Oh mann da kann einem ja die Lust am surfen vergehen 
Na ja nützt ja nichts. Melde mich dann die Tage nochmal wenn alles fertig ist, wegen diversen Einstellungen von Windows, wo ich eventuell nochmal hilfe brauch.
Danke euch herzlich.
Beiträge von DogoArgentino
-
-
Mach ich
und heut abend setzte ich alles neu auf! -
Alles klar hab ich verstanden! Werde in zukunft besser drauf achten.
-
-
Code
Alles anzeigenwww.malwarebytes.org Datenbank Version: 7353 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 03.08.2011 12:32:18 mbam-log-2011-08-03 (12-32-03).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 488610 Laufzeit: 55 Minute(n), 14 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: d:\serials\serials world\serialsworld.exe (Trojan.Agent) -> No action taken.und hier die log von MBAM, sorry nochmal
-
MBAM macht doch grad den Suchlauf. Dauert ewig, dafür kann ich ja nichts!
-
Code
Alles anzeigen[color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011.08.03 11:00:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.08.03 06:46:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.08.02 21:52:45 | 001,769,136 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.08.02 21:52:45 | 000,760,240 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.08.02 21:52:45 | 000,704,110 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.08.02 21:52:45 | 000,169,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.08.02 21:52:45 | 000,138,258 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.08.02 19:59:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.08.02 19:48:27 | 004,872,192 | ---- | M] () -- C:\Users\Daniel\Desktop\Everyday_Girl_-_Preluders.mp3 [2011.08.02 19:45:05 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.08.02 19:45:05 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.08.02 19:37:52 | 000,000,170 | -HS- | M] () -- C:\ProgramData\.zreglib [2011.08.02 19:37:25 | 3218,837,504 | -HS- | M] () -- C:\hiberfil.sys [2011.08.02 18:28:51 | 3241,934,848 | ---- | M] () -- C:\Users\Daniel\Desktop\Windows7.iso [2011.08.02 18:14:08 | 000,002,843 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk [2011.08.02 18:11:36 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk [2011.08.02 17:29:32 | 000,544,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71d.dll [2011.08.02 17:29:32 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll [2011.08.02 17:29:32 | 000,266,240 | ---- | M] (XSS) -- C:\Windows\SysWow64\ShellvRTF64.dll [2011.08.02 17:29:32 | 000,241,664 | ---- | M] (Hewlett-Packard) -- C:\Windows\SysWow64\HPEvents.dll [2011.08.02 17:29:32 | 000,122,880 | ---- | M] (XSS) -- C:\Windows\SysWow64\ShellvRTF.dll [2011.08.02 17:16:03 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml [2011.08.02 17:16:03 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml [2011.08.02 15:45:31 | 000,319,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.08.02 15:38:05 | 000,001,237 | ---- | M] () -- C:\Users\Daniel\Desktop\AIDA64 Extreme Edition.lnk [2011.08.02 13:18:42 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.08.02 12:16:55 | 000,002,981 | ---- | M] () -- C:\Users\Daniel\Desktop\HiJackThis.lnk [2011.08.02 11:45:40 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\MT66 Software Update.job [2011.08.02 11:28:39 | 000,438,420 | ---- | M] () -- C:\Users\Daniel\Documents\cc_20110802_112823.reg [2011.08.02 11:22:41 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.08.02 11:21:21 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.08.02 11:02:56 | 000,001,242 | ---- | M] () -- C:\Users\Public\Desktop\MP3 Recorder for YouTube.lnk [2011.08.01 15:46:04 | 001,654,364 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.08.01 15:32:34 | 000,001,804 | ---- | M] () -- C:\Users\Daniel\Desktop\Uniblue RegistryBooster.lnk [2011.08.01 15:32:34 | 000,001,794 | ---- | M] () -- C:\Users\Daniel\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk [2011.08.01 14:56:52 | 004,503,711 | ---- | M] () -- C:\Users\Daniel\Desktop\David Guetta & Chris Willis ft Fergie & LMFAO - Gettin Over You (Official videoclip).mp3 [2011.08.01 14:53:27 | 000,059,392 | R--- | M] () -- C:\Windows\SysWow64\streamhlp.dll [2011.08.01 14:53:27 | 000,001,035 | ---- | M] () -- C:\Users\Daniel\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk [2011.08.01 14:53:27 | 000,001,011 | ---- | M] () -- C:\Users\Daniel\Desktop\TrojanHunter.lnk [2011.08.01 13:14:08 | 000,000,681 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk [2011.07.30 18:12:02 | 005,831,314 | ---- | M] () -- C:\Users\Daniel\Desktop\Rihanna - S&M.mp3 [2011.07.26 21:21:59 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll [2011.07.26 21:21:59 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2011.07.26 21:21:59 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2011.07.26 21:21:59 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2011.07.24 12:21:22 | 000,868,307 | ---- | M] () -- C:\Users\Daniel\AppData\Local\census.cache [2011.07.24 12:20:33 | 000,112,589 | ---- | M] () -- C:\Users\Daniel\AppData\Local\ars.cache [2011.07.24 12:12:44 | 000,000,036 | ---- | M] () -- C:\Users\Daniel\AppData\Local\housecall.guid.cache [2011.07.23 18:05:00 | 000,001,439 | ---- | M] () -- C:\Users\Daniel\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011.07.23 17:59:32 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011.07.23 17:59:32 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011.07.23 17:59:31 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011.07.23 17:59:31 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011.07.23 17:59:31 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011.07.23 17:59:31 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011.07.23 17:59:31 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011.07.23 17:59:31 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011.07.23 17:59:31 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.07.23 17:59:31 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.07.23 17:59:31 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011.07.23 17:59:31 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011.07.23 17:59:31 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011.07.23 17:59:31 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011.07.23 17:59:31 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011.07.23 17:59:31 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011.07.23 17:59:31 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011.07.23 17:59:31 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011.07.23 17:59:31 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011.07.23 17:59:31 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011.07.23 17:59:31 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011.07.23 17:59:31 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.07.23 17:59:31 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011.07.23 17:59:31 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011.07.23 17:59:31 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011.07.23 17:59:31 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011.07.23 17:59:31 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011.07.23 17:59:31 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011.07.23 17:59:31 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.07.23 17:59:31 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011.07.23 17:59:31 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011.07.23 17:59:31 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011.07.23 17:59:31 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011.07.23 17:59:31 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011.07.23 17:59:31 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011.07.23 17:59:31 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011.07.23 17:59:31 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011.07.23 17:59:31 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011.07.23 17:59:31 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011.07.23 17:59:31 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011.07.23 17:59:31 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011.07.23 17:59:31 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011.07.23 17:59:31 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011.07.23 17:59:31 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011.07.23 17:59:31 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011.07.23 17:59:31 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011.07.23 17:59:31 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011.07.23 