Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Facebook Viren

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.08.2011, 09:35   #1
Yannick11
 
Facebook Viren - Standard

Facebook Viren



Hallo! Bin neu hier, ich hoffe ihr könnt mir helfen. Habe eure Checkliste ausgeführt und diese Logdatei erstellt. Mein Facebookaccount verschickt Nachrichten mit einem Link, der einen Virus enthält.

Hallo,

den Scan den ich durch geführt habe, hat der jetzt alle Viren/trojaner entfernt oder muss ich noch einen weiteren Schritt machen.

Danke sagt

Lia

Hallo,

ich habe jetzt noch Maleware laufen lassen

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Datenbank Version: 7480

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

16.08.2011 20:09:15
mbam-log-2011-08-16 (20-09-15).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 167659
Laufzeit: 2 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 61

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Lia\AppData\Local\Temp\0110869.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\0172002.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\0192215.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\0541843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\0699965.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1220679.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1231087.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1311722.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1470390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1567401.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1754388.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1773753.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1843171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1888676.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\2132108.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\2673754.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\2697859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\2724174.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\3071781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\3398514.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\3962979.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\4189014.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\4650154.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\4826902.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\5010279.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\5250337.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6105724.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6216395.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6239418.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6496131.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6497967.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6705731.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6829317.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6951573.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7127324.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7393057.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7687291.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7779816.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7991283.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7991731.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\8065306.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\8119215.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\8358573.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\8749273.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\8794957.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9139875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9146637.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9153643.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9319543.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9464327.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9531070.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9666571.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9738445.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9743474.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9745229.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9781810.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9789671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9818584.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9963238.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9987863.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Roaming\msnsvconfig.txt (Malware.Trace) -> Quarantined and deleted successfully.
Angehängte Dateien
Dateityp: txt log.txt (16,5 KB, 179x aufgerufen)

Alt 17.08.2011, 10:59   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Facebook Viren - Standard

Facebook Viren



Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!


Danach OTL-Custom:


CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die Textbox.
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________

__________________

Alt 17.08.2011, 16:46   #3
Yannick11
 
Facebook Viren - Standard

Facebook Viren



Hallo,

ich hoffe doch, das ich alles richtig gemacht habe. Hier kommt das Ergebnis.

LiaOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 17.08.2011 17:32:24 - Run 1
OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Lia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,54 Gb Available Physical Memory | 63,48% Memory free
8,00 Gb Paging File | 6,32 Gb Available in Paging File | 79,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424,66 Gb Total Space | 325,03 Gb Free Space | 76,54% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 29,19 Gb Free Space | 72,98% Space Free | Partition Type: NTFS
 
