Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: sshnas.dll fehlt ( Win 7 64)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.03.2010, 19:58   #1
Walker13
 
sshnas.dll fehlt ( Win 7 64) - Standard

sshnas.dll fehlt ( Win 7 64)



Guten Tag,
Ich hoffe, jemand kann mir helfen.

Gestern habe ich dummerweise eine unseriöse Datei geöffnet und es auch gleich bereut, weil bei dem Neustart meines Windows direkt die Meldung kam, dass die oben genannte Datei fehle.
Habe mich dann etwas schlau gemacht und festgestellt, dass dies wohl Teil einer Maleware/Virus sei.

Habe Spybot, Antivir, Malewares Anti Maleware und den CC Cleaner rüberlaufen lassen und habe auch den einen oder anderen Eintrag entfernen lassen ( erinnere mich leider nicht mehr an die Namen)
Bloß bin ich jetzt noch nicht ganz sicher/noch immer beunruhigt, ob ich immer noch infiziert bin.

Neu installieren wäre zwar wohl die eleganteste Lösung, aber zum ersten will ich das eigentlich gar nicht ( gerade erst alles konfiguriert) und leider ist die DVD auch gerade nicht erreichbar für mich.

Deswegen wollte ich hier um Hilfe bitten, ob euch etwas ungewöhnliches auffällt. ( Die Fehlermeldung tritt übrigens nicht mehr auf)

So hier die Logs:
Zitat:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:51:34, on 22.03.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
D:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
D:\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
D:\Program Files (x86)\Last.fm\LastFM.exe
D:\Mozilla Firefox\firefox.exe
D:\Program Files (x86)\QIP\qip.exe
D:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = h**p://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbhelper.dll
O2 - BHO: SBCONVERT - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\****\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~2\SPEEDB~1\Toolbar\grabber.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [avgnt] "D:\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware (reboot)] "D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ProcessGovernor] D:\Program Files (x86)\Process Lasso\processgovernor.exe
O4 - HKCU\..\Run: [SpeedBitVideoAccelerator] D:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "e:\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O10 - Unknown file in Winsock LSP: d:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: d:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: d:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: d:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: d:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: d:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: d:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: d:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: d:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: d:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: d:\progra~1\speedb~1\sblsp.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - D:\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - D:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8744 bytes
Zitat:
Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3899
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

22.03.2010 19:49:43
mbam-log-2010-03-22 (19-49-35).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|)
Durchsuchte Objekte: 319974
Laufzeit: 1 hour(s), 19 minute(s), 31 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
D:\Downloads\Mass.effect.2.original.bik.movies.free.download.52007.exe (Trojan.Downloader) -> No action taken.
(Jaja, für den Download könnte ich mir immer noch in den Hintern beißen)

Ich hoffe, dass passt so alles.
Vielen Dank!

~

Alt 23.03.2010, 07:29   #2
Chris4You
 
sshnas.dll fehlt ( Win 7 64) - Standard

sshnas.dll fehlt ( Win 7 64)



Hi,

64-Bit System sind schlecht zu reinigen, die meisten Tools laufen darunter nicht...

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
* Doppelklick auf die OTL.exe
* Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
* Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
* Unter Extra Registry, wähle bitte Use SafeList
* Klicke nun auf Run Scan links oben
* Wenn der Scan beendet wurde werden 2 Logfiles erstellt
* Poste die Logfiles hier in den Thread.

chris
__________________

__________________

Alt 23.03.2010, 07:45   #3
Walker13
 
sshnas.dll fehlt ( Win 7 64) - Standard

sshnas.dll fehlt ( Win 7 64)



Hi,
danke soweit schon mal.

Zitat:
OTL logfile created on: 23.03.2010 07:33:38 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\**\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 41,25 Gb Free Space | 70,52% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 144,06 Gb Free Space | 73,76% Space Free | Partition Type: NTFS
Drive E: | 211,85 Gb Total Space | 78,64 Gb Free Space | 37,12% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: **-PC
Current User Name: ***
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\**\Desktop\OTL.exe (OldTimer Tools)
PRC - E:\Steam\Steam.exe (Valve Corporation)
PRC - D:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe (Speedbit Ltd.)
PRC - D:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
PRC - D:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe (Speedbit Ltd.)
PRC - D:\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - D:\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - D:\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - D:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - D:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\**\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (VideoAcceleratorService) -- D:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AntiVirService) -- D:\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 04:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 04:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- D:\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SBSDWSCService) -- D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (NMSAccessU) -- D:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (StarOpen) -- C:\Windows\SysNative\drivers\StarOpen.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (StarOpen) -- C:\Windows\SysWOW64\drivers\StarOpen.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA 69 96 32 6D BC CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbhelper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.8
FF - prefs.js..extensions.enabledItems: FasterFox_Lite@BigRedBrent:3.8.2Lite
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1


