Facebook Viren

Yannick11 · 16.08.2011, 09:35

Hallo! Bin neu hier, ich hoffe ihr könnt mir helfen. Habe eure Checkliste ausgeführt und diese Logdatei erstellt. Mein Facebookaccount verschickt Nachrichten mit einem Link, der einen Virus enthält.

Hallo,

den Scan den ich durch geführt habe, hat der jetzt alle Viren/trojaner entfernt oder muss ich noch einen weiteren Schritt machen.

Danke sagt

Lia

Hallo,

ich habe jetzt noch Maleware laufen lassen

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Datenbank Version: 7480

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

16.08.2011 20:09:15
mbam-log-2011-08-16 (20-09-15).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 167659
Laufzeit: 2 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 61

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Lia\AppData\Local\Temp\0110869.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\0172002.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\0192215.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\0541843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\0699965.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1220679.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1231087.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1311722.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1470390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1567401.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1754388.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1773753.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1843171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\1888676.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\2132108.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\2673754.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\2697859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\2724174.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\3071781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\3398514.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\3962979.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\4189014.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\4650154.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\4826902.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\5010279.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\5250337.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6105724.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6216395.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6239418.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6496131.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6497967.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6705731.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6829317.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\6951573.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7127324.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7393057.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7687291.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7779816.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7991283.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\7991731.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\8065306.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\8119215.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\8358573.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\8749273.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\8794957.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9139875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9146637.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9153643.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9319543.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9464327.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9531070.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9666571.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9738445.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9743474.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9745229.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9781810.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9789671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9818584.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9963238.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Local\Temp\9987863.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lia\AppData\Roaming\msnsvconfig.txt (Malware.Trace) -> Quarantined and deleted successfully.

cosinus · 17.08.2011, 10:59

Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL-Custom:

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die Textbox.

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Yannick11 · 17.08.2011, 16:46

Hallo,

ich hoffe doch, das ich alles richtig gemacht habe. Hier kommt das Ergebnis.

LiaOTL Logfile:

Code:

ATTFilter

OTL logfile created on: 17.08.2011 17:32:24 - Run 1
OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Lia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,54 Gb Available Physical Memory | 63,48% Memory free
8,00 Gb Paging File | 6,32 Gb Available in Paging File | 79,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424,66 Gb Total Space | 325,03 Gb Free Space | 76,54% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 29,19 Gb Free Space | 72,98% Space Free | Partition Type: NTFS
 