Computer Name: LIA-PC | User Name: Lia Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.08.17 15:57:05 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Lia\Desktop\OTL.exe
PRC - [2011.07.06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.07.01 08:05:54 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.26 12:26:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.05.20 16:56:18 | 000,724,536 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2011.04.30 09:42:38 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.31 16:48:36 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2011.03.31 14:38:26 | 000,140,288 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011.03.21 13:19:36 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2011.03.04 14:36:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2007.11.02 14:52:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.08.15 13:20:54 | 000,076,288 | ---- | M] () -- C:\Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko5.dll
MOD - [2011.08.12 14:47:19 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e47bab16c150f9697594d8fd65532578\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2011.08.12 14:47:18 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011.08.12 14:46:47 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011.08.12 14:46:23 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011.08.12 14:46:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011.08.12 14:46:15 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011.08.12 14:46:03 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011.06.26 12:26:14 | 001,850,328 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.05.20 16:54:16 | 010,837,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll
MOD - [2011.05.20 16:54:16 | 008,166,912 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll
MOD - [2011.05.20 16:54:16 | 002,551,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll
MOD - [2011.05.20 16:54:16 | 002,282,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll
MOD - [2011.05.20 16:54:16 | 002,246,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll
MOD - [2011.05.20 16:54:16 | 001,288,192 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll
MOD - [2011.05.20 16:54:16 | 000,913,920 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll
MOD - [2011.05.20 16:54:16 | 000,676,864 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll
MOD - [2011.05.20 16:54:16 | 000,340,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll
MOD - [2011.05.20 16:54:16 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll
MOD - [2011.05.20 16:54:16 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll
MOD - [2011.05.20 16:54:16 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll
MOD - [2011.05.20 16:54:16 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll
MOD - [2011.05.20 16:30:06 | 000,508,416 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll
MOD - [2011.05.20 16:30:04 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll
MOD - [2011.05.20 16:29:34 | 000,924,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll
MOD - [2011.05.20 16:29:18 | 000,422,800 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\ssoengine.dll
MOD - [2011.05.20 16:29:18 | 000,387,976 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll
MOD - [2011.05.20 16:29:18 | 000,060,816 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\securestorage.dll
MOD - [2011.05.20 16:28:18 | 000,687,616 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll
MOD - [2011.04.11 21:29:22 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.02.07 10:05:18 | 000,163,840 | ---- | M] () -- C:\Windows\SysWOW64\hppatusg01.dll
MOD - [2007.11.02 14:52:40 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPUsageTracking.dll
MOD - [2007.11.02 14:52:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe
MOD - [2007.11.02 14:52:38 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPToolkit.dll
MOD - [2007.11.02 14:52:38 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\Enumeration.dll
MOD - [2007.11.02 14:52:22 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPTools.dll
MOD - [2007.11.02 14:52:16 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPStreamsInterface.dll
MOD - [2005.07.20 11:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.04.12 11:18:14 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.08.18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.01 08:05:54 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.15 13:23:20 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2011.04.30 09:42:38 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.12 11:22:46 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.04.12 11:18:06 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.07.01 08:05:54 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.07.01 08:05:54 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 15:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2010.12.02 15:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.12.02 15:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.12.02 15:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.09 08:49:52 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010.08.31 12:09:00 | 000,256,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2010.08.07 11:49:04 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.07.27 03:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2009.09.10 16:50:06 | 000,923,648 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009.08.18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010.02.24 14:41:50 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.06.12 16:26:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.26 12:26:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.18 10:01:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.06.12 16:26:49 | 000,000,000 | ---D | M]
 
[2011.03.15 13:21:54 | 000,000,931 | ---- | M] () -- \Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\searchplugins\conduit.xml
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- 
[2011.08.16 06:20:06 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[2011.08.16 20:55:35 | 000,000,000 | ---D | M] (WOT) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}
[2011.04.04 21:49:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
() (No name found) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.08.12 19:33:39 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{E001C731-5E37-4538-A5CB-8168736A2360}
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdblockPro) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\ADBLOCK@ADBLOCKPRO.COM
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdobeReader) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\PDFREADER@ADOBE.COM
[2011.06.26 12:26:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AdblockPro) - {04F2568A-3E7A-422D-A71E-DC088A635F7D} - C:\Users\Lia\AppData\Roaming\AdblockPro\IE\AdblockPro.dll (Adblock Pro Inc.)
O2 - BHO: (AdobeReader) - {AC6401E9-813B-46DA-B06F-A4FFA2F9AE6D} - C:\Users\Lia\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [PrnStatusMX] C:\Programme\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Videos
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Pictures
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Music
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Links
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Favorites
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Downloads
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Documents
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Desktop
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Vorlagen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Startmenü
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\SendTo
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Recent
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Netzwerkumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Lokale Einstellungen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Eigene Dateien
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Druckumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Cookies
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Anwendungsdaten
[2011.08.17 15:57:25 | 000,000,000 | -H-D | C] -- C:\Users\Lia Admin\AppData
[2011.08.17 15:57:25 | 000,000,000 | ---D | C] -- C:\Users\Lia Admin\Saved Games
[2011.08.16 19:54:18 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.08.16 19:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.08.16 19:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.08.16 19:54:13 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.08.16 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.08.15 22:35:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.17 16:52:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.17 16:52:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.17 09:16:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.17 09:15:53 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.16 21:03:27 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2011.08.16 19:54:18 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.12 14:03:53 | 001,519,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.08.12 14:03:53 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.08.12 14:03:53 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.08.12 14:03:53 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.08.12 14:03:53 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.08.10 09:24:14 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.08.06 20:48:24 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.06 20:48:24 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
 