[2010.03.05 15:27:45 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\mozilla\Extensions
[2010.03.22 18:10:59 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\tx4ct1dv.default\extensions
[2010.03.05 15:38:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\tx4ct1dv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.05 15:38:28 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\tx4ct1dv.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.03.22 18:10:53 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\tx4ct1dv.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2010.03.05 15:38:28 | 000,000,000 | ---D | M] -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\tx4ct1dv.default\extensions\FasterFox_Lite@BigRedBrent

O1 HOSTS File: ([2010.03.21 22:33:59 | 000,380,794 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13115 more lines...
O2 - BHO: (SBCONVERT Class) - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\**\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~2\SPEEDB~1\Toolbar\grabber.dll (Speedbit Ltd.)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O4:64bit: - HKLM..\Run: [ProcessLassoManagementConsole] D:\Program Files (x86)\Process Lasso\ProcessLasso.exe (Bitsum Technologies)
O4 - HKLM..\Run: [avgnt] D:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [ProcessGovernor] D:\Program Files (x86)\Process Lasso\ProcessGovernor.exe (Bitsum Technologies)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpeedBitVideoAccelerator] D:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe (Speedbit Ltd.)
O4 - HKCU..\Run: [Steam] e:\steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - D:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.03.23 07:32:50 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Users\**\Desktop\OTL.exe
[2010.03.22 18:17:35 | 000,000,000 | ---D | C] -- C:\rsit
[2010.03.22 13:48:51 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Roaming\Malwarebytes
[2010.03.22 13:48:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.03.22 13:48:46 | 000,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.03.22 13:48:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.03.22 07:40:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson USB
[2010.03.20 08:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Speedbit
[2010.03.14 13:15:26 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.03.14 13:15:26 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.03.14 13:15:26 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.03.14 13:15:26 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.03.14 13:15:25 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.03.14 13:15:25 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.03.13 11:06:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Speedbit
[2010.03.13 11:06:10 | 000,172,032 | ---- | C] (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) -- C:\Windows\SysWow64\AniGIF.ocx
[2010.03.13 11:06:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedBit Video Downloader
[2010.03.11 20:52:48 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Roaming\ProcessLasso
[2010.03.10 22:05:18 | 000,000,000 | ---D | C] -- C:\Users\AppData\Roaming\skypePM
[2010.03.10 22:02:37 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Roaming\Skype
[2010.03.10 22:02:32 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.03.10 22:02:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.03.10 22:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.03.10 12:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.03.10 12:02:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.03.10 12:02:16 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2010.03.10 12:02:16 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.03.10 12:02:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.03.10 12:02:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.03.10 12:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.03.08 19:22:45 | 000,000,000 | RH-D | C] -- C:\Users\++\AppData\Roaming\SecuROM
[2010.03.08 19:22:17 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Local\Rockstar Games
[2010.03.08 19:21:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2010.03.08 19:21:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2010.03.07 15:36:58 | 000,000,000 | ---D | C] -- C:\Users\AppData\Roaming\Canneverbe Limited
[2010.03.07 15:35:46 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Roaming\Canneverbe_Limited
[2010.03.07 15:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2010.03.07 09:32:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010.03.06 13:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2010.03.06 13:03:11 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Local\Last.fm
[2010.03.06 12:23:29 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Roaming\Mp3tag
[2010.03.05 17:56:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2010.03.05 17:56:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2010.03.05 17:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.03.05 17:49:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.03.05 17:48:27 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.03.05 17:44:58 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010.03.05 17:44:58 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.03.05 17:44:58 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010.03.05 17:44:58 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.03.05 17:44:57 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010.03.05 17:44:57 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.03.05 17:44:57 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.03.05 17:44:57 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010.03.05 17:44:57 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010.03.05 17:44:57 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010.03.05 17:44:56 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.03.05 17:44:56 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.03.05 17:44:56 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.03.05 17:44:56 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.03.05 17:44:56 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010.03.05 17:44:56 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.03.05 17:44:56 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010.03.05 17:44:56 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.03.05 17:44:56 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.03.05 17:44:56 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010.03.05 17:44:55 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010.03.05 17:44:55 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.03.05 17:44:55 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010.03.05 17:44:55 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.03.05 17:44:55 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.03.05 17:44:55 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.03.05 17:44:55 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010.03.05 17:44:55 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.03.05 17:44:54 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010.03.05 17:44:54 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.03.05 17:44:54 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.03.05 17:44:54 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010.03.05 17:44:54 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.03.05 17:44:54 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.03.05 17:44:54 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.03.05 17:44:54 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.03.05 17:44:52 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010.03.05 17:44:52 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.03.05 17:44:52 