Computer Name: LIA-PC | User Name: Lia Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.08.17 15:57:05 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Lia\Desktop\OTL.exe
PRC - [2011.07.06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.07.01 08:05:54 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.26 12:26:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.05.20 16:56:18 | 000,724,536 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2011.04.30 09:42:38 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.31 16:48:36 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2011.03.31 14:38:26 | 000,140,288 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011.03.21 13:19:36 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2011.03.04 14:36:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2007.11.02 14:52:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.08.15 13:20:54 | 000,076,288 | ---- | M] () -- C:\Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko5.dll
MOD - [2011.08.12 14:47:19 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e47bab16c150f9697594d8fd65532578\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2011.08.12 14:47:18 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011.08.12 14:46:47 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011.08.12 14:46:23 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011.08.12 14:46:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011.08.12 14:46:15 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011.08.12 14:46:03 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011.06.26 12:26:14 | 001,850,328 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.05.20 16:54:16 | 010,837,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll
MOD - [2011.05.20 16:54:16 | 008,166,912 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll
MOD - [2011.05.20 16:54:16 | 002,551,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll
MOD - [2011.05.20 16:54:16 | 002,282,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll
MOD - [2011.05.20 16:54:16 | 002,246,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll
MOD - [2011.05.20 16:54:16 | 001,288,192 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll
MOD - [2011.05.20 16:54:16 | 000,913,920 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll
MOD - [2011.05.20 16:54:16 | 000,676,864 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll
MOD - [2011.05.20 16:54:16 | 000,340,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll
MOD - [2011.05.20 16:54:16 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll
MOD - [2011.05.20 16:54:16 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll
MOD - [2011.05.20 16:54:16 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll
MOD - [2011.05.20 16:54:16 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll
MOD - [2011.05.20 16:30:06 | 000,508,416 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll
MOD - [2011.05.20 16:30:04 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll
MOD - [2011.05.20 16:29:34 | 000,924,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll
MOD - [2011.05.20 16:29:18 | 000,422,800 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\ssoengine.dll
MOD - [2011.05.20 16:29:18 | 000,387,976 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll
MOD - [2011.05.20 16:29:18 | 000,060,816 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\securestorage.dll
MOD - [2011.05.20 16:28:18 | 000,687,616 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll
MOD - [2011.04.11 21:29:22 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.02.07 10:05:18 | 000,163,840 | ---- | M] () -- C:\Windows\SysWOW64\hppatusg01.dll
MOD - [2007.11.02 14:52:40 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPUsageTracking.dll
MOD - [2007.11.02 14:52:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe
MOD - [2007.11.02 14:52:38 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPToolkit.dll
MOD - [2007.11.02 14:52:38 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\Enumeration.dll
MOD - [2007.11.02 14:52:22 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPTools.dll
MOD - [2007.11.02 14:52:16 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPStreamsInterface.dll
MOD - [2005.07.20 11:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.04.12 11:18:14 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.08.18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.01 08:05:54 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.15 13:23:20 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2011.04.30 09:42:38 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.12 11:22:46 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.04.12 11:18:06 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.07.01 08:05:54 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.07.01 08:05:54 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 15:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2010.12.02 15:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.12.02 15:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.12.02 15:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.09 08:49:52 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010.08.31 12:09:00 | 000,256,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2010.08.07 11:49:04 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.07.27 03:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2009.09.10 16:50:06 | 000,923,648 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009.08.18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010.02.24 14:41:50 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.06.12 16:26:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.26 12:26:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.18 10:01:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.06.12 16:26:49 | 000,000,000 | ---D | M]
 
[2011.03.15 13:21:54 | 000,000,931 | ---- | M] () -- \Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\searchplugins\conduit.xml
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- 
[2011.08.16 06:20:06 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[2011.08.16 20:55:35 | 000,000,000 | ---D | M] (WOT) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}
[2011.04.04 21:49:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
() (No name found) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.08.12 19:33:39 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{E001C731-5E37-4538-A5CB-8168736A2360}
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdblockPro) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\ADBLOCK@ADBLOCKPRO.COM
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdobeReader) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\PDFREADER@ADOBE.COM
[2011.06.26 12:26:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AdblockPro) - {04F2568A-3E7A-422D-A71E-DC088A635F7D} - C:\Users\Lia\AppData\Roaming\AdblockPro\IE\AdblockPro.dll (Adblock Pro Inc.)
O2 - BHO: (AdobeReader) - {AC6401E9-813B-46DA-B06F-A4FFA2F9AE6D} - C:\Users\Lia\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [PrnStatusMX] C:\Programme\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Videos
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Pictures
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Music
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Links
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Favorites
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Downloads
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Documents
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Desktop
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Vorlagen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Startmenü
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\SendTo
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Recent
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Netzwerkumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Lokale Einstellungen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Eigene Dateien
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Druckumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Cookies
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Anwendungsdaten
[2011.08.17 15:57:25 | 000,000,000 | -H-D | C] -- C:\Users\Lia Admin\AppData
[2011.08.17 15:57:25 | 000,000,000 | ---D | C] -- C:\Users\Lia Admin\Saved Games
[2011.08.16 19:54:18 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.08.16 19:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.08.16 19:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.08.16 19:54:13 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.08.16 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.08.15 22:35:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.17 16:52:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.17 16:52:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.17 09:16:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.17 09:15:53 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.16 21:03:27 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2011.08.16 19:54:18 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.12 14:03:53 | 001,519,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.08.12 14:03:53 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.08.12 14:03:53 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.08.12 14:03:53 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.08.12 14:03:53 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.08.10 09:24:14 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.08.06 20:48:24 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.06 20:48:24 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
 