========== Files Created - No Company Name ==========
 
[2011.08.16 19:54:18 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.14 18:37:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.05 22:03:49 | 006,108,456 | R--- | C] () -- \hpcljcp1215drv32.cab
[2011.04.05 22:03:49 | 001,712,128 | ---- | C] () -- \ProductInst.exe
[2011.04.05 22:03:49 | 000,434,371 | R--- | C] () -- \hpcljcp1215_deww.cab
[2011.04.05 22:03:49 | 000,434,371 | ---- | C] () -- \hpcljcp1215_enww.cab
[2011.04.05 22:03:49 | 000,316,416 | R--- | C] () -- \DIFxAPI.dll
[2011.04.05 22:03:49 | 000,208,896 | ---- | C] () -- \Strings.dll
[2011.04.05 22:03:49 | 000,118,335 | R--- | C] () -- \hp121532.cat
[2011.04.05 22:03:49 | 000,069,632 | ---- | C] () -- \WpInstall.exe
[2011.04.05 22:03:49 | 000,015,212 | R--- | C] () -- \HPCP1215.INF
[2011.04.05 22:03:49 | 000,000,736 | R--- | C] () -- \properties.ini
[2011.04.05 22:03:49 | 000,000,039 | R--- | C] () -- \SUcp1215.VER
[2011.03.31 20:17:08 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.03.21 21:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.21 21:02:09 | 3220,561,920 | -HS- | C] () -- \hiberfil.sys
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.02.07 10:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.08.04 10:24:31 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< Malwarebytes' Anti-Malware 1.51.1.1800 >
 
< Malwarebytes : Free anti-malware, anti-virus and spyware removal download >
 
<  >
 
< Datenbank Version: 7480 >
 
<  >
 
< Windows 6.1.7601 Service Pack 1 >
 
< Internet Explorer 9.0.8112.16421 >
 
<  >
 
< 17.08.2011 17:01:46 >
 
< mbam-log-2011-08-17 (17-01-46).txt >
 
<  >
 
< Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) >
 
< Durchsuchte Objekte: 320112 >
 
< Laufzeit: 1 Stunde(n), 1 Minute(n), 52 Sekunde(n) >
 
<  >
 
< Infizierte Speicherprozesse: 0 >
 
< Infizierte Speichermodule: 0 >
 
< Infizierte Registrierungsschlüssel: 0 >
 
< Infizierte Registrierungswerte: 0 >
 
< Infizierte Dateiobjekte der Registrierung: 0 >
 
< Infizierte Verzeichnisse: 0 >
 
< Infizierte Dateien: 0 >
 
<  >
 
< Infizierte Speicherprozesse: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Speichermodule: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Registrierungsschlüssel: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Registrierungswerte: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Dateiobjekte der Registrierung: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Verzeichnisse: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Dateien: >
 
< (Keine bösartigen Objekte gefunden) >

< End of report >
         
--- --- ---
__________________

Alt 17.08.2011, 21:12   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Facebook Viren - Standard

Facebook Viren



Und der Vollscan mit Malwarebytes?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.08.2011, 21:19   #5
Yannick11
 
Facebook Viren - Standard

Facebook Viren



Hallo,

hier kommt er :-), sorry

Lia

Malwarebytes' Anti-Malware 1.51.1.1800
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 7480

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

17.08.2011 17:01:46
mbam-log-2011-08-17 (17-01-46).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 320112
Laufzeit: 1 Stunde(n), 1 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


Alt 17.08.2011, 22:00   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Facebook Viren - Standard

Facebook Viren



Führ bitte auch ESET aus, danach sehen wir weiter:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
--> Facebook Viren

Alt 22.08.2011, 13:04   #7
Yannick11
 
Facebook Viren - Standard

Facebook Viren



Hallo,

hier kommt die Datei.