17:59:31 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011.07.23 17:59:31 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011.07.23 17:59:31 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011.07.23 17:59:31 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.07.23 17:59:31 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011.07.23 17:59:31 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011.07.23 17:59:31 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011.07.23 17:59:31 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011.07.23 17:59:31 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011.07.23 17:59:31 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011.07.23 17:59:31 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011.07.23 17:59:31 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011.07.23 17:59:31 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011.07.23 17:59:31 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011.07.23 17:59:31 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011.07.23 17:59:31 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2011.07.23 17:59:31 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2011.07.23 17:59:31 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.07.23 17:59:31 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011.07.23 17:59:31 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011.07.23 17:59:31 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011.07.23 17:59:31 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011.07.23 17:59:31 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011.07.23 17:59:31 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011.07.23 17:59:31 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011.07.23 17:59:31 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011.07.23 17:59:31 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011.07.23 17:59:31 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011.07.23 17:59:31 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011.07.23 17:59:31 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011.07.23 17:59:31 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011.07.23 17:59:31 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011.07.23 17:59:31 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011.07.23 17:43:44 | 000,197,689 | ---- | M] () -- C:\Users\Daniel\Desktop\blade_nebel_gelb.jpg [2011.07.23 17:41:28 | 000,168,396 | ---- | M] () -- C:\Users\Daniel\Desktop\schwarz_01.jpg [2011.07.19 20:18:56 | 000,403,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.07.19 19:31:14 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2011.07.18 22:53:02 | 000,007,605 | ---- | M] () -- C:\Users\Daniel\AppData\Local\resmon.resmoncfg [2011.07.18 00:11:21 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\SBK®2011 FIM Superbike World Championship spielen.lnk [2011.07.15 13:45:08 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll [2011.07.07 06:47:11 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe [2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011.08.02 21:51:34 | 005,831,314 | ---- | C] () -- C:\Users\Daniel\Desktop\Rihanna - S&M.mp3 [2011.08.02 20:58:56 | 004,503,711 | ---- | C] () -- C:\Users\Daniel\Desktop\David Guetta & Chris Willis ft Fergie & LMFAO - Gettin Over You (Official videoclip).mp3 [2011.08.02 19:48:28 | 004,872,192 | ---- | C] () -- C:\Users\Daniel\Desktop\Everyday_Girl_-_Preluders.mp3 [2011.08.02 18:25:17 | 3241,934,848 | ---- | C] () -- C:\Users\Daniel\Desktop\Windows7.iso [2011.08.02 18:14:08 | 000,002,843 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk [2011.08.02 18:11:36 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk [2011.08.02 15:40:18 | 000,033,707 | ---- | C] () -- C:\Users\Daniel\Desktop\EULA-DE.rtf [2011.08.02 15:38:05 | 000,001,237 | ---- | C] () -- C:\Users\Daniel\Desktop\AIDA64 Extreme Edition.lnk [2011.08.02 13:18:42 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.08.02 13:18:42 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.08.02 12:16:55 | 000,002,981 | ---- | C] () -- C:\Users\Daniel\Desktop\HiJackThis.lnk [2011.08.02 11:28:26 | 000,438,420 | ---- | C] () -- C:\Users\Daniel\Documents\cc_20110802_112823.reg [2011.08.02 11:22:41 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.08.02 11:21:21 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.08.02 11:02:57 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\MT66 Software Update.job [2011.08.02 11:02:56 | 000,001,242 | ---- | C] () -- C:\Users\Public\Desktop\MP3 Recorder for YouTube.lnk [2011.08.01 15:45:59 | 001,654,364 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.08.01 15:32:34 | 000,001,804 | ---- | C] () -- C:\Users\Daniel\Desktop\Uniblue RegistryBooster.lnk [2011.08.01 15:32:34 | 000,001,794 | ---- | C] () -- C:\Users\Daniel\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk [2011.08.01 14:53:27 | 000,001,035 | ---- | C] () -- C:\Users\Daniel\Application Data\Microsoft\Internet Explorer\Quick Launch\TrojanHunter Scanner.lnk [2011.08.01 14:53:27 | 000,001,011 | ---- | C] () -- C:\Users\Daniel\Desktop\TrojanHunter.lnk [2011.08.01 14:53:23 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll [2011.08.01 13:14:08 | 000,000,681 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk [2011.07.24 12:21:22 | 000,868,307 | ---- | C] () -- C:\Users\Daniel\AppData\Local\census.cache [2011.07.24 12:20:33 | 000,112,589 | ---- | C] () -- C:\Users\Daniel\AppData\Local\ars.cache [2011.07.24 12:12:44 | 000,000,036 | ---- | C] () -- C:\Users\Daniel\AppData\Local\housecall.guid.cache [2011.07.23 18:33:02 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011.07.23 17:59:31 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2011.07.23 17:59:31 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2011.07.23 17:43:49 | 000,197,689 | ---- | C] () -- C:\Users\Daniel\Desktop\blade_nebel_gelb.jpg [2011.07.23 17:41:38 | 000,168,396 | ---- | C] () -- C:\Users\Daniel\Desktop\schwarz_01.jpg [2011.07.19 19:31:14 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.07.18 00:11:21 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\SBK®2011 FIM Superbike World Championship spielen.lnk [2011.07.13 21:56:23 | 000,001,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2011.07.13 21:56:23 | 000,001,951 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2011.07.13 21:56:23 | 000,001,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2011.04.10 18:19:53 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.12.31 21:02:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.12.16 15:49:50 | 000,012,518 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys [2010.12.16 15:49:50 | 000,000,056 | RHS- | C] () -- C:\Windows\SysWow64\2FA57DCF21.sys [2010.12.16 14:11:06 | 000,000,170 | ---- | C] () -- C:\Windows\game.ini [2010.11.25 22:52:16 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.07.12 13:24:32 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI [2010.06.24 14:28:41 | 000,000,007 | ---- | C] () -- C:\Windows\treeskp.sys [2010.06.24 14:28:41 | 000,000,007 | ---- | C] () -- C:\Windows\sbacknt.bin [2010.05.30 20:14:37 | 000,006,144 | ---- | C] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.30 20:13:27 | 000,598,016 | ---- | C] () -- C:\Windows\SysWow64\viscomqtde.dll [2010.05.30 20:13:27 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll [2010.05.23 23:20:54 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2010.05.23 23:20:36 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2010.03.28 20:43:06 | 000,000,170 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.03.24 18:10:25 | 000,000,208 | ---- | C] () -- C:\Windows\Ulead32.ini [2010.03.24 18:10:24 | 000,000,025 | ---- | C] () -- C:\Windows\syslife.dat [2010.03.24 17:21:08 | 000,003,082 | ---- | C] () -- C:\Windows\SysWow64\affv9869p2now.sys [2010.02.19 10:22:03 | 000,000,133 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\burnaware.ini [2010.02.11 22:22:03 | 000,007,605 | ---- | C] () -- C:\Users\Daniel\AppData\Local\resmon.resmoncfg [2010.01.18 21:34:50 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2010.01.18 21:34:50 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2010.01.18 21:34:50 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2010.01.10 14:09:26 | 000,000,700 | ---- | C] () -- C:\Windows\eReg.dat [2009.12.23 22:41:11 | 000,000,170 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2009.12.23 22:05:54 | 000,099,384 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\inst.exe [2009.12.23 22:05:54 | 000,007,859 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\pcouffin.cat [2009.12.23 22:05:54 | 000,001,167 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\pcouffin.inf [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2004.07.12 23:07:21 | 003,375,104 | ---- | C] () -- C:\Windows\SysWow64\qt-mt331.dll [color=#E56717]========== LOP Check ==========[/color] [2010.12.28 18:21:33 | 000,000,000 | -HSD | M] -- C:\Users\Daniel\AppData\Roaming\.