========== Files Created - No Company Name ==========
 
[2011.08.16 19:54:18 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.14 18:37:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.05 22:03:49 | 006,108,456 | R--- | C] () -- \hpcljcp1215drv32.cab
[2011.04.05 22:03:49 | 001,712,128 | ---- | C] () -- \ProductInst.exe
[2011.04.05 22:03:49 | 000,434,371 | R--- | C] () -- \hpcljcp1215_deww.cab
[2011.04.05 22:03:49 | 000,434,371 | ---- | C] () -- \hpcljcp1215_enww.cab
[2011.04.05 22:03:49 | 000,316,416 | R--- | C] () -- \DIFxAPI.dll
[2011.04.05 22:03:49 | 000,208,896 | ---- | C] () -- \Strings.dll
[2011.04.05 22:03:49 | 000,118,335 | R--- | C] () -- \hp121532.cat
[2011.04.05 22:03:49 | 000,069,632 | ---- | C] () -- \WpInstall.exe
[2011.04.05 22:03:49 | 000,015,212 | R--- | C] () -- \HPCP1215.INF
[2011.04.05 22:03:49 | 000,000,736 | R--- | C] () -- \properties.ini
[2011.04.05 22:03:49 | 000,000,039 | R--- | C] () -- \SUcp1215.VER
[2011.03.31 20:17:08 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.03.21 21:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.21 21:02:09 | 3220,561,920 | -HS- | C] () -- \hiberfil.sys
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.02.07 10:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.08.04 10:24:31 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< Malwarebytes' Anti-Malware 1.51.1.1800 >
 
< Malwarebytes : Free anti-malware, anti-virus and spyware removal download >
 
<  >
 
< Datenbank Version: 7480 >
 
<  >
 
< Windows 6.1.7601 Service Pack 1 >
 
< Internet Explorer 9.0.8112.16421 >
 
<  >
 
< 17.08.2011 17:01:46 >
 
< mbam-log-2011-08-17 (17-01-46).txt >
 
<  >
 
< Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) >
 
< Durchsuchte Objekte: 320112 >
 
< Laufzeit: 1 Stunde(n), 1 Minute(n), 52 Sekunde(n) >
 
<  >
 
< Infizierte Speicherprozesse: 0 >
 
< Infizierte Speichermodule: 0 >
 
< Infizierte Registrierungsschlüssel: 0 >
 
< Infizierte Registrierungswerte: 0 >
 
< Infizierte Dateiobjekte der Registrierung: 0 >
 
< Infizierte Verzeichnisse: 0 >
 
< Infizierte Dateien: 0 >
 
<  >
 
< Infizierte Speicherprozesse: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Speichermodule: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Registrierungsschlüssel: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Registrierungswerte: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Dateiobjekte der Registrierung: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Verzeichnisse: >
 
< (Keine bösartigen Objekte gefunden) >
 
<  >
 
< Infizierte Dateien: >
 
< (Keine bösartigen Objekte gefunden) >

< End of report >

--- --- ---

cosinus · 17.08.2011, 21:12

Und der Vollscan mit Malwarebytes?

Yannick11 · 17.08.2011, 21:19

Hallo,

hier kommt er :-), sorry

Lia

Malwarebytes' Anti-Malware 1.51.1.1800
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 7480

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

17.08.2011 17:01:46
mbam-log-2011-08-17 (17-01-46).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 320112
Laufzeit: 1 Stunde(n), 1 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus · 17.08.2011, 22:00

Führ bitte auch ESET aus, danach sehen wir weiter:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Yannick11 · 22.08.2011, 13:04

Hallo,

hier kommt die Datei.

