45BE-A142-651ED1D4E2A7}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{1DD16DB3-014C-4E11-9898-2F9F96B44583}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F3292B5-E0AB-4ADA-B897-4F22E91A7205}" = Symantec Real Time Storage Protection Component
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{99F351B0-E2CD-43E2-935F-256F1CF1348B}" = i-Look 110
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9F70BF98-003C-491D-81FC-FF9792206AF0}" = iTunes
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFAD41A9-9687-48A3-848F-693C11451433}" = HP Customer Experience Enhancements
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan
"{DC2EF6FF-5A4C-444B-8E30-B7E6160AC676}" = SymNet
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E6CFBFB5-9232-410C-B353-AF6E614B2681}" = LightScribe System Software 1.10.16.1
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{E8C2622C-9FF1-4F60-8008-A0208154F9F3}" = muvee autoProducer 6.1
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.50.52
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1B1BB41-2494-4FC2-BEF7-9C282B6815A8}" = Image Resizer Powertoy Clone for Windows
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AliceHilfe 1.0.0.1" = AliceHilfe
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"ElsterFormular für Privatanwender 12.1.1.6214p" = ElsterFormular für Privatanwender
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007-Testversion
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"ICQToolbar" = ICQ Toolbar
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan (Symantec Corporation)
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnose Tools
"PokerStars.net" = PokerStars.net
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"RealPlayer 6.0" = RealPlayer
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"Uninstall_is1" = Uninstall 1.0.0.1
"Verbindungsassistent" = Verbindungsassistent
"VLC media player" = VLC media player 1.1.4
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.10.2009 13:27:12 | Computer Name = Lene-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ICQ.exe, Version 6.5.0.1042, Zeitstempel 0x49aa6a1d,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0x002f002f, Prozess-ID 0x33c, Anwendungsstartzeit 01ca50b3cb926489.
Error - 19.10.2009 14:45:02 | Computer Name = Lene-PC | Source = Perflib | ID = 1010
Description =
Error - 19.10.2009 14:45:04 | Computer Name = Lene-PC | Source = Perflib | ID = 1008
Description =
Error - 19.10.2009 14:45:04 | Computer Name = Lene-PC | Source = Perflib | ID = 1005
Description =
Error - 19.10.2009 14:45:04 | Computer Name = Lene-PC | Source = Perflib | ID = 1017
Description =
Error - 20.10.2009 02:31:51 | Computer Name = Lene-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 27.10.2009 11:31:05 | Computer Name = Lene-PC | Source = Perflib | ID = 1010
Description =
Error - 27.10.2009 11:31:06 | Computer Name = Lene-PC | Source = Perflib | ID = 1008
Description =
Error - 01.11.2009 16:41:39 | Computer Name = Lene-PC | Source = Perflib | ID = 1010
Description =
Error - 01.11.2009 16:41:40 | Computer Name = Lene-PC | Source = Perflib | ID = 1008
Description =
[ System Events ]
Error - 22.04.2011 11:27:31 | Computer Name = Lene-PC | Source = DCOM | ID = 10010
Description =
Error - 22.04.2011 11:28:01 | Computer Name = Lene-PC | Source = DCOM | ID = 10010
Description =
Error - 22.04.2011 11:38:31 | Computer Name = Lene-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 22.04.2011 11:51:01 | Computer Name = Lene-PC | Source = DCOM | ID = 10010
Description =
Error - 22.04.2011 11:51:31 | Computer Name = Lene-PC | Source = DCOM | ID = 10010