# [2011.08.02 11:25:11 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Azureus [2009.12.21 13:04:02 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Bassic Technologies [2011.07.18 00:15:45 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\BlackBean [2010.02.19 10:30:01 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Canneverbe Limited [2010.04.11 17:17:29 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Capcom [2011.08.02 11:25:11 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite [2010.02.19 10:15:21 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DeepBurner [2010.12.29 23:18:15 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers [2010.11.09 13:28:18 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\FILEminimizerPictures [2010.03.18 19:01:41 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Haufe [2010.05.24 00:02:30 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ImTOO Software Studio [2010.03.18 18:43:03 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Lexware [2010.05.23 23:35:22 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\MAGIX [2011.02.05 13:29:41 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\MyPhoneExplorer [2010.01.15 21:07:20 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\OpenOffice.org [2011.08.01 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Opera [2011.08.02 15:46:02 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\SampleView [2010.06.01 21:06:45 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Sony [2010.06.01 21:05:31 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Sony Setup [2011.01.24 14:22:48 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\SystemRequirementsLab [2010.12.28 18:18:05 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\T-Online [2010.04.26 20:25:02 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Thunderbird [2010.01.09 23:11:51 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TrafficMonitor [2011.08.01 15:20:20 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TrojanHunter [2011.02.18 15:11:22 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TuneUp Software [2010.03.24 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Ulead Systems [2011.08.01 15:32:34 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Uniblue [2010.03.06 19:05:45 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Vso [2011.01.05 17:38:48 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\wargaming.net [2011.08.02 11:45:40 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\MT66 Software Update.job [2011.01.13 21:50:36 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 24 bytes -> C:\Windows:0AFC577CA1902598 @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:DFC5A2B2 @Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A8ADE5D8 < End of report >zweiter Teil
-
Code
Alles anzeigen[color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011.08.03 10:57:21 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Downloads\OTL.exe PRC - [2011.08.02 17:29:30 | 000,715,912 | ---- | M] () -- C:\Windows\SMINST\Scheduler.exe PRC - [2011.07.22 14:26:40 | 000,690,472 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2011.06.16 06:32:36 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011.05.21 08:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011.04.21 23:53:04 | 000,265,928 | ---- | M] (SpeedBit Ltd.) -- C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe PRC - [2010.11.25 22:52:16 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010.10.23 05:47:12 | 001,070,360 | ---- | M] (Mischel Internet Security) -- C:\Program Files (x86)\TrojanHunter 5.3\THGuard.exe PRC - [2010.03.13 12:58:58 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared Files\brs.exe PRC - [2010.02.24 05:22:48 | 001,579,456 | ---- | M] (SlySoft Inc.) -- D:\Program Files (x86)\SlySoft\Game Jackal v4\Server.exe PRC - [2009.04.30 11:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011.08.03 10:57:21 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Downloads\OTL.exe MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011.05.13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:[b]64bit:[/b] - [2010.03.23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV) SRV:[b]64bit:[/b] - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009.03.02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters) SRV - [2011.07.22 14:26:40 | 000,690,472 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011.05.21 08:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010.11.25 22:52:16 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010.11.20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2010.11.20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2010.11.20 14:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2010.11.17 20:35:25 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.08.20 08:02:10 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.24 05:22:48 | 001,579,456 | ---- | M] (SlySoft Inc.) [Auto | Running] -- D:\Program Files (x86)\SlySoft\Game Jackal v4\Server.exe -- (GJService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.04.30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011.05.13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:[b]64bit:[/b] - [2011.05.13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:[b]64bit:[/b] - [2011.05.10 11:41:27 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011.02.04 17:43:26 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:[b]64bit:[/b] - [2011.02.04 17:42:49 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:[b]64bit:[/b] - [2011.02.04 17:42:49 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2010.11.09 13:21:41 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2010.11.09 13:21:41 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2010.04.14 01:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:[b]64bit:[/b] - [2010.03.23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:[b]64bit:[/b] - [2010.01.13 17:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R) DRV:[b]64bit:[/b] - [2009.12.23 22:05:54 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin) DRV:[b]64bit:[/b] - [2009.12.08 22:35:46 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:[b]64bit:[/b] - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2008.10.21 09:22:44 | 000,145,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) DRV:[b]64bit:[/b] - [2008.10.21 09:22:44 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017obex.sys -- (s0017obex) DRV:[b]64bit:[/b] - [2008.10.21 09:22:44 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) DRV:[b]64bit:[/b] - [2008.10.21 09:22:42 | 000,152,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdm.sys -- (s0017mdm) DRV:[b]64bit:[/b] - [2008.10.21 09:22:42 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) DRV:[b]64bit:[/b] - [2008.10.21 09:22:42 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdfl.sys -- (s0017mdfl) DRV:[b]64bit:[/b] - [2008.10.21 09:22:40 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM) DRV:[b]64bit:[/b] - [2008.05.16 11:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm) DRV:[b]64bit:[/b] - [2008.05.16 11:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) DRV:[b]64bit:[/b] - [2008.05.16 11:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex) DRV:[b]64bit:[/b] - [2008.05.16 11:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl) DRV:[b]64bit:[/b] - [2008.05.16 11:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM) DRV:[b]64bit:[/b] - [2008.04.28 11:55:32 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir) DRV:[b]64bit:[/b] - [2008.01.18 12:31:30 | 000,320,560 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2007.06.18 18:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:[b]64bit:[/b] - [2007.04.23 14:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) DRV:[b]64bit:[/b] - [2007.04.23 14:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex) DRV:[b]64bit:[/b] - [2007.04.23 14:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm) DRV:[b]64bit:[/b] - [2007.04.23 14:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl) DRV:[b]64bit:[/b] - [2007.04.23 14:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM) DRV - [2004.08.09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004.08.09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1) DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2002.03.19 20:37:42 | 000,029,156 | ---- | M] (Apple Computer, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\DVDAccss.sys -- (DVDAccss) DRV - [2002.02.11 14:15:50 | 000,014,572 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 F7 00 29 31 46 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program File\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.08.02 13:18:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.23 15:56:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions [2010.04.26 20:25:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.08.02 18:12:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\56fwtasn.default\extensions [2011.08.02 13:31:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\56fwtasn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.08.02 18:12:42 | 000,000,000 | ---D | M] (Nero Toolbar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\56fwtasn.default\extensions\toolbar@ask.com [2011.07.19 23:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\gvzv4692.Daniel\extensions [2011.07.19 23:48:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\gvzv4692.Daniel\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2011.08.02 14:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions File not found (No name found) -- C:\PROGRAM FILES (X86)\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF} [2011.06.16 06:32:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.01.24 21:32:56 | 000,428,727 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14759 more lines... O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Recorder Toolbar) - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll (MedienTeam66) O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKLM\..\Toolbar: (Recorder Toolbar) - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll (MedienTeam66) O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [THGuard] C:\Program Files (x86)\TrojanHunter 5.3\THGuard.exe (Mischel Internet Security) O4 - HKLM..\RunOnce: [ST Recovery Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: Download YouTube Video - {89378663-DD4E-48b2-B4D6-01A731B196C7} - C:\Programme\Free YouTube Video Downloader\FreeYTDownloader.dll () O9 - Extra 'Tools' menuitem : Download the YouTube video in this page - {89378663-DD4E-48b2-B4D6-01A731B196C7} - C:\Programme\Free YouTube Video Downloader\FreeYTDownloader.dll () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009.09.22 09:37:33 | 000,003,756 | ---- | M] () - C:\Autorun_dll.log -- [ NTFS ] O32 - AutoRun File - [2011.08.02 17:29:32 | 000,000,053 | -HS- | M] () - E:\Autorun.inf -- [ NTFS ] O33 - MountPoints2\{781afd02-e42f-11de-8d21-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{781afd02-e42f-11de-8d21-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011.08.03 10:55:56 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe [2011.08.02 18:16:33 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.08.02 18:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe [2011.08.02 18:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2011.08.02 18:13:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2011.08.02 18:12:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com [2011.08.02 18:11:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling [2011.08.02 18:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe [2011.08.02 16:23:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Desktop\Keyfinder 2.0.8 [2011.08.02 15:46:02 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\SampleView [2011.08.02 15:42:17 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71d.dll [2011.08.02 15:42:17 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll [2011.08.02 15:42:17 | 000,266,240 | ---- | C] (XSS) -- C:\Windows\SysWow64\ShellvRTF64.dll [2011.08.02 15:42:17 | 000,241,664 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysWow64\HPEvents.dll [2011.08.02 15:42:17 | 000,122,880 | ---- | C] (XSS) -- C:\Windows\SysWow64\ShellvRTF.dll [2011.08.02 15:42:17 | 000,000,000 | ---D | C] -- C:\Windows\SMINST [2011.08.02 15:42:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Backup & Recovery [2011.08.02 15:40:18 | 000,490,672 | ---- | C] (zebNet Ltd. ) -- C:\Users\Daniel\Desktop\KEYFIND.EXE [2011.08.02 15:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire [2011.08.02 15:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalWire [2011.08.02 13:18:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.08.02 12:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2011.08.02 12:16:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011.08.02 11:22:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.08.02 11:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.08.02 11:21:21 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.08.02 11:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.08.02 11:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.08.02 11:04:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\YouTube Recordings [2011.08.02 11:02:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MT66 Software Update [2011.08.02 11:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MedienTeam66 [2011.08.02 11:02:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MedienTeam66 [2011.08.01 15:44:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices [2011.08.01 15:44:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices [2011.08.01 15:44:28 | 000,000,000 | ---D | C] -- C:\inetpub [2011.08.01 15:32:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42} [2011.08.01 15:32:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Uniblue [2011.08.01 15:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue [2011.08.01 15:32:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue [2011.08.01 15:32:23 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\PackageAware [2011.08.01 15:20:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\TrojanHunter [2011.08.01 14:53:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrojanHunter [2011.08.01 14:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TrojanHunter [2011.08.01 14:53:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrojanHunter 5.3 [2011.08.01 13:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks [2011.07.26 21:22:11 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll [2011.07.26 21:22:11 | 000,190,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2011.07.26 21:22:11 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2011.07.26 21:22:11 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2011.07.26 21:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011.07.24 12:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.07.24 12:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011.07.24 12:27:14 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\vlc [2011.07.24 12:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.07.24 12:10:57 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes [2011.07.24 12:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.07.24 12:10:49 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.07.23 18:33:02 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\SysWow64\pthreadGC2.dll [2011.07.23 18:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow [2011.07.23 18:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FLVCodec [2011.07.23 18:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow [2011.07.23 18:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Video Downloader [2011.07.23 18:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\Free YouTube Video Downloader [2011.07.23 17:59:32 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011.07.23 17:59:32 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011.07.23 17:59:31 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011.07.23 17:59:31 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011.07.23 17:59:31 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011.07.23 17:59:31 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011.07.23 17:59:31 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011.07.23 17:59:31 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011.07.23 17:59:31 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.07.23 17:59:31 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.07.23 17:59:31 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011.07.23 17:59:31 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011.07.23 