Lia

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=f81b7f478c9cae49b262e4f9663c113e
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-15 10:08:00
# local_time=2011-08-16 12:08:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1797 16775165 100 94 218782 49981766 263380 0
# compatibility_mode=5893 16776573 100 94 302986 65071195 0 0
# compatibility_mode=8192 67108863 100 0 812 812 0 0
# scanned=181306
# found=92
# cleaned=92
# scan_time=4735
C:\$Recycle.Bin\S-1-5-21-1084300786-1220908116-2246298836-1000\$RUH642I.scr a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4DV04SKF\ok[1].exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IW08VRRG\brun[1].exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIE9ACIR\bz[1].zip a variant of Win32/Injector.IPE trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIE9ACIR\fac[1].exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIE9ACIR\hi[1].exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YMXESO50\bc[1].zip a variant of Win32/Injector.IPF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YMXESO50\bzt[1].exe a variant of Win32/Kryptik.RRC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YMXESO50\ox[1].zip a variant of Win32/Injector.IPG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0185664.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0311589.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\03147.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0330381.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0442309.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0503884.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0618097.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0650783.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0876952.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0889697.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0954354.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\0998545.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\1100263.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\1202346.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\1312849.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\1327271.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\1505050.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2007446.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2012411.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2070142.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2077489.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2206635.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2231847.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2291234.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2737929.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\2949916.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3029862.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3039682.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3362109.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3437213.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3443450.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3484341.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3742883.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3891093.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3896865.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\3930865.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\4109270.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\4548690.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\4632213.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\4784060.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\4979756.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5197751.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5239699.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5326323.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5358000.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5382448.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5610251.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5891465.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5916965.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5927959.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\5929300.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6016282.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6118099.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6227095.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6257390.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6335379.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6385569.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6511798.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6514387.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6536465.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6802327.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\6856967.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7009330.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7057696.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7469153.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7605747.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7665651.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\7828768.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\8438090.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\8821514.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9020588.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9169464.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9176284.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9220248.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9222248.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9728101.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9798825.exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\9938686.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\tmp08.exe a variant of Win32/Injector.IPF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\Temporary Internet Files\Content.IE5\OY2DYDGG\kbc[1].exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\AppData\Local\Temp\Temporary Internet Files\Content.IE5\V1TF59AE\uh[1].exe a variant of Win32/Injector.IPH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\Cache\igfxdl32.exe a variant of Win32/Kryptik.RRC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Lia\M-1-54-6324-575-5275\winsvc.exe a variant of Win32/Kryptik.RMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=f81b7f478c9cae49b262e4f9663c113e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-16 08:17:53
# local_time=2011-08-16 10:17:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 246352 50009336 290950 0
# compatibility_mode=5893 16776573 100 94 330556 65098765 0 0
# compatibility_mode=8192 67108863 100 0 28382 28382 0 0
# scanned=181213
# found=4
# cleaned=0
# scan_time=13779
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIE9ACIR\ok[1].exe a variant of Win32/Injector.IPH trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lia\AppData\Local\Temp\5010279.exe a variant of Win32/Injector.IPH trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lia\AppData\Local\Temp\6705731.exe a variant of Win32/Injector.IPH trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lia\AppData\Local\Temp\7127324.exe a variant of Win32/Injector.IPH trojan (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=f81b7f478c9cae49b262e4f9663c113e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-22 10:47:05
# local_time=2011-08-22 12:47:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 88407 50540559 81073 0
# compatibility_mode=5893 16776573 100 94 260916 65629988 0 0
# compatibility_mode=8192 67108863 100 0 559605 559605 0 0
# scanned=189322
# found=1
# cleaned=0
# scan_time=9907
C:\Users\Lia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIE9ACIR\ok[1].exe a variant of Win32/Injector.IPH trojan (unable to clean) 00000000000000000000000000000000 I

cosinus · 22.08.2011, 18:30

Beim OTL-CustomScan ist was schiefgelaufen, bitte nochmal richtig wiederholen.

Yannick11 · 23.08.2011, 07:04

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 23.08.2011 07:51:21 - Run 2
OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Lia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 64,67% Memory free
8,00 Gb Paging File | 6,35 Gb Available in Paging File | 79,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424,66 Gb Total Space | 324,03 Gb Free Space | 76,30% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 29,19 Gb Free Space | 72,98% Space Free | Partition Type: NTFS
 
Computer Name:***** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Lia\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko5.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e47bab16c150f9697594d8fd65532578\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtCore.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtWeb.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\qjson.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\ssoengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\securestorage.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\SysWOW64\hppatusg01.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPUsageTracking.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPToolkit.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\Enumeration.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPTools.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPStreamsInterface.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (acpials) -- C:\Windows\SysNative\drivers\acpials.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.26 12:26:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.18 10:01:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.08.22 17:10:28 | 000,000,000 | ---D | M]
 
