Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR!

RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR!


Log-Analyse und Auswertung: RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 19.11.2011, 12:19   #1
Leila_0920
 
RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR! - Standard

RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR!


Bitte helft mir mein Notebook ist mit Recycler virus infiziert und Malwarebytes erkennt nichts!
Wie kann ich Virus loeschen ohne Daten vom Stick zu loeschen ? Computer ist egal keine wichtigen Daten oben.
Neu aufgesetzt hab ich mein Notebook (Recovery - ASUS Eee PC) schonhelft oefter hilft nix ....kommt immer wieder.........
Bitte helft einem lieben suessen verzweifelten Maedl....

OTL Log File & Extras.txt erstellt :

OTL logfile created on: 11/19/2011 11:52:22 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Saskia\Desktop
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.18 Mb Total Physical Memory | 590.82 Mb Available Physical Memory | 58.26% Memory free
1.99 Gb Paging File | 1.59 Gb Available in Paging File | 80.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 83.55 Gb Free Space | 83.55% Space Free | Partition Type: NTFS
Drive D: | 117.87 Gb Total Space | 117.77 Gb Free Space | 99.92% Space Free | Partition Type: NTFS

Computer Name: SASKIA-PC | User Name: Saskia | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/18 17:08:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Saskia\Desktop\OTL.exe
PRC - [2011/11/18 16:51:40 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/18 19:31:05 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/18 17:50:02 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\401d4cd2a06122a32cf094d541dcdd63\Microsoft.VisualBasic.ni.dll
MOD - [2011/11/18 16:51:45 | 000,776,704 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2011/11/18 16:51:45 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2011/11/18 16:51:45 | 000,275,968 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2011/11/18 16:51:45 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2011/11/18 16:51:45 | 000,106,496 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreelements.dll
MOD - [2011/11/18 16:51:45 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2011/11/18 16:51:45 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2011/11/18 16:51:45 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2011/11/18 16:51:45 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2011/11/18 16:51:45 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2011/11/18 16:51:45 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2011/11/18 16:51:45 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2011/11/18 16:51:45 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2011/11/18 14:44:30 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\7e94064464380c8a5d7315c8b5d312aa\System.EnterpriseServices.ni.dll
MOD - [2011/11/18 14:44:25 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\c744f0f95227e75796b8689801740d4b\System.Transactions.ni.dll
MOD - [2011/11/18 14:44:22 | 006,618,624 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\935ac020241e59cab3287d5eb38c592d\System.Data.ni.dll
MOD - [2010/12/25 11:02:48 | 012,430,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f92c882fd4e7005c005e208daa04c28d\System.Windows.Forms.ni.dll
MOD - [2010/12/25 11:02:18 | 001,586,688 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\fdeec42fa02f3d789c42be2e33b130eb\System.Drawing.ni.dll
MOD - [2010/12/25 11:01:18 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3060dfcdecbeb8ee65077fb29b217c3d\System.Xml.ni.dll
MOD - [2010/12/25 11:01:03 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4be2653d1c9804d2ff6e6b66d22764e1\System.Configuration.ni.dll
MOD - [2010/12/25 11:00:59 | 007,949,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\500ddd904b1099f95552a81b54223b7f\System.ni.dll
MOD - [2010/12/25 11:00:34 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f58ab951b57c8526430486dcf7ee38fd\mscorlib.ni.dll
MOD - [2010/12/25 09:19:59 | 000,030,032 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\SqliteShared\2.2.0.21078__0d0f4b69e50e559b\SqliteShared.dll
MOD - [2010/12/25 09:19:56 | 000,839,680 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2010/09/01 05:51:14 | 000,124,240 | ---- | M] () -- C:\Program Files\ASUS\ASUS WebStorage\2.2.56.108\AsusWSShellExt.dll