17:59:31 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011.07.23 17:59:31 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011.07.23 17:59:31 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011.07.23 17:59:31 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011.07.23 17:59:31 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011.07.23 17:59:31 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011.07.23 17:59:31 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011.07.23 17:59:31 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011.07.23 17:59:31 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011.07.23 17:59:31 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.07.23 17:59:31 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011.07.23 17:59:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011.07.23 17:59:31 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011.07.23 17:59:31 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011.07.23 17:59:31 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011.07.23 17:59:31 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011.07.23 17:59:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.07.23 17:59:31 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011.07.23 17:59:31 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011.07.23 17:59:31 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011.07.23 17:59:31 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011.07.23 17:59:31 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011.07.23 17:59:31 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011.07.23 17:59:31 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011.07.23 17:59:31 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011.07.23 17:59:31 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011.07.23 17:59:31 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011.07.23 17:59:31 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011.07.23 17:59:31 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011.07.23 17:59:31 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011.07.23 17:59:31 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011.07.23 17:59:31 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011.07.23 17:59:31 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011.07.23 17:59:31 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011.07.23 17:59:31 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011.07.23 17:59:31 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011.07.23 17:59:31 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011.07.23 17:59:31 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011.07.23 17:59:31 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.07.23 17:59:31 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011.07.23 17:59:31 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011.07.23 17:59:31 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011.07.23 17:59:31 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011.07.23 17:59:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011.07.23 17:59:31 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011.07.23 17:59:31 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011.07.23 17:59:31 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011.07.23 17:59:31 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011.07.23 17:59:31 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011.07.23 17:59:31 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011.07.23 17:59:31 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.07.23 17:59:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011.07.23 17:59:31 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011.07.23 17:59:31 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011.07.23 17:59:31 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011.07.23 17:59:31 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011.07.23 17:59:31 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011.07.23 17:59:31 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011.07.23 17:59:31 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011.07.23 17:59:31 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011.07.23 17:59:31 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011.07.23 17:59:31 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011.07.23 17:59:31 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011.07.23 17:59:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011.07.23 17:59:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011.07.23 17:59:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011.07.20 08:17:17 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Opera [2011.07.20 08:17:17 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Opera [2011.07.20 08:17:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2011.07.19 20:18:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2011.07.19 19:17:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Speedbit [2011.07.18 00:15:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\BlackBean [2011.07.18 00:05:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlackBeanGames [2011.07.18 00:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Bean Games [2011.07.15 12:35:27 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\18 WoS Haulin [2011.07.15 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Desktop\18WOS Haulin [2011.07.15 11:36:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink [2011.07.13 21:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2011.07.13 12:26:15 | 001,426,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco642040.dll [2011.07.13 12:26:15 | 000,174,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2011.07.13 12:26:15 | 000,070,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapo64v.dll [2011.07.13 12:26:15 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2011.07.13 12:26:12 | 022,286,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2011.07.13 12:26:12 | 018,583,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2011.07.13 12:26:12 | 016,456,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2011.07.13 12:26:12 | 015,223,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2011.07.13 12:26:12 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2011.07.13 12:26:12 | 011,992,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2011.07.13 12:26:12 | 008,863,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2011.07.13 12:26:12 | 007,123,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2011.07.13 12:26:12 | 005,301,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2011.07.13 12:26:12 | 002,943,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2011.07.13 12:26:12 | 002,804,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2011.07.13 12:26:12 | 002,335,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2011.07.13 12:26:12 | 002,212,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2011.07.13 12:26:12 | 002,082,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2011.07.13 12:26:12 | 001,496,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420150.dll [2011.07.13 12:26:12 | 001,427,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642090.dll [2011.07.13 12:26:12 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011.07.13 12:26:12 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011.07.13 12:26:12 | 000,012,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2011.07.12 21:30:24 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2011.07.12 21:30:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2011.07.12 21:30:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2011.07.12 21:30:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2011.07.12 21:30:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2011.07.12 21:30:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2011.07.12 21:30:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2011.07.12 21:30:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2011.07.12 21:30:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2011.07.12 21:30:21 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2011.07.12 21:30:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2011.07.12 21:30:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2011.07.12 21:30:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2011.07.12 21:30:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2011.07.12 21:30:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2011.07.12 21:30:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2011.07.12 