[2011.03.15 13:21:54 | 000,000,931 | ---- | M] () -- \Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\searchplugins\conduit.xml
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- 
[2011.08.16 06:20:06 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[2011.08.16 20:55:35 | 000,000,000 | ---D | M] (WOT) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}
[2011.04.04 21:49:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
() (No name found) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.08.12 19:33:39 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{E001C731-5E37-4538-A5CB-8168736A2360}
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdblockPro) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\ADBLOCK@ADBLOCKPRO.COM
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdobeReader) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\PDFREADER@ADOBE.COM
[2011.06.26 12:26:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AdblockPro) - {04F2568A-3E7A-422D-A71E-DC088A635F7D} - C:\Users\Lia\AppData\Roaming\AdblockPro\IE\AdblockPro.dll (Adblock Pro Inc.)
O2 - BHO: (AdobeReader) - {AC6401E9-813B-46DA-B06F-A4FFA2F9AE6D} - C:\Users\Lia\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [PrnStatusMX] C:\Programme\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [mctadmin]  File not found
O4 - HKCU..\RunOnce: [NokiaOviSuite.exe] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.22 17:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2011.08.22 17:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011.08.22 17:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Videos
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Pictures
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Music
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Links
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Favorites
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Downloads
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Documents
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Desktop
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Vorlagen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Startmenü
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\SendTo
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Recent
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Netzwerkumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Lokale Einstellungen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Eigene Dateien
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Druckumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Cookies
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Anwendungsdaten
[2011.08.17 15:57:25 | 000,000,000 | -H-D | C] -- C:\Users\Lia Admin\AppData
[2011.08.17 15:57:25 | 000,000,000 | ---D | C] -- C:\Users\Lia Admin\Saved Games
[2011.08.16 19:54:18 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.08.16 19:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.08.16 19:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.08.16 19:54:13 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.08.16 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.08.15 22:35:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011.08.12 14:01:00 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.08.12 14:01:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.08.12 14:00:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.08.12 14:00:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.08.12 14:00:57 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.08.12 14:00:57 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.08.12 14:00:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.08.12 14:00:56 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.08.12 14:00:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.08.12 10:33:17 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.08.12 10:33:17 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.08.12 10:33:16 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.08.10 21:43:36 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.08.10 21:43:36 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.08.10 21:43:35 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.08.10 21:43:35 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.08.10 21:43:35 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.08.10 21:43:35 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.08.10 21:43:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.08.10 21:43:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.08.10 21:43:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.08.10 21:43:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.08.10 21:43:35 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 21:43:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.08.10 21:43:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 21:43:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.08.10 20:20:05 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.08.10 20:20:05 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.08.10 20:20:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.08.10 20:20:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.08.10 20:20:05 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.08.10 20:20:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011.08.10 20:20:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011.08.10 20:20:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011.08.10 20:20:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011.08.10 19:11:33 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.23 07:48:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.23 07:48:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.23 07:41:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.23 07:41:22 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.22 17:11:37 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011.08.16 21:03:27 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2011.08.16 19:54:18 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.15 13:18:44 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.08.12 14:03:53 | 001,519,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.08.12 14:03:53 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.08.12 14:03:53 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.08.12 14:03:53 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.08.12 14:03:53 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.08.10 09:24:14 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.08.06 20:48:24 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.06 20:48:24 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
 