Description =
Error - 22.04.2011 12:04:40 | Computer Name = Lene-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 22.04.2011 12:17:15 | Computer Name = Lene-PC | Source = DCOM | ID = 10010
Description =
Error - 22.04.2011 12:30:32 | Computer Name = Lene-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 22.04.2011 12:59:15 | Computer Name = Lene-PC | Source = DCOM | ID = 10010
Description =
Error - 22.04.2011 15:38:47 | Computer Name = Lene-PC | Source = DCOM | ID = 10010
Description =
< End of report >
Code:
ATTFilter
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.0.6002]
C:
C:\hiberfil.sys ---------
C:\pagefile.sys ---------
22.04.2011 23:35 C:\_OTL --------- 0
22.04.2011 22:49 C:\Windows --------- 24576
22.04.2011 22:49 C:\System Volume Information --------- 24576
22.04.2011 18:58 C:\ProgramData --------- 12288
22.04.2011 17:43 C:\Program Files --------- 24576
17.03.2011 15:24 C:\DVDVideoSoft --------- 0
03.02.2011 11:43 C:\FINIS_IT.TXT --------- 125
03.02.2011 11:34 C:\hp --------- 4096
02.08.2010 20:24 C:\PA207.DAT --------- 921632
19.01.2010 00:23 C:\Boot --------- 4096
18.06.2009 11:11 C:\InstallHelper.log --------- 1176
16.06.2009 23:09 C:\$AVG8.VAULT$ --------- 0
07.06.2009 19:08 C:\Programs --------- 0
11.04.2009 08:36 C:\bootmgr --------- 333257
03.03.2009 20:51 C:\Temp --------- 0
14.01.2009 23:13 C:\MSOCache --------- 0
20.10.2008 18:25 C:\updatedatfix.log --------- 594
14.10.2008 00:20 C:\PerfLogs --------- 0
26.08.2008 07:38 C:\Users --------- 4096
16.08.2008 04:13 C:\IO.SYS --------- 0
16.08.2008 04:13 C:\MSDOS.SYS --------- 0
18.06.2008 22:04 C:\RHDSetup.log --------- 477
26.05.2008 21:53 C:\$Recycle.Bin --------- 0
26.05.2008 21:44 C:\Programme --------- 0
26.05.2008 21:44 C:\Dokumente und Einstellungen --------- 0
13.12.2007 21:25 C:\BOOTSECT.BAK --------- 8192
13.12.2007 13:48 C:\autoexec.bat --------- 74
13.12.2007 13:33 C:\Intel --------- 0
02.11.2006 15:02 C:\Documents and Settings --------- 0
18.09.2006 23:43 C:\config.sys --------- 10
----------------------------------------
C:\Windows
22.04.2011 23:42 C:\Windows\bootstat.dat --------- 67584
22.04.2011 23:41 C:\Windows\PFRO.log --------- 818
22.04.2011 23:52 C:\Windows\WindowsUpdate.log --------- 186383
22.04.2011 22:58 C:\Windows\IE9_main.log --------- 4513
11.04.2009 08:27 C:\Windows\explorer.exe --------- 2926592
14.10.2008 19:41 C:\Windows\WindowsShell.Manifest --------- 749
18.06.2008 22:02 C:\Windows\DIFxAPI.dll --------- 319456
16.06.2008 16:14 C:\Windows\eReg.dat --------- 1047
10.06.2008 16:17 C:\Windows\nsreg.dat --------- 0
08.06.2008 13:11 C:\Windows\QTFont.for --------- 1409
08.06.2008 13:11 C:\Windows\QTFont.qfn --------- 54156
19.01.2008 09:33 C:\Windows\regedit.exe --------- 134656
19.01.2008 09:33 C:\Windows\notepad.exe --------- 151040
19.01.2008 09:33 C:\Windows\HelpPane.exe --------- 498176
19.01.2008 09:33 C:\Windows\fveupdate.exe --------- 13312
19.01.2008 09:33 C:\Windows\bfsvc.exe --------- 58880
15.01.2008 11:26 C:\Windows\RtHDVCpl.exe --------- 4874240
08.01.2008 13:10 C:\Windows\RTKAUDIOSERVICE.EXE --------- 98304
13.12.2007 13:38 C:\Windows\hpqins13.dat --------- 111448
13.12.2007 13:34 C:\Windows\HideWin.exe --------- 315392
13.12.2007 13:21 C:\Windows\csup.txt --------- 12
14.11.2007 15:18 C:\Windows\USetup.iss --------- 553
07.11.2007 17:31 C:\Windows\RtlUpd.exe --------- 1191936
26.07.2007 19:09 C:\Windows\RtlExUpd.dll --------- 520192
21.02.2007 16:32 C:\Windows\suecmdial.dll --------- 17264
02.11.2006 15:04 C:\Windows\win.ini --------- 144
02.11.2006 14:35 C:\Windows\WMSysPr9.prx --------- 316640