Lia


ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=f81b7f478c9cae49b262e4f9663c113e
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-15 10:08:00
# local_time=2011-08-16 12:08:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1797 16775165 100 94 218782 49981766 263380 0
# compatibility_mode=5893 16776573 100 94 302986 65071195 0 0
# compatibility_mode=8192 67108863 100 0 812 812 0 0
# scanned=181306
# found=92
# cleaned=92
# scan_time=4735
C:\$Recycle.Bin\S-1-5-21-1084300786-1220908116-2246298836-1000\$RUH642I.scr a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4DV04SKF\ok[1].exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IW08VRRG\brun[1].exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIE9ACIR\bz[1].zip a variant of Win32/Injector.IPE trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIE9ACIR\fac[1].exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIE9ACIR\hi[1].exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YMXESO50\bc[1].zip a variant of Win32/Injector.IPF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YMXESO50\bzt[1].exe a variant of Win32/Kryptik.RRC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YMXESO50\ox[1].zip a variant of Win32/Injector.IPG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0185664.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0311589.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\03147.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0330381.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0442309.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0503884.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0618097.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0650783.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0876952.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0889697.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0954354.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0998545.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\1100263.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\1202346.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\1312849.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\1327271.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\1505050.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2007446.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2012411.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2070142.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2077489.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2206635.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2231847.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2291234.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2737929.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2949916.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3029862.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3039682.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3362109.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3437213.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3443450.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3484341.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3742883.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3891093.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3896865.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3930865.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\4109270.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\4548690.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\4632213.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\4784060.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\4979756.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5197751.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5239699.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5326323.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5358000.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5382448.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5610251.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5891465.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5916965.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5927959.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5929300.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6016282.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6118099.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6227095.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6257390.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6335379.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6385569.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6511798.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6514387.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6536465.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6802327.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6856967.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7009330.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7057696.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7469153.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7605747.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7665651.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7828768.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\8438090.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\8821514.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9020588.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9169464.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9176284.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9220248.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9222248.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9728101.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9798825.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9938686.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\tmp08.exe a variant of Win32/Injector.IPF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\Temporary Internet Files\Content.IE5\OY2DYDGG\kbc[1].exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\Temporary Internet Files\Content.IE5\V1TF59AE\uh[1].exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\Cache\igfxdl32.exe a variant of Win32/Kryptik.RRC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\M-1-54-6324-575-5275\winsvc.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=f81b7f478c9cae49b262e4f9663c113e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-16 08:17:53
# local_time=2011-08-16 10:17:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 246352 50009336 290950 0
# compatibility_mode=5893 16776573 100 94 330556 65098765 0 0
# compatibility_mode=8192 67108863 100 0 28382 28382 0 0
# scanned=181213
# found=4
# cleaned=0
# scan_time=13779
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIE9ACIR\ok[1].exe a variant of Win32/Injector.IPH trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lia\AppData\Local\Temp\5010279.exe a variant of Win32/Injector.IPH trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lia\AppData\Local\Temp\6705731.exe a variant of Win32/Injector.IPH trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lia\AppData\Local\Temp\7127324.exe a variant of Win32/Injector.IPH trojan (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=f81b7f478c9cae49b262e4f9663c113e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-22 10:47:05
# local_time=2011-08-22 12:47:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 88407 50540559 81073 0
# compatibility_mode=5893 16776573 100 94 260916 65629988 0 0
# compatibility_mode=8192 67108863 100 0 559605 559605 0 0
# scanned=189322
# found=1
# cleaned=0
# scan_time=9907
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIE9ACIR\ok[1].exe a variant of Win32/Injector.IPH trojan (unable to clean) 00000000000000000000000000000000 I

Alt 22.08.2011, 18:30   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Facebook Viren - Standard

Facebook Viren



Beim OTL-CustomScan ist was schiefgelaufen, bitte nochmal richtig wiederholen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.08.2011, 07:04   #9
Yannick11
 
Facebook Viren - Standard

Facebook Viren



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.08.2011 07:51:21 - Run 2
OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Lia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 64,67% Memory free
8,00 Gb Paging File | 6,35 Gb Available in Paging File | 79,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424,66 Gb Total Space | 324,03 Gb Free Space | 76,30% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 29,19 Gb Free Space | 72,98% Space Free | Partition Type: NTFS
 
Computer Name:***** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Lia\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko5.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e47bab16c150f9697594d8fd65532578\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtCore.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtWeb.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\qjson.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\ssoengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\securestorage.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\SysWOW64\hppatusg01.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPUsageTracking.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPToolkit.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\Enumeration.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPTools.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPStreamsInterface.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (acpials) -- C:\Windows\SysNative\drivers\acpials.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.26 12:26:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.18 10:01:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.08.22 17:10:28 | 000,000,000 | ---D | M]
 