MOD - [2009/06/10 23:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/06/10 23:23:17 | 002,933,248 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/07/12 12:40:00 | 000,146,880 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV - [2009/08/19 03:35:56 | 000,219,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/08/24 11:55:51 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/07/23 17:57:00 | 000,058,448 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010/07/23 17:56:00 | 000,169,552 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2010/07/23 17:56:00 | 000,053,840 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/07/02 03:14:00 | 001,015,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010/03/31 03:40:20 | 000,011,520 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009/11/23 12:42:56 | 000,083,344 | ---- | M] (Trend Micro Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2009/10/05 19:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/20 11:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009/07/01 06:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\6.0.2282.0\Firefox [2010/12/25 09:15:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/12/25 09:16:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/12/25 09:16:06 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\aprp.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\2.2.56.108\ASUSWSDashBoard.exe (eCareme)
O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
O4 - HKLM..\Run: [EeeSplendidAgent] C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe File not found
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\VizorHtmlDialog.exe (Trend Micro Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 78.104.112.9 78.104.112.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0768D34E-B842-4FC1-A2A6-B1EDBE12CF49}: DhcpNameServer = 137.208.3.3 137.208.8.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12CB40E7-E9AC-4B56-8AC7-2137BBB4FBF3}: DhcpNameServer = 78.104.112.9 78.104.112.4
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/19 11:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011/11/19 11:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\Panda USB Vaccine
[2011/11/19 11:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2011/11/19 11:48:33 | 000,848,856 | ---- | C] (Panda Security ) -- C:\Users\Saskia\Desktop\USBVaccineSetup.exe
[2011/11/19 00:39:05 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2011/11/19 00:36:03 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/11/19 00:35:23 | 000,000,000 | -HSD | C] -- C:\Boot
[2011/11/18 21:19:38 | 000,000,000 | ---D | C] -- C:\Users\Saskia\Documents\E-Cam
[2011/11/18 19:31:06 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2011/11/18 17:34:02 | 000,000,000 | ---D | C] -- C:\Users\Saskia\Desktop\CMMD I
[2011/11/18 17:10:24 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Roaming\Malwarebytes
[2011/11/18 17:10:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/18 17:10:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/18 17:09:59 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/11/18 17:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/18 17:08:40 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Saskia\Desktop\OTL.exe
[2011/11/18 16:52:03 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Roaming\Opera
[2011/11/18 16:52:03 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Local\Opera
[2011/11/18 16:51:29 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2011/11/18 15:15:31 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Roaming\PasswordSafe
[2011/11/18 15:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Safe and Repository 6
[2011/11/18 15:14:56 | 000,000,000 | ---D | C] -- C:\Program Files\Password Safe and Repository 6
[2011/11/18 15:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2011/11/18 14:58:09 | 000,000,000 | ---D | C] -- C:\temp
[2011/11/18 14:58:01 | 000,083,344 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmtdi.sys
[2011/11/18 14:57:56 | 000,169,552 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmcomm.sys
[2011/11/18 14:57:56 | 000,058,448 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmactmon.sys
[2011/11/18 14:57:56 | 000,053,840 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmevtmgr.sys
[2011/11/18 14:50:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/11/18 14:49:50 | 000,000,000 | ---D | C] -- C:\windows\ConfigSetRoot
[2011/11/18 14:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Cam
[2011/11/18 14:48:54 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Roaming\E-Cam
[2011/11/18 14:48:47 | 000,000,000 | ---D | C] -- C:\Program Files\E-Cam
[2011/11/18 14:47:19 | 000,000,000 | ---D | C] -- C:\windows\System32\Atheros_L1e
[2011/11/18 14:46:28 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2011/11/18 14:45:49 | 000,000,000 | ---D | C] -- C:\windows\System32\SRSLabs
[2011/11/18 14:45:47 | 000,000,000 | ---D | C] -- C:\windows\System32\RTCOM
[2011/11/18 14:45:17 | 001,775,136 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkPgExt.dll
[2011/11/18 14:45:17 | 001,083,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RTSndMgr.cpl
[2011/11/18 14:45:16 | 003,583,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkAPO.dll
[2011/11/18 14:45:16 | 000,367,136 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkApoApi.dll
[2011/11/18 14:45:16 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RTEEP32A.dll