21:30:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2011.07.12 21:30:20 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2011.07.12 21:30:20 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2011.07.12 21:30:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2011.07.12 21:30:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2011.07.12 21:30:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2011.07.12 21:30:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2011.07.12 21:30:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2011.07.12 21:29:43 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2011.07.12 21:29:43 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2011.07.12 21:29:19 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2011.07.12 21:29:19 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2011.07.12 21:29:19 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2011.07.12 21:29:18 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011.07.12 19:04:50 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2011.07.12 19:04:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2011.07.12 19:04:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2011.07.12 19:04:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2011.07.12 19:04:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2011.07.12 19:04:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2011.07.12 19:04:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2011.07.12 19:04:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2010.06.01 21:01:32 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpeE6E6.dll [2009.12.23 22:05:54 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Daniel\AppData\Roaming\pcouffin.sys [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
erster Teil -
Code
Alles anzeigenOTL Extras logfile created on: 03.08.2011 10:58:00 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Daniel\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,67 Gb Available Physical Memory | 66,70% Memory free 7,99 Gb Paging File | 6,21 Gb Available in Paging File | 77,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 289,06 Gb Total Space | 141,72 Gb Free Space | 49,03% Space Free | Partition Type: NTFS Drive D: | 298,09 Gb Total Space | 88,37 Gb Free Space | 29,64% Space Free | Partition Type: NTFS Drive E: | 9,03 Gb Total Space | 1,73 Gb Free Space | 19,14% Space Free | Partition Type: NTFS Computer Name: DANIEL-PC | User Name: Daniel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- Reg Error: Key error. File not found .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers "{1DCCF1DD-39E0-40f0-8D57-08320104936F}_is1" = Free YouTube Video Downloader 1.3.1.0 "{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit) "{47DEB25D-4FA2-4894-8A0D-FE944C47326E}" = Microsoft Baseline Security Analyzer 2.1 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 275.33 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "B30ECD0209A21D638611F893829C8AF3A483A302" = Windows Driver Package - ENE (enecir) HIDClass (04/29/2008 2.5.0.0) "CCleaner" = CCleaner "Game Jackal v4_is1" = Game Jackal v4.0.2.1 (64 bit) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM) "{07AB0247-FEF5-425F-BF51-1F51354DA983}" = SBK®2011 FIM Superbike World Championship "{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI "{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI "{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16 "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26 "{2B34414C-14FB-11D6-A329-0050045C24B2}" = DVD@ccess 1.5 "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2ED4869A-6D7B-4a8f-8261-B842DA4852FA}_is1" = MP3 Recorder for YouTube 1.0 Professional-E "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00 "{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = ST Wiederherstellungs- & Sicherungsprogramme "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI "{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM) "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{59624372-3B85-47f4-9B04-4911E551DF1E}" = Lexware Info Service "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10 "{7B63B2922B174135AFC0E1377DD81EC2}" = "{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI "{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{92447039-DC7B-46BF-9D1D-2B92FA89F914}" = SBK®2011 FIM Superbike World Championship "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10 "{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI "{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI "{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM) "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch "{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI "{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI "{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software "{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI "{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1" = MT66 Software Update "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "1489-3350-5074-6281" = JDownloader 0.9 "8461-7759-5462-8226" = Vuze "8461-7759-5462-8226-1" = Vuze "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.80 "ArmA2" = ArmA2 Uninstall "Battlecraft 19422.1" = Battlecraft 1942 "Company of Heroes" = Company of Heroes "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DVDFab 6 by CATER / AHCU_is1" = DVDFab 6.0.1.0 by CATER / AHCU "DVDx 2.3_is1" = DVDx 2.3 "EADM" = EA Download Manager "ffdshow_is1" = ffdshow [rev 3026] [2009-07-05] "FLVCodec" = PlayFLV "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324 "GameSpy Arcade" = GameSpy Arcade "InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch "Intelore - RAR Password Recovery" = RAR Password Recovery v1.1 RC17 (remove only) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800 "MDT" = Battlefield Mod Development Toolkit 2.0 Beta "Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de) "MPE" = MyPhoneExplorer "NAVIGON Fresh" = NAVIGON Fresh 2.0.2 "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "Picasa 3" = Picasa 3 "SpeedBit Video Accelerator" = SpeedBit Video Accelerator "Steam App 42700" = Call of Duty: Black Ops "Steam App 42710" = Call of Duty: Black Ops - Multiplayer "SystemRequirementsLab" = System Requirements Lab "TrojanHunter_is1" = TrojanHunter 5.3 "Uniblue RegistryBooster" = Uniblue RegistryBooster "Uninstall_is1" = Uninstall 1.0.0.1 "Update Service" = Sony Ericsson Update Service "VLC media player" = VLC media player 1.1.11 "WinLiveSuite_Wave3" = Windows Live Essentials "WinTuning 7" = WinTuning 7 1.02 "Xilisoft DVD Ripper" = Xilisoft DVD Ripper 4 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >Das ist das eine was Extras heißt, der OLT.txt folgt.
-
Genau das geht ja nicht!
-
Die Log von OTL kann ich nicht als Code posten, es sind mehr als 80000 Zeichen, es sind aber nur 60000 zugelassen!
-
also schnellstmöglich das System neu aufsetzen?
-
Das Prog sagt aber selber das es nicht so schlimm ist, wenn ich das richtig verstehe.
Hab geforscht was das für einer ist, das ist ein Trojaner der einen befall vortäuscht und dich zu nem Kauf von einem bestimmten Prog verleiten soll. -
Code
Alles anzeigenLogfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:22:53, on 02.08.2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files (x86)\CyberLink\Shared Files\brs.exe C:\Program Files (x86)\TrojanHunter 5.3\THGuard.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [THGuard] "C:\Program Files (x86)\TrojanHunter 5.3\THGuard.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-21-1153277004-2311600513-1264470738-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1153277004-2311600513-1264470738-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Download YouTube Video - {89378663-DD4E-48b2-B4D6-01A731B196C7} - C:\Program Files\Free YouTube Video Downloader\FreeYTDownloader.dll O9 - Extra 'Tools' menuitem: Download the YouTube video in this page - {89378663-DD4E-48b2-B4D6-01A731B196C7} - C:\Program Files\Free YouTube Video Downloader\FreeYTDownloader.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Game Jackal Server (GJService) - Unknown owner - D:\Program Files (x86)\SlySoft\Game Jackal v4\Server.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Druckwarteschlange (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VideoAcceleratorService - SpeedBit Ltd. - C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9081 bytesDas ist die Log von HiJack. Es gab vorher keine Log, deswegen dachte ich er hat nichts gefunden! Aber ich muß das Prog als Admin starten, dann geht es, sorry!