02.11.2006 14:34 C:\Windows\twunk_16.exe --------- 49680
02.11.2006 14:34 C:\Windows\twain_32.dll --------- 50688
02.11.2006 14:34 C:\Windows\twunk_32.exe --------- 31232
02.11.2006 14:34 C:\Windows\twain.dll --------- 94784
02.11.2006 11:45 C:\Windows\winhlp32.exe --------- 9216
02.11.2006 11:45 C:\Windows\hh.exe --------- 14848
02.11.2006 09:46 C:\Windows\mib.bin --------- 43131
19.09.2006 13:41 C:\Windows\HomePremium.xml --------- 8328
18.09.2006 23:46 C:\Windows\system.ini --------- 219
18.09.2006 23:43 C:\Windows\_default.pif --------- 707
18.09.2006 23:43 C:\Windows\winhelp.exe --------- 256192
18.09.2006 23:30 C:\Windows\msdfmap.ini --------- 1405
----------------------------------------
C:\Windows\System
26.05.2008 21:52 C:\Windows\System\hpsysdrv.dat --------- 44
02.11.2006 14:34 C:\Windows\System\mciseq.drv --------- 25264
02.11.2006 14:34 C:\Windows\System\mciwave.drv --------- 28160
02.11.2006 14:34 C:\Windows\System\avicap.dll --------- 69584
02.11.2006 14:34 C:\Windows\System\avifile.dll --------- 109456
02.11.2006 14:34 C:\Windows\System\mciavi.drv --------- 73376
02.11.2006 14:34 C:\Windows\System\msvideo.dll --------- 126912
02.11.2006 09:10 C:\Windows\System\OLESVR.DLL --------- 24064
02.11.2006 09:10 C:\Windows\System\WFWNET.DRV --------- 12704
02.11.2006 09:10 C:\Windows\System\COMMDLG.DLL --------- 32816
02.11.2006 09:10 C:\Windows\System\TIMER.DRV --------- 4048
02.11.2006 09:10 C:\Windows\System\MMSYSTEM.DLL --------- 68992
02.11.2006 09:10 C:\Windows\System\mmtask.tsk --------- 1152
02.11.2006 09:10 C:\Windows\System\mouse.drv --------- 2032
02.11.2006 09:10 C:\Windows\System\vga.drv --------- 2176
02.11.2006 09:10 C:\Windows\System\sound.drv --------- 1744
02.11.2006 09:10 C:\Windows\System\keyboard.drv --------- 2000
02.11.2006 09:10 C:\Windows\System\SHELL.DLL --------- 5120
02.11.2006 09:10 C:\Windows\System\system.drv --------- 3360
18.09.2006 23:43 C:\Windows\System\ver.dll --------- 9008
18.09.2006 23:43 C:\Windows\System\olecli.dll --------- 82944
18.09.2006 23:43 C:\Windows\System\lzexpand.dll --------- 9936
18.09.2006 23:35 C:\Windows\System\stdole.tlb --------- 5532
----------------------------------------
C:\Windows\System32
22.04.2011 23:49 C:\Windows\system32\perfh009.dat --------- 595308
22.04.2011 23:49 C:\Windows\system32\perfc009.dat --------- 104742
22.04.2011 23:49 C:\Windows\system32\perfh007.dat --------- 628210
22.04.2011 23:49 C:\Windows\system32\perfc007.dat --------- 126850
22.04.2011 23:49 C:\Windows\system32\PerfStringBackup.INI --------- 1445786
22.04.2011 23:43 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3568
22.04.2011 23:43 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3568
22.04.2011 23:40 C:\Windows\system32\catroot2 --------- 8192
22.04.2011 23:39 C:\Windows\system32\de-DE --------- 196608
22.04.2011 23:38 C:\Windows\system32\migration --------- 0
22.04.2011 23:38 C:\Windows\system32\wbem --------- 61440
22.04.2011 23:38 C:\Windows\system32\en-US --------- 258048
22.04.2011 23:38 C:\Windows\system32\drivers --------- 65536
22.04.2011 22:59 C:\Windows\system32\catroot --------- 0
22.04.2011 22:58 C:\Windows\system32\icrav03.rat --------- 8798
22.04.2011 22:58 C:\Windows\system32\ticrf.rat --------- 1988
22.04.2011 22:58 C:\Windows\system32\msls31.dll --------- 161792
22.04.2011 22:58 C:\Windows\system32\wininet.dll --------- 1126912
22.04.2011 22:58 C:\Windows\system32\jsproxy.dll --------- 65024
22.04.2011 22:58 C:\Windows\system32\iertutil.dll --------- 1785344
22.04.2011 22:58 C:\Windows\system32\msrating.dll --------- 162304
22.04.2011 22:58 C:\Windows\system32\urlmon.dll --------- 1102336