[2011.03.15 13:21:54 | 000,000,931 | ---- | M] () -- \Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\searchplugins\conduit.xml
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- 
[2011.08.16 06:20:06 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[2011.08.16 20:55:35 | 000,000,000 | ---D | M] (WOT) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}
[2011.04.04 21:49:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
() (No name found) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.08.12 19:33:39 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{E001C731-5E37-4538-A5CB-8168736A2360}
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdblockPro) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\ADBLOCK@ADBLOCKPRO.COM
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdobeReader) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\PDFREADER@ADOBE.COM
[2011.06.26 12:26:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AdblockPro) - {04F2568A-3E7A-422D-A71E-DC088A635F7D} - C:\Users\Lia\AppData\Roaming\AdblockPro\IE\AdblockPro.dll (Adblock Pro Inc.)
O2 - BHO: (AdobeReader) - {AC6401E9-813B-46DA-B06F-A4FFA2F9AE6D} - C:\Users\Lia\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [PrnStatusMX] C:\Programme\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [mctadmin]  File not found
O4 - HKCU..\RunOnce: [NokiaOviSuite.exe] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.22 17:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2011.08.22 17:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011.08.22 17:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Videos
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Pictures
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Music
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Links
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Favorites
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Downloads
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Documents
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Desktop
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Vorlagen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Startmenü
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\SendTo
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Recent
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Netzwerkumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Lokale Einstellungen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Eigene Dateien
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Druckumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Cookies
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Anwendungsdaten
[2011.08.17 15:57:25 | 000,000,000 | -H-D | C] -- C:\Users\Lia Admin\AppData
[2011.08.17 15:57:25 | 000,000,000 | ---D | C] -- C:\Users\Lia Admin\Saved Games
[2011.08.16 19:54:18 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.08.16 19:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.08.16 19:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.08.16 19:54:13 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.08.16 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.08.15 22:35:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011.08.12 14:01:00 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.08.12 14:01:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.08.12 14:00:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.08.12 14:00:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.08.12 14:00:57 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.08.12 14:00:57 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.08.12 14:00:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.08.12 14:00:56 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.08.12 14:00:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.08.12 10:33:17 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.08.12 10:33:17 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.08.12 10:33:16 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.08.10 21:43:36 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.08.10 21:43:36 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.08.10 21:43:35 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.08.10 21:43:35 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.08.10 21:43:35 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.08.10 21:43:35 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.08.10 21:43:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.08.10 21:43:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.08.10 21:43:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.08.10 21:43:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.08.10 21:43:35 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 21:43:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.08.10 21:43:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 21:43:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.08.10 20:20:05 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.08.10 20:20:05 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.08.10 20:20:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.08.10 20:20:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.08.10 20:20:05 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.08.10 20:20:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011.08.10 20:20:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011.08.10 20:20:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011.08.10 20:20:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011.08.10 19:11:33 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.23 07:48:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.23 07:48:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.23 07:41:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.23 07:41:22 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.22 17:11:37 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011.08.16 21:03:27 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2011.08.16 19:54:18 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.15 13:18:44 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.08.12 14:03:53 | 001,519,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.08.12 14:03:53 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.08.12 14:03:53 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.08.12 14:03:53 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.08.12 14:03:53 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.08.10 09:24:14 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.08.06 20:48:24 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.06 20:48:24 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
 
========== Files Created - No Company Name ==========
 
[2011.08.22 17:11:37 | 000,002,100 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011.08.16 19:54:18 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.14 18:37:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.05 22:03:49 | 006,108,456 | R--- | C] () -- \hpcljcp1215drv32.cab
[2011.04.05 22:03:49 | 001,712,128 | ---- | C] () -- \ProductInst.exe
[2011.04.05 22:03:49 | 000,434,371 | R--- | C] () -- \hpcljcp1215_deww.cab
[2011.04.05 22:03:49 | 000,434,371 | ---- | C] () -- \hpcljcp1215_enww.cab
[2011.04.05 22:03:49 | 000,316,416 | R--- | C] () -- \DIFxAPI.dll
[2011.04.05 22:03:49 | 000,208,896 | ---- | C] () -- \Strings.dll
[2011.04.05 22:03:49 | 000,118,335 | R--- | C] () -- \hp121532.cat
[2011.04.05 22:03:49 | 000,069,632 | ---- | C] () -- \WpInstall.exe
[2011.04.05 22:03:49 | 000,015,212 | R--- | C] () -- \HPCP1215.INF
[2011.04.05 22:03:49 | 000,000,736 | R--- | C] () -- \properties.ini
[2011.04.05 22:03:49 | 000,000,039 | R--- | C] () -- \SUcp1215.VER
[2011.03.31 20:17:08 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.03.21 21:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.21 21:02:09 | 3220,561,920 | -HS- | C] () -- \hiberfil.sys
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.02.07 10:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.08.04 10:24:31 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