-
Code
Alles anzeigenMalwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Datenbank Version: 7035 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 02.08.2011 11:26:06 mbam-log-2011-08-02 (11-26-06).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 206113 Laufzeit: 3 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 4 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\CE8SIIFGSU (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\CL2GFOKBC9 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden)Hab es nochmal frisch drüber laufen lassen!!! Das ist von Malwarebytes
-
Ihab erstmal ne Lösung gefunden, also ich komme erstmal wieder ins Netz mit dem Fox!
Lösung:-------probier doch mal in der Eingabeaufforderung
-------netsh
-------winsock
-------resettrotzdem sende ich gleich die Log-Dateien.
-
Jetzt hab ich auch festgestellt das mein online game wot und alle Updatefunktionen von diversen Programmen nicht mehr funktionieren! Ich bekomm echt ne macke. Also kann es ja nur am rechner selber liegen!
-
Also ich hab den scan gemacht (hat keine Fehler ergeben) und die addons erneuert! Hat sich noch nichts weiter getan.
-
Code
Alles anzeigenShockwave Flash Datei: NPSWF32.dll Version: 10.3.181.26 Shockwave Flash 10.3 r181 MIME-Typ Beschreibung Endungen application/x-shockwave-flash Adobe Flash movie swf application/futuresplash FutureSplash movie spl Shockwave for Director Datei: np32dsw.dll Version: 11.5.2.602 Adobe Shockwave for Director Netscape plug-in, version 11.5 MIME-Typ Beschreibung Endungen application/x-director Shockwave Movie dir,dxr,dcr Google Earth Plugin Datei: npgeplugin.dll Version: 1.0.0.1 GEPlugin MIME-Typ Beschreibung Endungen application/geplugin GEPlugin Picasa Datei: npPicasa3.dll Version: 3.0.0.0 Picasa plugin MIME-Typ Beschreibung Endungen application/x-picasa-detect 3.1 pinstall Java(TM) Platform SE 6 U26 Datei: npjp2.dll Version: 6.0.260.3 Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers MIME-Typ Beschreibung Endungen application/x-java-applet Java Applet application/x-java-bean JavaBeans application/x-java-vm application/x-java-applet;version=1.1.1 application/x-java-bean;version=1.1.1 application/x-java-applet;version=1.1 application/x-java-bean;version=1.1 application/x-java-applet;version=1.2 application/x-java-bean;version=1.2 application/x-java-applet;version=1.1.3 application/x-java-bean;version=1.1.3 application/x-java-applet;version=1.1.2 application/x-java-bean;version=1.1.2 application/x-java-applet;version=1.3 application/x-java-bean;version=1.3 application/x-java-applet;version=1.2.2 application/x-java-bean;version=1.2.2 application/x-java-applet;version=1.2.1 application/x-java-bean;version=1.2.1 application/x-java-applet;version=1.3.1 application/x-java-bean;version=1.3.1 application/x-java-applet;version=1.4 application/x-java-bean;version=1.4 application/x-java-applet;version=1.4.1 application/x-java-bean;version=1.4.1 application/x-java-applet;version=1.4.2 application/x-java-bean;version=1.4.2 application/x-java-applet;version=1.5 application/x-java-bean;version=1.5 application/x-java-applet;version=1.6 application/x-java-bean;version=1.6 application/x-java-applet;jpi-version=1.6.0_26 application/x-java-bean;jpi-version=1.6.0_26 Java Deployment Toolkit 6.0.260.3 Datei: npdeployJava1.dll Version: 6.0.260.3 NPRuntime Script Plug-in Library for Java(TM) Deploy MIME-Typ Beschreibung Endungen application/java-deployment-toolkit Silverlight Plug-In Datei: npctrl.dll Version: 4.0.60531.0 4.0.60531.0 MIME-Typ Beschreibung Endungen application/x-silverlight npctrl scr application/x-silverlight-2 Windows Live® Photo Gallery Datei: NPWLPG.dll Version: 14.0.8081.709 NPWLPG MIME-Typ Beschreibung Endungen application/x-wlpg3-detect Windows Live® Photo Gallery wlpg application/x-wlpg-detect Windows Live® Photo Gallery wlpg Google Update Datei: npGoogleUpdate3.dll Version: 1.3.21.57 Google Update MIME-Typ Beschreibung Endungen application/x-vnd.google.update3webcontrol.3 application/x-vnd.google.oneclickctrl.9 VLC Multimedia Plug-in Datei: npvlc.dll Version: 1.1.10.0 Version 1.1.10, copyright 1996-2011 The VideoLAN Team http://www.videolan.org/ MIME-Typ Beschreibung Endungen audio/mpeg MPEG audio mp2,mp3,mpga,mpega audio/x-mpeg MPEG audio mp2,mp3,mpga,mpega video/mpeg MPEG video mpg,mpeg,mpe video/x-mpeg MPEG video mpg,mpeg,mpe video/mpeg-system MPEG video mpg,mpeg,vob video/x-mpeg-system MPEG video mpg,mpeg,vob video/mp4 MPEG-4 video mp4,mpg4 audio/mp4 MPEG-4 audio mp4,mpg4 application/mpeg4-iod MPEG-4 video mp4,mpg4 application/mpeg4-muxcodetable