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010.03.05 17:44:52 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.03.05 17:44:52 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.03.05 17:44:52 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010.03.05 17:44:52 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.03.05 17:44:52 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.03.05 17:44:52 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.03.05 17:44:52 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.03.05 17:44:52 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.03.05 17:44:52 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.03.05 17:44:50 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010.03.05 17:44:50 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.03.05 17:44:50 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.03.05 17:44:50 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.03.05 17:44:50 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.03.05 17:44:50 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.03.05 17:44:50 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010.03.05 17:44:49 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010.03.05 17:44:49 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.03.05 17:44:49 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.03.05 17:44:49 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010.03.05 17:44:49 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.03.05 17:44:49 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.03.05 17:44:48 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.03.05 17:44:48 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.03.05 17:44:48 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010.03.05 17:44:48 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.03.05 17:44:48 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.03.05 17:44:48 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.03.05 17:44:47 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010.03.05 17:44:47 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.03.05 17:44:46 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010.03.05 17:44:46 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.03.05 17:44:44 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.03.05 17:44:44 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.03.05 17:44:44 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010.03.05 17:44:44 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.03.05 17:44:44 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.03.05 17:44:44 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010.03.05 17:44:44 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.03.05 17:44:44 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.03.05 17:44:43 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010.03.05 17:44:43 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010.03.05 17:44:43 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.03.05 17:44:43 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.03.05 17:44:43 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.03.05 17:44:43 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.03.05 17:44:43 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010.03.05 17:44:43 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.03.05 17:44:43 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010.03.05 17:44:43 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.03.05 17:44:42 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.03.05 17:44:42 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.03.05 17:44:42 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010.03.05 17:44:42 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.03.05 17:44:42 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010.03.05 17:44:42 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.03.05 17:44:41 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.03.05 17:44:41 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.03.05 17:44:41 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.03.05 17:44:41 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.03.05 17:44:41 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.03.05 17:44:41 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.03.05 17:44:41 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010.03.05 17:44:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.03.05 17:44:41 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010.03.05 17:44:41 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.03.05 17:44:41 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.03.05 17:44:41 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.03.05 17:44:40 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010.03.05 17:44:40 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.03.05 17:44:40 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010.03.05 17:44:40 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.03.05 17:44:39 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010.03.05 17:44:39 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.03.05 17:44:39 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.03.05 17:44:39 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.03.05 17:44:39 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010.03.05 17:44:39 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.03.05 17:44:39 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010.03.05 17:44:39 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.03.05 17:44:38 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010.03.05 17:44:38 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010.03.05 17:44:38 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010.03.05 17:44:38 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.03.05 17:44:38 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010.03.05 17:44:38 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.03.05 17:44:37 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010.03.05 17:44:37 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.03.05 17:44:37 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010.03.05 17:44:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.03.05 17:44:37 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.03.05 17:44:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.03.05 17:44:36 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010.03.05 17:44:36 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.03.05 17:44:36 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010.03.05 17:44:36 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.03.05 17:44:35 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010.03.05 17:44:35 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.03.05 17:44:35 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010.03.05 17:44:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.03.05 17:44:34 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010.03.05 17:44:34 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.03.05 17:44:31 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.03.05 17:44:31 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.03.05 17:44:30 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010.03.05 17:44:30 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.03.05 17:44:30 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010.03.05 17:44:30 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.03.05 17:44:30 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.03.05 17:44:30 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.03.05 17:44:29 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010.03.05 17:44:29 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010.03.05 17:44:29 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010.03.05 17:44:29 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.03.05 17:44:29 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.03.05 17:44:29 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.03.05 17:44:28 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010.03.05 17:44:28 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010.03.05 17:44:28 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.03.05 17:44:28 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010.03.05 17:40:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010.03.05 17:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.03.05 16:32:30 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Roaming\Macromedia