22.04.2011 22:58 C:\Windows\system32\RegisterIEPKEYs.exe --------- 74752
22.04.2011 22:58 C:\Windows\system32\SetIEInstalledDate.exe --------- 76800
22.04.2011 22:58 C:\Windows\system32\mshtmler.dll --------- 48640
22.04.2011 22:58 C:\Windows\system32\iesysprep.dll --------- 86528
22.04.2011 22:58 C:\Windows\system32\ieui.dll --------- 176640
22.04.2011 22:58 C:\Windows\system32\ieframe.dll --------- 9702400
22.04.2011 22:58 C:\Windows\system32\tdc.ocx --------- 63488
22.04.2011 22:58 C:\Windows\system32\html.iec --------- 367104
22.04.2011 22:58 C:\Windows\system32\dxtrans.dll --------- 223232
22.04.2011 22:58 C:\Windows\system32\dxtmsft.dll --------- 353792
22.04.2011 22:58 C:\Windows\system32\ieapfltr.dat --------- 3695416
22.04.2011 22:58 C:\Windows\system32\ieapfltr.dll --------- 434176
22.04.2011 22:58 C:\Windows\system32\icardie.dll --------- 66048
22.04.2011 22:58 C:\Windows\system32\ie4uinit.exe --------- 74240
22.04.2011 22:58 C:\Windows\system32\iernonce.dll --------- 31744
22.04.2011 22:58 C:\Windows\system32\ieuinit.inf --------- 72822
22.04.2011 22:58 C:\Windows\system32\iesetup.dll --------- 74752
22.04.2011 22:58 C:\Windows\system32\url.dll --------- 231936
22.04.2011 22:58 C:\Windows\system32\iedkcs32.dll --------- 353584
22.04.2011 22:58 C:\Windows\system32\inetcpl.cpl --------- 1427456
22.04.2011 22:58 C:\Windows\system32\webcheck.dll --------- 203776
22.04.2011 22:58 C:\Windows\system32\licmgr10.dll --------- 23552
22.04.2011 22:58 C:\Windows\system32\inseng.dll --------- 78848
22.04.2011 22:58 C:\Windows\system32\mshtmled.dll --------- 72704
22.04.2011 22:58 C:\Windows\system32\wextract.exe --------- 152064
22.04.2011 22:58 C:\Windows\system32\iexpress.exe --------- 150528
22.04.2011 22:58 C:\Windows\system32\msfeeds.dll --------- 580608
22.04.2011 22:58 C:\Windows\system32\vbscript.dll --------- 420864
22.04.2011 22:58 C:\Windows\system32\mshtml.dll --------- 12268544
22.04.2011 22:58 C:\Windows\system32\mshtml.tlb --------- 2382848
22.04.2011 22:58 C:\Windows\system32\ieUnatt.exe --------- 142848
22.04.2011 22:58 C:\Windows\system32\occache.dll --------- 123392
22.04.2011 22:58 C:\Windows\system32\pngfilt.dll --------- 54272
22.04.2011 22:58 C:\Windows\system32\mshta.exe --------- 11776
22.04.2011 22:58 C:\Windows\system32\admparse.dll --------- 101888
22.04.2011 22:58 C:\Windows\system32\ieaksie.dll --------- 227840
22.04.2011 22:58 C:\Windows\system32\ieakui.dll --------- 163840
22.04.2011 22:58 C:\Windows\system32\jscript9.dll --------- 1797632
22.04.2011 22:58 C:\Windows\system32\jscript.dll --------- 716800
22.04.2011 22:58 C:\Windows\system32\imgutil.dll --------- 35840
22.04.2011 22:58 C:\Windows\system32\advpack.dll --------- 114176
22.04.2011 22:58 C:\Windows\system32\iepeers.dll --------- 118784
22.04.2011 22:58 C:\Windows\system32\msfeedsbs.dll --------- 41472
22.04.2011 22:58 C:\Windows\system32\msfeedssync.exe --------- 10752
22.04.2011 22:58 C:\Windows\system32\IEAdvpack.dll --------- 110592
22.04.2011 22:58 C:\Windows\system32\ieakeng.dll --------- 130560
22.04.2011 22:56 C:\Windows\system32\MFH264Dec.dll --------- 979456
22.04.2011 22:56 C:\Windows\system32\MFHEAACdec.dll --------- 357376
22.04.2011 22:56 C:\Windows\system32\mfmp4src.dll --------- 302592
22.04.2011 22:56 C:\Windows\system32\mfreadwrite.dll --------- 261632
22.04.2011 22:56 C:\Windows\system32\mf.dll --------- 2873344
22.04.2011 22:56 C:\Windows\system32\mfps.dll --------- 98816
22.04.2011 22:56 C:\Windows\system32\mfplat.dll --------- 209920
22.04.2011 22:56 C:\Windows\system32\shdocvw.dll --------- 1075712
22.04.2011 22:56 C:\Windows\system32\stobject.dll --------- 586240