========== Files Created - No Company Name ==========
 
[2011.08.22 17:11:37 | 000,002,100 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011.08.16 19:54:18 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.14 18:37:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.05 22:03:49 | 006,108,456 | R--- | C] () -- \hpcljcp1215drv32.cab
[2011.04.05 22:03:49 | 001,712,128 | ---- | C] () -- \ProductInst.exe
[2011.04.05 22:03:49 | 000,434,371 | R--- | C] () -- \hpcljcp1215_deww.cab
[2011.04.05 22:03:49 | 000,434,371 | ---- | C] () -- \hpcljcp1215_enww.cab
[2011.04.05 22:03:49 | 000,316,416 | R--- | C] () -- \DIFxAPI.dll
[2011.04.05 22:03:49 | 000,208,896 | ---- | C] () -- \Strings.dll
[2011.04.05 22:03:49 | 000,118,335 | R--- | C] () -- \hp121532.cat
[2011.04.05 22:03:49 | 000,069,632 | ---- | C] () -- \WpInstall.exe
[2011.04.05 22:03:49 | 000,015,212 | R--- | C] () -- \HPCP1215.INF
[2011.04.05 22:03:49 | 000,000,736 | R--- | C] () -- \properties.ini
[2011.04.05 22:03:49 | 000,000,039 | R--- | C] () -- \SUcp1215.VER
[2011.03.31 20:17:08 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.03.21 21:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.21 21:02:09 | 3220,561,920 | -HS- | C] () -- \hiberfil.sys
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.02.07 10:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.08.04 10:24:31 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

Yannick11 · 23.08.2011, 07:06

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 23.08.2011 07:51:21 - Run 2
OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Lia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 64,67% Memory free
8,00 Gb Paging File | 6,35 Gb Available in Paging File | 79,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424,66 Gb Total Space | 324,03 Gb Free Space | 76,30% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 29,19 Gb Free Space | 72,98% Space Free | Partition Type: NTFS
 
Computer Name:***** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Lia\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko5.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e47bab16c150f9697594d8fd65532578\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtCore.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QxtWeb.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\qjson.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\ssoengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\securestorage.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\SysWOW64\hppatusg01.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPUsageTracking.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPToolkit.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\Enumeration.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPTools.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\HPStreamsInterface.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (acpials) -- C:\Windows\SysNative\drivers\acpials.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.26 12:26:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.18 10:01:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.08.22 17:10:28 | 000,000,000 | ---D | M]
 
[2011.03.15 13:21:54 | 000,000,931 | ---- | M] () -- \Users\Lia\AppData\Roaming\Mozilla\Firefox\Profiles\0yswwm0m.default\searchplugins\conduit.xml
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.06.13 10:33:00 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- 
[2011.08.16 06:20:06 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[2011.08.16 20:55:35 | 000,000,000 | ---D | M] (WOT) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}
[2011.04.04 21:49:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
() (No name found) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.08.12 19:33:39 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\{E001C731-5E37-4538-A5CB-8168736A2360}
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdblockPro) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\ADBLOCK@ADBLOCKPRO.COM
[2011.04.13 22:51:35 | 000,000,000 | ---D | M] (AdobeReader) -- C:\USERS\LIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0YSWWM0M.DEFAULT\EXTENSIONS\PDFREADER@ADOBE.COM
[2011.06.26 12:26:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AdblockPro) - {04F2568A-3E7A-422D-A71E-DC088A635F7D} - C:\Users\Lia\AppData\Roaming\AdblockPro\IE\AdblockPro.dll (Adblock Pro Inc.)
O2 - BHO: (AdobeReader) - {AC6401E9-813B-46DA-B06F-A4FFA2F9AE6D} - C:\Users\Lia\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [PrnStatusMX] C:\Programme\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [mctadmin]  File not found
O4 - HKCU..\RunOnce: [NokiaOviSuite.exe] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lia Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.22 17:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2011.08.22 17:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011.08.22 17:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Videos
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Pictures
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Music
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Links
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Favorites
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Downloads
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Documents
[2011.08.17 15:57:25 | 000,000,000 | R--D | C] -- C:\Users\Lia Admin\Desktop
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Vorlagen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Startmenü
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\SendTo
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Recent
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Netzwerkumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Lokale Einstellungen
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Eigene Dateien
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Druckumgebung
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Cookies
[2011.08.17 15:57:25 | 000,000,000 | -HSD | C] -- C:\Users\Lia Admin\Anwendungsdaten
[2011.08.17 15:57:25 | 000,000,000 | -H-D | C] -- C:\Users\Lia Admin\AppData
[2011.08.17 15:57:25 | 000,000,000 | ---D | C] -- C:\Users\Lia Admin\Saved Games
[2011.08.16 19:54:18 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.08.16 19:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.08.16 19:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.08.16 19:54:13 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.08.16 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.08.15 22:35:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011.08.12 14:01:00 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.08.12 14:01:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.08.12 14:00:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.08.12 14:00:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.08.12 14:00:57 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.08.12 14:00:57 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.08.12 14:00:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.08.12 14:00:56 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.08.12 14:00:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.08.12 10:33:17 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.08.12 10:33:17 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.08.12 10:33:16 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.08.10 21:43:36 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.08.10 21:43:36 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.08.10 21:43:35 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.08.10 21:43:35 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.08.10 21:43:35 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.08.10 21:43:35 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.08.10 21:43:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.08.10 21:43:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.08.10 21:43:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.08.10 21:43:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.08.10 21:43:35 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 21:43:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 21:43:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 21:43:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 21:43:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 21:43:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.08.10 21:43:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 21:43:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 21:43:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 21:43:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.08.10 20:20:05 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.08.10 20:20:05 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.08.10 20:20:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.08.10 20:20:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.08.10 20:20:05 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.08.10 20:20:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011.08.10 20:20:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011.08.10 20:20:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011.08.10 20:20:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011.08.10 19:11:33 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.23 07:48:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.23 07:48:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.23 07:41:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.23 07:41:22 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.22 17:11:37 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011.08.16 21:03:27 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2011.08.16 19:54:18 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.15 13:18:44 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.08.12 14:03:53 | 001,519,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.08.12 14:03:53 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.08.12 14:03:53 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.08.12 14:03:53 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.08.12 14:03:53 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.08.10 09:24:14 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.08.06 20:48:24 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.06 20:48:24 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
 