[2011/11/18 14:45:16 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DHT32.dll
[2011/11/18 14:45:16 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DAA32.dll
[2011/11/18 14:45:16 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RTEED32A.dll
[2011/11/18 14:45:16 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RTEEL32A.dll
[2011/11/18 14:45:16 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RTEEG32A.dll
[2011/11/18 14:45:16 | 000,058,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkCoInst.dll
[2011/11/18 14:45:14 | 000,299,424 | ---- | C] (Fortemedia Corporation) -- C:\windows\System32\FMAPO.dll
[2011/11/18 14:45:14 | 000,145,760 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\AERTACap.dll
[2011/11/18 14:45:14 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\AERTARen.dll
[2011/11/18 14:45:13 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2011/11/18 14:45:13 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/11/18 14:45:12 | 001,247,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\RtlExUpd.dll
[2011/11/18 14:43:55 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Local\VirtualStore
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\AppData\Local\Temporary Internet Files
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\Templates
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\Start Menu
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\SendTo
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\Recent
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\PrintHood
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\NetHood
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\Documents\My Videos
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\Documents\My Pictures
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\Documents\My Music
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\My Documents
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\Local Settings
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\AppData\Local\History
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\Cookies
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\Application Data
[2011/11/18 14:43:52 | 000,000,000 | -HSD | C] -- C:\Users\Saskia\AppData\Local\Application Data
[2011/11/18 14:43:50 | 000,000,000 | R--D | C] -- C:\Users\Saskia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/11/18 14:43:50 | 000,000,000 | R--D | C] -- C:\Users\Saskia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/11/18 14:43:50 | 000,000,000 | R--D | C] -- C:\Users\Saskia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/11/18 14:43:50 | 000,000,000 | -H-D | C] -- C:\Users\Saskia\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/11/18 14:43:50 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Local\Windows Live
[2011/11/18 14:43:50 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Local\Temp
[2011/11/18 14:43:50 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Local\Microsoft
[2011/11/18 14:43:50 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Roaming\Macromedia
[2011/11/18 14:43:50 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Roaming\InstallShield
[2011/11/18 14:43:50 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Roaming\Identities
[2011/11/18 14:43:50 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Game Park
[2011/11/18 14:43:50 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Roaming\ASUS WebStorage
[2011/11/18 14:43:50 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Roaming\Adobe
[2011/11/18 14:43:50 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Local\Adobe
[2011/11/18 14:43:49 | 000,000,000 | --SD | C] -- C:\Users\Saskia\AppData\Roaming\Microsoft
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\Videos
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\Searches
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\Saved Games
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\Pictures
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\Music
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\Links
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\Favorites
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\Downloads
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\Documents
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\Desktop
[2011/11/18 14:43:49 | 000,000,000 | R--D | C] -- C:\Users\Saskia\Contacts
[2011/11/18 14:43:49 | 000,000,000 | -H-D | C] -- C:\Users\Saskia\AppData
[2011/11/18 14:43:49 | 000,000,000 | ---D | C] -- C:\Users\Saskia\AppData\Roaming\Mozilla
[2011/11/18 14:43:49 | 000,000,000 | ---D | C] -- C:\Users\Saskia\Documents\EBI
[2011/11/18 14:43:49 | 000,000,000 | ---D | C] -- C:\Users\Saskia\Documents\Bluetooth Exchange Folder
[2011/11/18 14:43:49 | 000,000,000 | ---D | C] -- C:\Users\Saskia\Documents\Asus WebStorage
[2011/11/18 14:43:26 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010/07/29 09:43:10 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys

========== Files - Modified Within 30 Days ==========

[2011/11/19 11:55:57 | 101,206,032 | ---- | M] () -- C:\Users\Saskia\Desktop\setup_kaspersky_removal_11.0.0.1245.x01_2011_08_05_09_12.exe
[2011/11/19 11:49:13 | 000,615,122 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/11/19 11:49:13 | 000,103,496 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/11/19 11:48:43 | 000,848,856 | ---- | M] (Panda Security ) -- C:\Users\Saskia\Desktop\USBVaccineSetup.exe
[2011/11/19 11:44:58 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/11/19 11:44:53 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/19 10:03:01 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/19 10:03:01 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/19 00:42:49 | 000,035,789 | ---- | M] () -- C:\windows\System32\license.rtf
[2011/11/18 20:16:55 | 000,014,512 | ---- | M] () -- C:\Users\Saskia\Desktop\316919_10150274521477406_520882405_7914981_6680577_n.jpg
[2011/11/18 19:31:06 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2011/11/18 17:10:07 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/18 17:08:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Saskia\Desktop\OTL.exe
[2011/11/18 16:51:46 | 000,001,779 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/11/18 15:15:04 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Password Safe 6.lnk
[2011/11/18 14:50:01 | 000,001,411 | ---- | M] () -- C:\Users\Saskia\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/18 14:48:43 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\eBay.lnk
[2011/11/18 14:48:43 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\E-Manual.lnk

========== Files Created - No Company Name ==========

[2011/11/19 09:57:07 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS
[2011/11/19 00:36:04 | 797,581,312 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/19 00:35:24 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2011/11/18 20:16:54 | 000,014,512 | ---- | C] () -- C:\Users\Saskia\Desktop\316919_10150274521477406_520882405_7914981_6680577_n.jpg
[2011/11/18 17:10:07 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/18 16:51:46 | 000,001,791 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011/11/18 16:51:46 | 000,001,779 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/11/18 15:15:04 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Password Safe 6.lnk
[2011/11/18 14:50:10 | 000,005,576 | ---- | C] () -- C:\windows\Language.ini
[2011/11/18 14:50:01 | 000,001,411 | ---- | C] () -- C:\Users\Saskia\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/18 14:48:43 | 000,001,160 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2011/11/18 14:48:43 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\E-Manual.lnk
[2011/11/18 14:45:20 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat
[2011/11/18 14:45:20 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat
[2011/11/18 14:43:50 | 000,001,871 | ---- | C] () -- C:\Users\Saskia\Desktop\MySyncFolder.lnk
[2011/11/18 14:43:50 | 000,001,417 | ---- | C] () -- C:\Users\Saskia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/11/18 14:43:50 | 000,000,290 | ---- | C] () -- C:\Users\Saskia\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/11/18 14:43:50 | 000,000,272 | ---- | C] () -- C:\Users\Saskia\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/12/25 09:09:37 | 000,219,136 | ---- | C] () -- C:\windows\System32\AsusService.exe
[2010/12/25 09:09:36 | 000,025,616 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini
[2010/12/25 09:08:07 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/12/25 09:06:23 | 000,011,520 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys
[2010/12/25 09:05:40 | 000,000,702 | ---- | C] () -- C:\windows\Reboot.ini
[2010/12/25 09:01:08 | 000,451,072 | ---- | C] () -- C:\windows\System32\ISSRemoveSP.exe
[2010/12/25 09:00:37 | 000,014,051 | ---- | C] () -- C:\windows\System32\RaCoInst.dat
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,257,736 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,615,122 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,103,496 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2009/02/26 08:50:32 | 000,000,176 | ---- | C] () -- C:\windows\explorer.exe.config

< End of report >

OTL Extras logfile created on: 11/19/2011 11:52:22 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Saskia\Desktop
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.18 Mb Total Physical Memory | 590.82 Mb Available Physical Memory | 58.26% Memory free
1.99 Gb Paging File | 1.59 Gb Available in Paging File | 80.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 83.55 Gb Free Space | 83.55% Space Free | Partition Type: NTFS
Drive D: | 117.87 Gb Total Space | 117.77 Gb Free Space | 99.92% Space Free | Partition Type: NTFS