22.04.2011 22:56 C:\Windows\system32\XpsGdiConverter.dll --------- 288768
22.04.2011 22:56 C:\Windows\system32\XpsRasterService.dll --------- 135680
22.04.2011 22:56 C:\Windows\system32\d2d1.dll --------- 683008
22.04.2011 22:56 C:\Windows\system32\DWrite.dll --------- 1068544
22.04.2011 22:56 C:\Windows\system32\FntCache.dll --------- 797184
22.04.2011 22:56 C:\Windows\system32\d3d10level9.dll --------- 486400
22.04.2011 22:56 C:\Windows\system32\d3d10warp.dll --------- 1172480
22.04.2011 22:56 C:\Windows\system32\d3d10_1core.dll --------- 219648
22.04.2011 22:56 C:\Windows\system32\d3d10_1.dll --------- 160768
22.04.2011 22:56 C:\Windows\system32\d3d10core.dll --------- 189952
22.04.2011 22:56 C:\Windows\system32\d3d10.dll --------- 1029120
22.04.2011 22:56 C:\Windows\system32\dxgi.dll --------- 478720
22.04.2011 22:56 C:\Windows\system32\cdd.dll --------- 37376
22.04.2011 22:56 C:\Windows\system32\winspool.drv --------- 258048
22.04.2011 22:56 C:\Windows\system32\printfilterpipelineprxy.dll --------- 26112
22.04.2011 22:56 C:\Windows\system32\printfilterpipelinesvc.exe --------- 667648
22.04.2011 22:56 C:\Windows\system32\OpcServices.dll --------- 847360
22.04.2011 22:56 C:\Windows\system32\xpsservices.dll --------- 1554432
22.04.2011 22:56 C:\Windows\system32\XpsPrint.dll --------- 876032
22.04.2011 22:53 C:\Windows\system32\WMPhoto.dll --------- 369664
22.04.2011 22:53 C:\Windows\system32\dxdiagn.dll --------- 195584
22.04.2011 22:53 C:\Windows\system32\dxdiag.exe --------- 252928
22.04.2011 22:53 C:\Windows\system32\d3d11.dll --------- 519680
----------------------------------------
C:\Windows\Prefetch
----------------------------------------
C:\Windows\Tasks
22.04.2011 23:42 C:\Windows\Tasks\SA.DAT --------- 6
22.04.2011 23:40 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32514
18.04.2011 20:00 C:\Windows\Tasks\Norton Internet Security - Systemprfung ausfhren - Lene.job --------- 580
----------------------------------------
C:\Windows\Temp
----------------------------------------
C:\Users\Lene\AppData\Local\Temp
22.04.2011 23:56 C:\Users\Lene\AppData\Local\Temp\flaE25C.tmp --------- 1410307
22.04.2011 23:56 C:\Users\Lene\AppData\Local\Temp\flaD9E2.tmp --------- 1410307
22.04.2011 23:54 C:\Users\Lene\AppData\Local\Temp\Rar$DR03.234 --------- 0
22.04.2011 23:50 C:\Users\Lene\AppData\Local\Temp\jusched.log --------- 403
22.04.2011 23:46 C:\Users\Lene\AppData\Local\Temp\divBD74.tmp --------- 0
22.04.2011 23:45 C:\Users\Lene\AppData\Local\Temp\symlcsv1.exe --------- 58760
22.04.2011 23:45 C:\Users\Lene\AppData\Local\Temp\WPDNSE --------- 0
22.04.2011 23:44 C:\Users\Lene\AppData\Local\Temp\Lene.bmp --------- 31832
22.04.2011 23:44 C:\Users\Lene\AppData\Local\Temp\Low --------- 0
----------------------------------------
C:\Program Files
22.04.2011 23:39 C:\Program Files\Internet Explorer --------- 4096
22.04.2011 23:36 C:\Program Files\ICQ6Toolbar --------- 0
22.04.2011 17:44 C:\Program Files\Malwarebytes' Anti-Malware --------- 0
05.04.2011 19:36 C:\Program Files\ICQ7.4 --------- 0
05.04.2011 19:34 C:\Program Files\InstallShield Installation Information --------- 0
05.04.2011 19:34 C:\Program Files\ICQ6.5 --------- 0
24.03.2011 23:31 C:\Program Files\Mozilla Firefox --------- 40960
18.03.2011 14:05 C:\Program Files\Google --------- 0
18.03.2011 13:42 C:\Program Files\Philips --------- 0
18.03.2011 13:42 C:\Program Files\HP Games --------- 0
18.03.2011 13:03 C:\Program Files\Hewlett-Packard --------- 4096
14.03.2011 23:02 C:\Program Files\ElsterFormular --------- 0
07.03.2011 14:08 C:\Program Files\Common Files --------- 4096