Alt 23.08.2011, 07:06   #10
Yannick11
 
Facebook Viren - Standard

Facebook Viren



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.08.2011 07:51:21 - Run 2
OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Lia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 64,67% Memory free
8,00 Gb Paging File | 6,35 Gb Available in Paging File | 79,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424,66 Gb Total Space | 324,03 Gb Free Space | 76,30% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 29,19 Gb Free Space | 72,98% Space Free | Partition Type: NTFS
 
Computer Name:***** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Lia\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko5.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e47bab16c150f9697594d8fd65532578\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtCore.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtWeb.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\qjson.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\ssoengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\securestorage.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\SysWOW64\hppatusg01.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPUsageTracking.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPToolkit.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\Enumeration.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPTools.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPStreamsInterface.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (acpials) -- C:\Windows\SysNative\drivers\acpials.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.26 12:26:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.18 10:01:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.08.22 17:10:28 | 000,000,000 | ---D | M]
 
[2011.03.15 13:21:54 | 000,000,931 | ---- | M] () -- \Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\searchplugins\conduit.xml
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- 
[2011.08.16 06:20:06 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[2011.08.16 20:55:35 | 000,000,000 | ---D | M] (WOT) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}
[2011.04.04 21:49:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
() (No name found) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.08.12 19:33:39 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{E001C731-5E37-4538-A5CB-8168736A2360}
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdblockPro) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\ADBLOCK@ADBLOCKPRO.COM
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdobeReader) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\PDFREADER@ADOBE.COM
[2011.06.26 12:26:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AdblockPro) - {04F2568A-3E7A-422D-A71E-DC088A635F7D} - C:\Users\Lia\AppData\Roaming\AdblockPro\IE\AdblockPro.dll (Adblock Pro Inc.)
O2 - BHO: (AdobeReader) - {AC6401E9-813B-46DA-B06F-A4FFA2F9AE6D} - C:\Users\Lia\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [PrnStatusMX] C:\Programme\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [mctadmin]  File not found
O4 - HKCU..\RunOnce: [NokiaOviSuite.exe] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.22 17:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2011.08.22 17:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011.08.22 17:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Videos
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Pictures
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Music
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Links
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Favorites
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Downloads
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Documents
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Desktop
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Vorlagen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Startmenü
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\SendTo
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Recent
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Netzwerkumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Lokale Einstellungen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Eigene Dateien
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Druckumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Cookies
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Anwendungsdaten
[2011.08.17 15:57:25 | 000,000,000 | -H-D | C] -- C:\Users\Lia Admin\AppData
[2011.08.17 15:57:25 | 000,000,000 | ---D | C] -- C:\Users\Lia Admin\Saved Games
[2011.08.16 19:54:18 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.08.16 19:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.08.16 19:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.08.16 19:54:13 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.08.16 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.08.15 22:35:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011.08.12 14:01:00 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.08.12 14:01:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.08.12 14:00:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.08.12 14:00:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.08.12 14:00:57 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.08.12 14:00:57 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.08.12 14:00:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.08.12 14:00:56 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.08.12 14:00:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.08.12 10:33:17 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.08.12 10:33:17 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.08.12 10:33:16 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.08.10 21:43:36 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.08.10 21:43:36 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.08.10 21:43:35 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.08.10 21:43:35 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.08.10 21:43:35 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.08.10 21:43:35 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.08.10 21:43:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.08.10 21:43:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.08.10 21:43:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.08.10 21:43:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.08.10 21:43:35 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 21:43:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.08.10 21:43:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 21:43:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.08.10 20:20:05 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.08.10 20:20:05 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.08.10 20:20:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.08.10 20:20:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.08.10 20:20:05 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.08.10 20:20:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011.08.10 20:20:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011.08.10 20:20:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011.08.10 20:20:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011.08.10 19:11:33 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.23 07:48:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.23 07:48:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.23 07:41:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.23 07:41:22 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.22 17:11:37 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011.08.16 21:03:27 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2011.08.16 19:54:18 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.15 13:18:44 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.08.12 14:03:53 | 001,519,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.08.12 14:03:53 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.08.12 14:03:53 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.08.12 14:03:53 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.08.12 14:03:53 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.08.10 09:24:14 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.08.06 20:48:24 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.06 20:48:24 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
 