MPEG-4 video mp4,mpg4 video/x-m4v MPEG-4 video m4v video/x-msvideo AVI video avi video/quicktime QuickTime video mov,qt application/x-ogg Ogg stream ogg application/ogg Ogg stream ogg video/ogg Ogg video ogv application/x-vlc-plugin VLC plug-in vlc video/x-ms-asf-plugin Windows Media video asf,asx video/x-ms-asf Windows Media video asf,asx application/x-mplayer2 Windows Media plug-in video/x-ms-wmv Windows Media video wmv application/x-google-vlc-plugin Google VLC plug-in audio/wav WAV audio wav audio/x-wav WAV audio wav audio/3gpp 3GPP audio 3gp,3gpp video/3gpp 3GPP video 3gp,3gpp audio/3gpp2 3GPP2 audio 3g2,3gpp2 video/3gpp2 3GPP2 video 3g2,3gpp2 video/divx DivX video divx video/flv FLV video flv video/x-flv FLV video flv video/x-matroska Matroska video mkv audio/x-matroska Matroska audio mka application/xspf+xml Playlist xspf xspf audio/x-m4a MPEG-4 audio m4a audio/x-mpegurl Playlist M3U m3u audio/x-ms-wma Windows Media Audio wma video/webm WebM video webm audio/webm WebM audio webm audio/amr AMR audio amr Adobe Acrobat Datei: nppdf32.dll Version: 9.4.5.236 Adobe PDF Plug-In For Firefox and Netscape "9.4.5" MIME-Typ Beschreibung Endungen application/pdf Acrobat Portable Document Format pdf application/vnd.adobe.pdfxml Adobe PDF in XML Format pdfxml application/vnd.adobe.x-mars Adobe PDF in XML Format mars application/vnd.fdf Acrobat Forms Data Format fdf application/vnd.adobe.xfdf XML Version of Acrobat Forms Data Format xfdf application/vnd.adobe.xdp+xml Acrobat XML Data Package xdp application/vnd.adobe.xfd+xml Adobe FormFlow99 Data File xfd QuickTime Plug-in 7.6.6 Datei: npqtplugin.dll Version: 7.6.6.0 The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site. MIME-Typ Beschreibung Endungen application/sdp SDP-Stream-Beschreibung sdp application/x-sdp SDP-Stream-Beschreibung sdp application/x-rtsp RTSP-Stream-Beschreibung rtsp,rts video/quicktime QuickTime Movie mov,qt,mqv video/flc AutoDesk Animator (FLC) flc,fli,cel audio/x-wav WAVE-Audio wav,bwf audio/wav WAVE-Audio wav,bwf QuickTime Plug-in 7.6.6 Datei: npqtplugin2.dll Version: 7.6.6.0 The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site. MIME-Typ Beschreibung Endungen audio/aiff AIFF-Audio aiff,aif,aifc,cdda audio/x-aiff AIFF-Audio aiff,aif,aifc,cdda audio/basic uLaw/AU-Audio au,snd,ulw audio/mid MIDI mid,midi,smf,kar audio/x-midi MIDI mid,midi,smf,kar audio/midi MIDI mid,midi,smf,kar audio/vnd.qcelp QUALCOMM PureVoice audio qcp QuickTime Plug-in 7.6.6 Datei: npqtplugin3.dll Version: 7.6.6.0 The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site. MIME-Typ Beschreibung Endungen audio/x-gsm GSM-Audio gsm audio/AMR AMR-Audio AMR audio/aac AAC-Audio aac,adts audio/x-aac AAC-Audio aac,adts audio/x-caf CAF-Audio caf audio/ac3 AC3 audio ac3 audio/x-ac3 AC3 audio ac3 video/x-mpeg MPEG-Medien mpeg,mpg,m1s,m1v,m1a,m75,m15,mp2,mpm,mpv,mpa QuickTime Plug-in 7.6.6 Datei: npqtplugin4.dll Version: 7.6.6.0 The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site. MIME-Typ Beschreibung Endungen video/mpeg MPEG-Medien mpeg,mpg,m1s,m1v,m1a,m75,m15,mp2,mpm,mpv,mpa audio/mpeg MPEG-Audio mpeg,mpg,m1s,m1a,mp2,mpm,mpa,m2a audio/x-mpeg MPEG-Audio mpeg,mpg,m1s,m1a,mp2,mpm,mpa,m2a video/3gpp 3GPP-Medien 3gp,3gpp QuickTime Plug-in 7.6.6 Datei: npqtplugin5.dll Version: 7.6.6.0 The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site. MIME-Typ Beschreibung Endungen audio/3gpp 3GPP-Medien 3gp,3gpp video/3gpp2 3GPP2-Medien 3g2,3gp2 audio/3gpp2 3GPP2-Medien 3g2,3gp2 video/sd-video SD-Video sdv application/x-mpeg AMC-Medien amc video/mp4 MPEG-4-Medien mp4 audio/mp4 MPEG-4-Medien mp4 audio/x-m4a AAC-Audiodatei m4a audio/x-m4p AAC-Audio (geschƒtzt) m4p audio/x-m4b AAC-Audiobuch m4b QuickTime Plug-in 7.6.6 Datei: npqtplugin6.dll Version: 7.6.6.0 The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site. MIME-Typ Beschreibung Endungen video/x-m4v Video (geschƒtzt) m4v image/x-macpaint MacPaint-Bild pntg,pnt,mac image/pict PICT-Bild pict,pic,pct image/x-pict PICT-Bild pict,pic,pct image/png PNG-Bild png image/x-png PNG-Bild png image/x-quicktime QuickTime-Bild qtif,qti image/x-sgi SGI-Bild sgi,rgb image/x-targa TGA-Bild targa,tga QuickTime Plug-in 7.6.6 Datei: npqtplugin7.dll Version: 7.6.6.0 The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site. MIME-Typ Beschreibung Endungen image/jp2 JPEG2000 image jp2 image/jpeg2000 JPEG2000 image jp2 image/jpeg2000-image JPEG2000 image jp2 image/x-jpeg2000-image JPEG2000 image -
hab das alte profil gleich gelöscht und nen neues gemacht,hat aber nichts gebracht, bei opera ist das gleiche problem.