28.01.2011 22:42 C:\Program Files\PokerStars.NET --------- 0
17.12.2010 22:07 C:\Program Files\Windows Mail --------- 0
10.12.2010 22:36 C:\Program Files\Skype --------- 0
31.10.2010 13:25 C:\Program Files\Sony Ericsson --------- 0
13.10.2010 21:52 C:\Program Files\Windows Media Player --------- 4096
30.09.2010 14:57 C:\Program Files\AliceHilfe --------- 0
29.09.2010 21:13 C:\Program Files\Verbindungsassistent --------- 12288
23.09.2010 12:43 C:\Program Files\DivX --------- 8192
23.09.2010 12:27 C:\Program Files\Free YouTube to Mp3 Converter --------- 0
13.08.2010 09:23 C:\Program Files\Movie Maker --------- 0
13.08.2010 08:32 C:\Program Files\Java --------- 4096
07.06.2010 11:45 C:\Program Files\DVDVideoSoft --------- 0
19.01.2010 00:14 C:\Program Files\Windows Calendar --------- 0
19.01.2010 00:14 C:\Program Files\Windows Sidebar --------- 4096
19.01.2010 00:14 C:\Program Files\Windows Collaboration --------- 0
19.01.2010 00:14 C:\Program Files\Windows Journal --------- 0
19.01.2010 00:14 C:\Program Files\Windows Photo Gallery --------- 0
19.01.2010 00:14 C:\Program Files\Windows Defender --------- 4096
11.01.2010 16:55 C:\Program Files\CCleaner --------- 0
15.12.2009 16:37 C:\Program Files\Opera --------- 4096
14.07.2009 18:35 C:\Program Files\ICQ6 --------- 0
18.06.2009 11:41 C:\Program Files\Avira --------- 0
18.06.2009 11:18 C:\Program Files\CyberLink --------- 0
18.06.2009 11:08 C:\Program Files\ICQLite --------- 0
18.05.2009 17:05 C:\Program Files\eBay --------- 0
14.05.2009 10:59 C:\Program Files\AVG --------- 0
26.04.2009 16:17 C:\Program Files\Brice Lambson --------- 0
26.03.2009 21:05 C:\Program Files\NetCologne --------- 0
22.03.2009 19:00 C:\Program Files\Norton Security Scan --------- 4096
19.01.2009 21:39 C:\Program Files\iWin --------- 0
14.01.2009 23:20 C:\Program Files\Microsoft Works --------- 28672
14.01.2009 23:20 C:\Program Files\Microsoft Office --------- 4096
14.01.2009 23:19 C:\Program Files\Microsoft.NET --------- 0
10.01.2009 22:30 C:\Program Files\Symantec --------- 0
09.11.2008 21:10 C:\Program Files\WinRAR --------- 4096
07.11.2008 21:37 C:\Program Files\Adobe --------- 4096
20.10.2008 18:25 C:\Program Files\HP --------- 4096
14.10.2008 19:41 C:\Program Files\desktop.ini --------- 174
26.08.2008 07:38 C:\Program Files\Disc2Phone --------- 20480
10.08.2008 16:41 C:\Program Files\Apple Software Update --------- 4096
22.06.2008 13:54 C:\Program Files\Real --------- 0
15.06.2008 18:01 C:\Program Files\Maxis --------- 0
10.06.2008 20:52 C:\Program Files\FlashFXP --------- 0
10.06.2008 15:49 C:\Program Files\Norton Internet Security --------- 12288
10.06.2008 12:36 C:\Program Files\iTunes --------- 4096
10.06.2008 12:35 C:\Program Files\iPod --------- 0
10.06.2008 12:34 C:\Program Files\Bonjour --------- 0
10.06.2008 12:33 C:\Program Files\QuickTime --------- 4096
09.06.2008 20:26 C:\Program Files\VideoLAN --------- 0
26.05.2008 21:44 C:\Program Files\Windows NT --------- 4096
26.05.2008 21:44 C:\Program Files\Gemeinsame Dateien --------- 0
13.12.2007 21:10 C:\Program Files\EasyBits --------- 0
13.12.2007 14:10 C:\Program Files\PC-Doctor 5 for Windows --------- 0
13.12.2007 14:00 C:\Program Files\Online-Dienste --------- 0
13.12.2007 13:47 C:\Program Files\muvee Technologies --------- 0
13.12.2007 13:34 C:\Program Files\Realtek --------- 0
02.11.2006 15:01 C:\Program Files\Uninstall Information --------- 0
02.11.2006 14:37 C:\Program Files\Microsoft Games --------- 0
02.11.2006 14:37 C:\Program Files\MSBuild --------- 0
02.11.2006 14:37 C:\Program Files\Reference Assemblies --------- 0
----------------------------------------
C:\ProgramData\..