========== Files Created - No Company Name ==========
 
[2011.08.22 17:11:37 | 000,002,100 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011.08.16 19:54:18 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.14 18:37:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.05 22:03:49 | 006,108,456 | R--- | C] () -- \hpcljcp1215drv32.cab
[2011.04.05 22:03:49 | 001,712,128 | ---- | C] () -- \ProductInst.exe
[2011.04.05 22:03:49 | 000,434,371 | R--- | C] () -- \hpcljcp1215_deww.cab
[2011.04.05 22:03:49 | 000,434,371 | ---- | C] () -- \hpcljcp1215_enww.cab
[2011.04.05 22:03:49 | 000,316,416 | R--- | C] () -- \DIFxAPI.dll
[2011.04.05 22:03:49 | 000,208,896 | ---- | C] () -- \Strings.dll
[2011.04.05 22:03:49 | 000,118,335 | R--- | C] () -- \hp121532.cat
[2011.04.05 22:03:49 | 000,069,632 | ---- | C] () -- \WpInstall.exe
[2011.04.05 22:03:49 | 000,015,212 | R--- | C] () -- \HPCP1215.INF
[2011.04.05 22:03:49 | 000,000,736 | R--- | C] () -- \properties.ini
[2011.04.05 22:03:49 | 000,000,039 | R--- | C] () -- \SUcp1215.VER
[2011.03.31 20:17:08 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.03.21 21:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.21 21:02:09 | 3220,561,920 | -HS- | C] () -- \hiberfil.sys
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.02.07 10:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.08.04 10:24:31 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

Alt 23.08.2011, 10:52   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Facebook Viren - Standard

Facebook Viren



Sry aber kopierst du auch wikrlich an angegeben Text aus der Codebox ins Textfeld von OTL? Sieht mir nämlich nicht danach aus.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.08.2011, 14:45   #12
Yannick11
 
Facebook Viren - Standard

Facebook Viren



Ja, wenn der Scan beendet ist geht ein Fenster auf, diese Daten habe ich dann kopiert und eingefügt. Was mache ich falsch?

Lia

Alt 23.08.2011, 14:48   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Facebook Viren - Standard

Facebook Viren



Du klickst auch auf den Button alles kopieren über der Codebox, damit wirklich der gesamte Text kopiert wird?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.08.2011, 14:53   #14
Yannick11
 
Facebook Viren - Standard

Facebook Viren



Ich mach es noch mal

Alt 23.08.2011, 15:22   #15
Yannick11
 
Facebook Viren - Standard

Facebook Viren



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23.08.2011 07:51:21 - Run 2
OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Lia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 64,67% Memory free
8,00 Gb Paging File | 6,35 Gb Available in Paging File | 79,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424,66 Gb Total Space | 324,03 Gb Free Space | 76,30% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 29,19 Gb Free Space | 72,98% Space Free | Partition Type: NTFS
 
Computer Name: LIA-PC | User Name: Lia Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{2BF53A9A-EC11-4429-B29D-19A9276092EF}" = HP LaserJet Toolbox
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{54360A73-B080-4A69-BFD4-53C190DD3AB0}" = HP Color LaserJet CP1210 Series
"{9A945B7E-4F69-4DDA-B14B-E4DE8446A010}" = MrvlUsgTracking64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{F323676A-B911-4B57-827F-32D02DCD4971}" = HP Color LaserJet CP1210 Series Toolbox
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windows-Treiberpaket - Nokia Modem  (10/07/2010 4.6)
"E5372C32E8562C76C24DBA6525002B1031495F34" = Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.8)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"HP Color LaserJet CP1210 Series" = HP Color LaserJet CP1210 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9C09E3A4-850A-40B2-B94F-EBFB5349C238}" = hppusgCP1215
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"ESET Online Scanner" = ESET Online Scanner v3
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 5.1.6
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Google Chrome" = Google Chrome
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.20.12.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 17.08.2011 16:51:58 | Computer Name = Lia-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: AdblockPro.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4d91cb25  Ausnahmecode: 0xc0000005  Fehleroffset: 0x100074c5
ID
 des fehlerhaften Prozesses: 0x1314  Startzeit der fehlerhaften Anwendung: 0x01cc5d1f6b14f95d
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Pfad
 des fehlerhaften Moduls: AdblockPro.dll  Berichtskennung: bef5cd41-c912-11e0-ad78-002421f6c060
 