Computer Name: SASKIA-PC | User Name: Saskia | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0A455897-C606-4958-AD34-6DF0430D184B}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{10668AA3-490D-46C1-B606-A621451998EF}" = Password Safe and Repository 6
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{185AFA7A-F63E-450B-94AA-011CAC18090E}" = E-Cam
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{269FAF4C-8237-49A4-8440-6560FF15B4B0}" = Windows Live UX Platform Language Pack
"{2719ED2A-F6F5-4CA4-B248-A48FFE75DB84}" = Windows Live UX Platform Language Pack
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2852BC06-B850-4518-97E6-CD136FE75683}" = Windows Live Remote Client Resources
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3FD1CB9F-807F-451B-926C-9D19C84CFC61}" = Messenger Suradnik
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4B5092B6-F231-4D18-83BC-2618B729CA45}" = CapsHook
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{61A5DE19-BE38-45AF-A9BC-73E49703315E}" = Windows Live Remote Service Resources
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{6255D9FC-427F-4867-84DB-164DBEA0661F}" = Windows Live Remote Client Resources
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B318C80-7BE4-4D79-9F53-4290958EA984}" = Windows Live UX Platform Language Pack
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DD3B54B-F0D0-4A69-8344-F52033225A02}" = Messenger Companion
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{77C4850C-3592-4A2F-B652-ACB77A1EF77C}" = Bing Bar Platform
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{859D40CF-8491-44AD-8FA8-7389CB418C64}" = 32 Bit HP CIO Components Installer
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A3163358-58E0-4203-9517-E9CAADAB94C2}" = Windows Live Family Safety
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC259A12-6CD9-486D-A97A-B619EB46225A}" = Windows Live Remote Service Resources
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AFEBFEAC-7D1C-40A0-9285-09631C27310E}" = Windows Live Family Safety
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B6F55C3E-30EE-4D25-8BAD-CEE4BF8C78EB}" = Windows Live Remote Client Resources
"{B73CC376-C28E-4FC9-8C0B-493695640E7E}" = Windows Live Family Safety
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{BA8D4CEF-D23D-44AB-8A89-66E602253791}" = Windows Live Remote Service Resources
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D44AA979-47C2-4BC0-A860-09A54224EA44}_is1" = Game Park Console
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D802DD00-16A8-4A58-AFC9-020C2380ECDA}" = EeeSplendid
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E7F55ECB-CC70-4008-ADC9-29AA1512808A}" = Windows Live Family Safety
"{E7FB0043-24A5-4B30-AED6-01B47B44CB67}" = Windows Live Remote Client Resources
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F14F9EE9-9B68-42B4-90F7-0924F7619281}" = Spremljevalec Messenger
"{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}" = ebi.BookReader3J
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F81DB83D-A016-45A6-A6A0-135B1E6939EF}" = Windows Live Remote Service Resources
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}" = Помощник на Messenger
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASUS VIBE" = ASUS VIBE
"ASUS WebStorage" = ASUS WebStorage
"B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)
"B5C82F3814F82FB37F1513B3185399BD88892B08" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Eee Docking_is1" = Eee Docking 3.8.1
"Elantech" = ETDWare PS/2-x86 7.0.5.13_WHQL
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Opera 11.52.1100" = Opera 11.52
"WinLiveSuite" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/18/2011 8:46:49 AM | Computer Name = Saskia-PC | Source = VSS | ID = 8194
Description =

Error - 11/18/2011 8:49:55 AM | Computer Name = Saskia-PC | Source = ESENT | ID = 215
Description = WinMail (4004) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 11/18/2011 11:22:37 AM | Computer Name = Saskia-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.31.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 304 Start Time:
01cca604e3df6afa Termination Time: 0 Application Path: C:\Users\Saskia\Desktop\OTL.exe

Report
Id:

[ System Events ]
Error - 11/19/2011 5:11:40 AM | Computer Name = Saskia-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 11/19/2011 5:11:40 AM | Computer Name = Saskia-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 11/19/2011 5:11:40 AM | Computer Name = Saskia-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 11/19/2011 5:11:40 AM | Computer Name = Saskia-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 11/19/2011 5:11:40 AM | Computer Name = Saskia-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 11/19/2011 5:45:03 AM | Computer Name = Saskia-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AsUpIO discache spldr tmtdi Wanarpv6

Error - 11/19/2011 5:45:43 AM | Computer Name = Saskia-PC | Source = DCOM | ID = 10005
Description =

Error - 11/19/2011 5:45:49 AM | Computer Name = Saskia-PC | Source = DCOM | ID = 10005
Description =

Error - 11/19/2011 5:45:51 AM | Computer Name = Saskia-PC | Source = DCOM | ID = 10005
Description =

Error - 11/19/2011 5:45:51 AM | Computer Name = Saskia-PC | Source = DCOM | ID = 10005
Description =


< End of report >

Viele Liebe Gruesse und ich danke im Vorhinein fuer eure Hilfe !