========== Files Created - No Company Name ==========
 
[2011.08.22 17:11:37 | 000,002,100 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011.08.16 19:54:18 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.14 18:37:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.05 22:03:49 | 006,108,456 | R--- | C] () -- \hpcljcp1215drv32.cab
[2011.04.05 22:03:49 | 001,712,128 | ---- | C] () -- \ProductInst.exe
[2011.04.05 22:03:49 | 000,434,371 | R--- | C] () -- \hpcljcp1215_deww.cab
[2011.04.05 22:03:49 | 000,434,371 | ---- | C] () -- \hpcljcp1215_enww.cab
[2011.04.05 22:03:49 | 000,316,416 | R--- | C] () -- \DIFxAPI.dll
[2011.04.05 22:03:49 | 000,208,896 | ---- | C] () -- \Strings.dll
[2011.04.05 22:03:49 | 000,118,335 | R--- | C] () -- \hp121532.cat
[2011.04.05 22:03:49 | 000,069,632 | ---- | C] () -- \WpInstall.exe
[2011.04.05 22:03:49 | 000,015,212 | R--- | C] () -- \HPCP1215.INF
[2011.04.05 22:03:49 | 000,000,736 | R--- | C] () -- \properties.ini
[2011.04.05 22:03:49 | 000,000,039 | R--- | C] () -- \SUcp1215.VER
[2011.03.31 20:17:08 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.03.21 21:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.21 21:02:09 | 3220,561,920 | -HS- | C] () -- \hiberfil.sys
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.02.07 10:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.08.04 10:24:31 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

cosinus · 23.08.2011, 10:52

Sry aber kopierst du auch wikrlich an angegeben Text aus der Codebox ins Textfeld von OTL? Sieht mir nämlich nicht danach aus.

Yannick11 · 23.08.2011, 14:45

Ja, wenn der Scan beendet ist geht ein Fenster auf, diese Daten habe ich dann kopiert und eingefügt. Was mache ich falsch?

Lia

cosinus · 23.08.2011, 14:48

Du klickst auch auf den Button alles kopieren über der Codebox, damit wirklich der gesamte Text kopiert wird?