Error - 17.08.2011 16:56:00 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Lia\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 18.08.2011 04:07:31 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 18.08.2011 04:08:56 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll".  Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 19.08.2011 03:51:49 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 19.08.2011 04:30:00 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 19.08.2011 04:30:47 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll".  Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 22.08.2011 04:00:01 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Lia\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 22.08.2011 04:00:01 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Lia\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 22.08.2011 04:00:08 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Lia\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
[ System Events ]
Error - 11.08.2011 01:53:28 | Computer Name = Lia-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 11.08.2011 05:29:58 | Computer Name = Lia-PC | Source = bowser | ID = 8003
Description = 
 
Error - 11.08.2011 14:20:33 | Computer Name = Lia-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 11.08.2011 14:20:33 | Computer Name = Lia-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 11.08.2011 14:20:51 | Computer Name = Lia-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 12.08.2011 04:26:32 | Computer Name = Lia-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 12.08.2011 04:26:32 | Computer Name = Lia-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 12.08.2011 04:26:57 | Computer Name = Lia-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 12.08.2011 08:30:16 | Computer Name = Lia-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 12.08.2011 08:30:16 | Computer Name = Lia-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
 
< End of report >
         
--- --- ---

Antwort

Themen zu Facebook Viren
ausgeführt, checkliste, enthält, erstell, facebook, hoffe, link, logdatei, nachrichten, neu, verschickt, viren, virus



Ähnliche Themen: Facebook Viren


  1. Acer Windows 7-Rechner * Befall von Viren und Trojanern? * Antivir Rescue CD beseitigt Viren/Trojanernicht
    Plagegeister aller Art und deren Bekämpfung - 14.12.2014 (15)
  2. Facebook bietet kostenlose Entfernungstools für Viren an
    Nachrichten - 23.05.2014 (0)
  3. Jeder Viren chutz erkennt bei normalen Programmen über 300 Viren auf meinem PC
    Log-Analyse und Auswertung - 01.08.2013 (9)
  4. Jeder Viren Schutz erkennt bei normalen Programmen über 300 Viren auf meinem PC
    Mülltonne - 31.07.2013 (1)
  5. facebook.vbs auf USB
    Log-Analyse und Auswertung - 17.07.2013 (3)
  6. These: Avira installiert eigene Viren bzw. parallel AV-Programme, die Viren enthalten ...
    Antiviren-, Firewall- und andere Schutzprogramme - 13.05.2013 (7)
  7. 74 Viren gefunden, Firewall down, 95p und Media.. Viren
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (1)
  8. Facebook-Trojaner: vinamost.net/images/facebook/get.php?image=IMG39348819.JPG
    Log-Analyse und Auswertung - 21.11.2011 (42)
  9. Zuerst Facebook-Virus-Neu aufgesetzt,cpu Auslastung 100%,bei Facebook-Games extrem lahm!
    Log-Analyse und Auswertung - 03.02.2011 (11)
  10. Skype - Facebook Virus foto :P h**p://facebook.twitterbizzer.com/member_profile.php
    Plagegeister aller Art und deren Bekämpfung - 27.08.2010 (6)
  11. Viren befall kein viren programm geht
    Plagegeister aller Art und deren Bekämpfung - 06.01.2010 (22)
  12. Viren....Hilfe...überall Viren....
    Mülltonne - 04.11.2008 (0)
  13. POPUPS und VERSCHIEDENE VIREN VIREN UND TROJANER !
    Mülltonne - 10.10.2008 (0)
  14. Facebook
    Mülltonne - 19.08.2008 (0)
  15. Viren bekämpfen ohne Anti Viren Programm
    Plagegeister aller Art und deren Bekämpfung - 28.11.2007 (22)
  16. War eine ganze Weile fei von Viren aber jetzt habe ich Viren Bursters !!!
    Log-Analyse und Auswertung - 17.12.2006 (1)
  17. kaspersky findet angeblich viren ind java dateien - sind es wirklich viren ?
    Plagegeister aller Art und deren Bekämpfung - 22.08.2005 (6)

Zum Thema Facebook Viren - Hallo! Bin neu hier, ich hoffe ihr könnt mir helfen. Habe eure Checkliste ausgeführt und diese Logdatei erstellt. Mein Facebookaccount verschickt Nachrichten mit einem Link, der einen Virus enthält. Hallo, - Facebook Viren...
Archiv
Du betrachtest: Facebook Viren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.