Alt 20.11.2011, 13:38   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR! - Standard

RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR!


Zitat:
schonhelft oefter hilft nix ....kommt immer wieder.........
Dann machst du definitiv was falsch.
Beachte den Artikel zur Neuinstallation von Windows.
__________________

__________________
Antwort

Themen zu RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR!
32 bit, computer, defender, error, explorer, firefox, flash player, format, helper, install.exe, installation, kaspersky, launch, log file, logfile, mbamservice.exe, opera, panda usb vaccine, problem, realtek, recycler virus, registry, rundll, scan, security, shell32.dll, software, stick, usb, version=1.0, virus, webcheck, windows, windows live mesh


« Merkwürdiges Ergebnis bei aswMBR | conserv.dll Virus entfernen »


Ähnliche Themen: RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR!


  1. ihavenet Virus Bitte helft mir!
    Plagegeister aller Art und deren Bekämpfung - 17.10.2013 (11)
  2. Virus befällt externe Festplatte und USB-Sticks, Recycler-Ordner
    Plagegeister aller Art und deren Bekämpfung - 10.09.2012 (9)
  3. Bitte bitte helft mir trojaner legt alles lahm :(wichtiges dokument noch bis morgen.
    Plagegeister aller Art und deren Bekämpfung - 22.03.2009 (10)
  4. Ich habe Virus Alert, bitte helft mir....:)
    Mülltonne - 12.08.2008 (0)
  5. Vundo-Virus. Bitte helft mir!
    Log-Analyse und Auswertung - 20.03.2008 (6)
  6. Habe ich ein virus bitte helft mir?
    Log-Analyse und Auswertung - 29.01.2008 (2)
  7. Bitte helft mir mein System von Trojaner/Virus zu befreien
    Mülltonne - 16.12.2007 (1)
  8. Virus Roberto, bitte helft mir!
    Mülltonne - 07.06.2007 (2)
  9. hab 1 Trojna und jetzt noch ein virus!wie krieg ih die weg?bitte helft mir:(
    Mülltonne - 04.04.2007 (0)
  10. Dringend hilfe gebraucht! Virus per ICQ!! bitte helft mir!
    Plagegeister aller Art und deren Bekämpfung - 26.12.2006 (6)
  11. Dringend hilfe gebraucht! Virus per ICQ!! bitte helft mir!
    Mülltonne - 22.12.2006 (1)
  12. Problem mit Virus(?) rmtag2.js Bitte Helft mir
    Plagegeister aller Art und deren Bekämpfung - 12.06.2006 (3)
  13. Your computer is infected bitte helft mir!!
    Log-Analyse und Auswertung - 02.12.2005 (5)
  14. Bitte helft mir! Ich habe einen Virus (ESS.BAT ist weg)
    Log-Analyse und Auswertung - 10.05.2005 (19)
  15. Neuer Virus bitte helft mir
    Plagegeister aller Art und deren Bekämpfung - 19.11.2004 (14)
  16. Bitte helft mir!!!Home Search Virus
    Log-Analyse und Auswertung - 15.10.2004 (4)
  17. Bitte helft mir - Virus/Wurmbefall??
    Plagegeister aller Art und deren Bekämpfung - 14.10.2004 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR! - Bitte helft mir mein Notebook ist mit Recycler virus infiziert und Malwarebytes erkennt nichts! Wie kann ich Virus loeschen ohne Daten vom Stick zu loeschen ? Computer ist egal keine - RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR!...
Archiv
Du betrachtest: RECYCLER Virus ! Computer & USB Sticks infiziert BITTE BITTE HELFT MIR! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129