Yannick11 · 23.08.2011, 14:53

Ich mach es noch mal

Yannick11 · 23.08.2011, 15:22

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 23.08.2011 07:51:21 - Run 2
OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Lia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 64,67% Memory free
8,00 Gb Paging File | 6,35 Gb Available in Paging File | 79,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424,66 Gb Total Space | 324,03 Gb Free Space | 76,30% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 29,19 Gb Free Space | 72,98% Space Free | Partition Type: NTFS
 
Computer Name: LIA-PC | User Name: Lia Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{2BF53A9A-EC11-4429-B29D-19A9276092EF}" = HP LaserJet Toolbox
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{54360A73-B080-4A69-BFD4-53C190DD3AB0}" = HP Color LaserJet CP1210 Series
"{9A945B7E-4F69-4DDA-B14B-E4DE8446A010}" = MrvlUsgTracking64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{F323676A-B911-4B57-827F-32D02DCD4971}" = HP Color LaserJet CP1210 Series Toolbox
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windows-Treiberpaket - Nokia Modem  (10/07/2010 4.6)
"E5372C32E8562C76C24DBA6525002B1031495F34" = Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.8)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"HP Color LaserJet CP1210 Series" = HP Color LaserJet CP1210 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9C09E3A4-850A-40B2-B94F-EBFB5349C238}" = hppusgCP1215
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"ESET Online Scanner" = ESET Online Scanner v3
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 5.1.6
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Google Chrome" = Google Chrome
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.20.12.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 17.08.2011 16:51:58 | Computer Name = Lia-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: AdblockPro.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4d91cb25  Ausnahmecode: 0xc0000005  Fehleroffset: 0x100074c5
ID
 des fehlerhaften Prozesses: 0x1314  Startzeit der fehlerhaften Anwendung: 0x01cc5d1f6b14f95d
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Pfad
 des fehlerhaften Moduls: AdblockPro.dll  Berichtskennung: bef5cd41-c912-11e0-ad78-002421f6c060
 
Error - 17.08.2011 16:56:00 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Lia\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 18.08.2011 04:07:31 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 18.08.2011 04:08:56 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll".  Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 19.08.2011 03:51:49 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 19.08.2011 04:30:00 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 19.08.2011 04:30:47 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll".  Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 22.08.2011 04:00:01 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Lia\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 22.08.2011 04:00:01 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Lia\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 22.08.2011 04:00:08 | Computer Name = Lia-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Lia\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
[ System Events ]
Error - 11.08.2011 01:53:28 | Computer Name = Lia-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 11.08.2011 05:29:58 | Computer Name = Lia-PC | Source = bowser | ID = 8003
Description = 
 
Error - 11.08.2011 14:20:33 | Computer Name = Lia-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 11.08.2011 14:20:33 | Computer Name = Lia-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 11.08.2011 14:20:51 | Computer Name = Lia-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 12.08.2011 04:26:32 | Computer Name = Lia-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 12.08.2011 04:26:32 | Computer Name = Lia-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 12.08.2011 04:26:57 | Computer Name = Lia-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 12.08.2011 08:30:16 | Computer Name = Lia-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 12.08.2011 08:30:16 | Computer Name = Lia-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
 
< End of report >

--- --- ---

17.08.2011, 21:12	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Facebook Viren Und der Vollscan mit Malwarebytes? __________________ Logfiles bitte immer in CODE-Tags posten

22.08.2011, 18:30	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Facebook Viren Beim OTL-CustomScan ist was schiefgelaufen, bitte nochmal richtig wiederholen. __________________ Logfiles bitte immer in CODE-Tags posten

23.08.2011, 10:52	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Facebook Viren Sry aber kopierst du auch wikrlich an angegeben Text aus der Codebox ins Textfeld von OTL? Sieht mir nämlich nicht danach aus. __________________ Logfiles bitte immer in CODE-Tags posten

23.08.2011, 14:48	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Facebook Viren Du klickst auch auf den Button alles kopieren über der Codebox, damit wirklich der gesamte Text kopiert wird? __________________ Logfiles bitte immer in CODE-Tags posten

Facebook Viren

Log-Analyse und Auswertung: Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Facebook Viren

Ähnliche Themen: Facebook Viren

23.08.2011, 14:45	#12
Yannick11	Facebook Viren Ja, wenn der Scan beendet ist geht ein Fenster auf, diese Daten habe ich dann kopiert und eingefügt. Was mache ich falsch? Lia

23.08.2011, 14:53	#14
Yannick11	Facebook Viren Ich mach es noch mal