Lene
Default
desktop.ini
Public
Default User
All Users
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 492 K
smss.exe 460 Services 0 148 K
csrss.exe 528 Services 0 1.308 K
wininit.exe 568 Services 0 204 K
csrss.exe 580 Console 1 6.036 K
services.exe 612 Services 0 2.000 K
lsass.exe 624 Services 0 1.868 K
lsm.exe 636 Services 0 1.132 K
winlogon.exe 708 Console 1 388 K
svchost.exe 832 Services 0 2.852 K
svchost.exe 912 Services 0 2.788 K
svchost.exe 948 Services 0 19.400 K
svchost.exe 1040 Services 0 5.168 K
svchost.exe 1064 Services 0 46.836 K
svchost.exe 1076 Services 0 47.060 K
audiodg.exe 1208 Services 0 16.888 K
SLsvc.exe 1248 Services 0 344 K
svchost.exe 1328 Services 0 4.440 K
svchost.exe 1472 Services 0 5.544 K
spoolsv.exe 1656 Services 0 1.272 K
CCSVCHST.EXE 1680 Services 0 6.408 K
sched.exe 1868 Services 0 532 K
svchost.exe 1904 Services 0 4.740 K
avguard.exe 1500 Services 0 13.964 K
AppleMobileDeviceService. 1848 Services 0 364 K
mDNSResponder.exe 200 Services 0 480 K
LSSrvc.exe 1492 Services 0 320 K
SupServ.exe 688 Services 0 404 K
svchost.exe 2112 Services 0 484 K
svchost.exe 2164 Services 0 668 K
svchost.exe 2200 Services 0 472 K
SearchIndexer.exe 2256 Services 0 14.496 K
WTGService.exe 2276 Services 0 352 K
WUDFHost.exe 2524 Services 0 588 K
taskeng.exe 3176 Services 0 996 K
SearchProtocolHost.exe 3240 Services 0 4.548 K
taskeng.exe 3520 Console 1 3.036 K
dwm.exe 3612 Console 1 30.680 K
explorer.exe 3624 Console 1 81.956 K
notepad.exe 2592 Console 1 3.492 K
svchost.exe 1336 Services 0 428 K
MSASCui.exe 2384 Console 1 2.720 K
hpsysdrv.exe 2636 Console 1 276 K
OSD.exe 2972 Console 1 460 K
hkcmd.exe 2628 Console 1 1.480 K
igfxpers.exe 2912 Console 1 1.456 K
RtHDVCpl.exe 3004 Console 1 1.332 K
AluSchedulerSvc.exe 3064 Services 0 1.164 K
apdproxy.exe 3536 Console 1 804 K
iTunesHelper.exe 3512 Console 1 2.460 K
realsched.exe 3588 Console 1 240 K
hpwuSchd2.exe 3108 Console 1 688 K
avgnt.exe 3468 Console 1 2.224 K
Monitor.exe 3452 Console 1 788 K
jusched.exe 3456 Console 1 844 K
DivXUpdate.exe 3720 Console 1 2.228 K
schtasks.exe 3320 Console 1 600 K
CCSVCHST.EXE 3824 Console 1 972 K
wmpnscfg.exe 728 Console 1 1.352 K
igfxsrvc.exe 3912 Console 1 2.004 K
sidebar.exe 1700 Console 1 2.120 K
ehtray.exe 1368 Console 1 1.164 K
wmpnetwk.exe 2376 Services 0 2.336 K
symlcsvc.exe 2456 Services 0 232 K
HPHC_Service.exe 940 Services 0 2.468 K
ehmsas.exe 4224 Console 1 1.236 K
conime.exe 4504 Console 1 1.608 K
iPodService.exe 4612 Services 0 1.744 K
firefox.exe 5036 Console 1 88.696 K
WinRAR.exe 4184 Console 1 13.412 K
cmd.exe 2632 Console 1 2.776 K
SearchFilterHost.exe 3284 Services 0 4.568 K
tasklist.exe 5088 Console 1 4.804 K
WmiPrvSE.exe 5012 Services 0 5.796 K
***** Ende des Scans 22.04.2011 um 23:56:21,32 ***
All processes killed ========== OTL ========== File C:\Dokumente und Einstellungen\Admin\Desktop\Windows Recovery.lnk not found. File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~17751860r not found. File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~17751860 not found. File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\17751860 not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ deleted successfully. C:\Programme\ICQ6Toolbar\ICQToolBar.dll moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Lene ->Temp folder emptied: 9526898 bytes ->Temporary Internet Files folder emptied: 46775670 bytes ->Java cache emptied: 38325278 bytes ->FireFox cache emptied: 43128046 bytes ->Google Chrome cache emptied: 0 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 3822305 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 668608 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 136,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 04222011_233557 Files\Folders moved on Reboot... File\Folder C:\Windows\temp\JET8880.tmp not found! Registry entries deleted on Reboot... Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 20.12.2008 10.0.12.36 Adobe Flash Player 10 Plugin Adobe Systems Incorporated 06.10.2010 10.1.85.3 Adobe Reader 8.1.2 - Deutsch Adobe Systems Incorporated 06.11.2008 99,8MB 8.1.2 Adobe Shockwave Player 11 Adobe Systems, Inc. 08.03.2009 7,18MB 11 Adobe® Photoshop® Album Starter Edition 3.0 Adobe Systems, Inc. 07.06.2008 17,9MB 3.00.000 AliceHilfe 29.09.2010 27,8MB 1.0.0.1 Apple Mobile Device Support Apple Inc. 09.06.2008 32,4MB 1.1.4.7 Apple Software Update Apple Inc. 09.08.2008 2,16MB 2.1.1.116 Avira AntiVir Personal - Free Antivirus Avira GmbH 17.06.2009 64,8MB Bonjour Apple Inc. 09.06.2008 0,47MB 1.0.104 CCleaner Piriform 10.01.2010 2,88MB 2.27 Compatibility Pack für 2007 Office System Microsoft Corporation 12.12.2007 56,2MB 12.0.4518.1014 CyberLink DVD Suite Deluxe CyberLink Corp. 24.12.2007 49,3MB 5.5.1019 DHTML Editing Component Microsoft Corporation 17.05.2009 0,45MB 6.02.0001 Disc2Phone Sony Media Software 07.06.2008 9,96MB 1.4.0.112 DivX Converter DivX, Inc. 22.09.2010 35,9MB 7.1.0 DivX Plus DirectShow Filters DivX, Inc. 22.09.2010 1,21MB DivX-Setup DivX, Inc. 22.09.2010 1,93MB 2.0.4.2 ElsterFormular für Privatanwender Landesfinanzdirektion Thüringen 13.03.2011 143,2MB 12.1.1.6214p FlashFXP v3 IniCom Networks, Inc. 09.06.2008 6,31MB 3.6.0.1240 Free Audio CD Burner version 1.4 DVDVideoSoft Limited. 22.09.2010 3,14MB Free YouTube to MP3 Converter version 3.8 DVDVideoSoft Limited. 22.09.2010 2,36MB Hardware Diagnose Tools PC-Doctor, Inc. 24.12.2007 139,0MB 5.00.4589.14 HP Active Support Library Hewlett-Packard 12.12.2007 8,88MB 2.3.0.2 HP Customer Experience Enhancements Hewlett-Packard 12.12.2007 0,98MB 5.4.0.2360 HP Easy Setup - Frontend Hewlett-Packard 12.12.2007 1,93MB 5.4.0.2430 HP On-Screen Cap/Num/Scroll Lock Indicator Hewlett-Packard 24.12.2007 HP Photosmart Essential 2.5 HP 24.12.2007 3,21MB 2.5 HP Update Hewlett-Packard 19.10.2008 3,76MB 4.000.012.001 i-Look 110 Ihr Firmenname 26.03.2010 9,85MB 1.0.4.15 ICQ Toolbar ICQ 04.04.2011 3.0.0 ICQ7.4 ICQ 04.04.2011 47,4MB 7.4 Image Resizer Powertoy Clone for Windows Brice Lambson 25.04.2009 32,00KB 2.0.0.0 Intel(R) Graphics Media Accelerator Driver 24.12.2007 iTunes Apple Inc. 09.06.2008 73,4MB 7.6.2.9 Java(TM) 6 Update 21 Sun Microsystems, Inc. 16.04.2010 94,5MB 6.0.210 Java(TM) SE Runtime Environment 6 Update 1 Sun Microsystems, Inc. 12.12.2007 167,3MB 1.6.0.10 LightScribe System Software 1.10.16.1 Ihr Firmenname 12.12.2007 19,2MB 1.10.16.1 LiveUpdate (Symantec Corporation) Symantec 12.07.2007 22,9MB 3.4.0.162 Malwarebytes' Anti-Malware Malwarebytes Corporation 21.04.2011 4,80MB Microsoft .NET Framework 1.1 07.06.2008 Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 13.06.2009 27,8MB Microsoft Office Home and Student 2007-Testversion Microsoft Corporation 13.01.2009 296,9MB 12.0.4518.1014 Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 12.12.2007 89,0MB 12.0.4518.1014 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 12.12.2007 0,41MB 8.0.56336 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 13.03.2011 0,58MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 17.06.2009 0,57MB 9.0.30729 Geändert von lenebene (22.04.2011 um 23:04 Uhr) |
| Themen zu TR/Kazy/mekl.1 habe ich auch :( |
| .vault, adblock, anti, avgntflt.sys, becks, bild, bootmgr, desktop.ini, durchgeführt, fehler, fenster, google chrome, google earth, inetcpl.cpl, infizierte, install.exe, intrusion prevention, location, löschen, malware, microsoft office word, monitor.exe, moved, notepad.exe, oldtimer, plug-in, recycle.bin, sache, sachen, saver, sched.exe, searchplugins, seite, shell32.dll, shortcut, skype.exe, start menu, twain.dll, twunk_32.exe, werbung, öffnet |
Baum-Darstellung