[2010.03.05 16:32:30 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Roaming\Adobe
[2010.03.05 16:32:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.03.05 16:25:57 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Roaming\WinRAR
[2010.03.05 16:25:53 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.03.05 16:21:44 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2010.03.05 15:59:10 | 000,074,880 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.03.05 15:59:10 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\SysWow64\drivers\ssmdrv.sys
[2010.03.05 15:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.03.05 15:51:29 | 000,000,000 | ---D | C] -- C:\Users\++\Documents\Xilisoft Corporation
[2010.03.05 15:51:29 | 000,000,000 | ---D | C] -- C:\Users\++\Documents\Rockstar Games
[2010.03.05 15:51:08 | 000,000,000 | ---D | C] -- C:\Users\++\Documents\My Games
[2010.03.05 15:51:07 | 000,000,000 | ---D | C] -- C:\Users\++\Documents\GUILD WARS
[2010.03.05 15:51:07 | 000,000,000 | ---D | C] -- C:\Users\++\Documents\DVDVideoSoft
[2010.03.05 15:51:07 | 000,000,000 | ---D | C] -- C:\Users\++\Documents\Downloads
[2010.03.05 15:51:07 | 000,000,000 | ---D | C] -- C:\Users\++\Documents\CAPCOM
[2010.03.05 15:49:26 | 000,000,000 | ---D | C] -- C:\Users\++\Documents\BioWare
[2010.03.05 15:49:26 | 000,000,000 | ---D | C] -- C:\Users\++\Documents\atari
[2010.03.05 15:39:52 | 000,000,000 | R-SD | C] -- C:\Users\++\Documents\My Stationery
[2010.03.05 15:31:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010.03.05 15:31:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.03.05 15:30:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010.03.05 15:30:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010.03.05 15:30:23 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.03.05 15:28:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010.03.05 15:27:30 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Roaming\Mozilla
[2010.03.05 15:27:30 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Local\Mozilla
[2010.03.05 15:24:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.03.05 15:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.03.05 15:16:01 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.03.05 15:14:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010.03.05 15:14:09 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.03.05 15:10:55 | 014,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.03.05 15:10:54 | 011,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.03.05 15:10:53 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010.03.05 15:10:52 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010.03.05 15:10:51 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.03.05 15:10:51 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.03.05 15:10:49 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010.03.05 15:10:49 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.03.05 15:10:49 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.03.05 15:10:49 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.03.05 15:10:49 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iyuv_32.dll
[2010.03.05 15:10:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvidc32.dll
[2010.03.05 15:10:49 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msyuv.dll
[2010.03.05 15:10:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrle32.dll
[2010.03.05 15:10:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2010.03.05 15:10:46 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010.03.05 15:10:46 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010.03.05 15:10:45 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010.03.05 15:10:45 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010.03.05 15:10:45 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010.03.05 15:10:45 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010.03.05 15:10:44 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.03.05 15:10:44 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010.03.05 15:10:44 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010.03.05 15:10:44 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010.03.05 15:10:44 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010.03.05 15:10:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010.03.05 15:10:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010.03.05 15:10:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010.03.05 15:10:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010.03.05 15:10:43 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010.03.05 15:10:43 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010.03.05 15:10:43 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010.03.05 15:10:43 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.03.05 15:10:43 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010.03.05 15:10:43 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010.03.05 15:10:43 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010.03.05 15:10:43 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010.03.05 15:10:43 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010.03.05 15:10:43 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010.03.05 15:10:43 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010.03.05 15:10:43 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.03.05 15:10:43 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010.03.05 15:10:43 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010.03.05 15:10:43 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.03.05 15:10:43 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010.03.05 15:10:43 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010.03.05 15:10:43 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.03.05 15:10:43 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.03.05 15:10:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010.03.05 15:10:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010.03.05 15:10:43 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.03.05 15:10:41 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010.03.05 15:10:41 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010.03.05 15:10:40 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.03.05 15:10:40 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.03.05 15:10:40 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010.03.05 15:10:40 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.03.05 15:10:40 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010.03.05 15:10:40 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.03.05 15:10:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.03.05 15:10:39 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.03.05 15:08:17 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Local\WindowsUpdate
[2010.03.05 15:06:59 | 000,000,000 | R--D | C] -- C:\Users\++\Searches
[2010.03.05 15:06:51 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Roaming\Identities
[2010.03.05 15:06:49 | 000,000,000 | R--D | C] -- C:\Users\++\Contacts
[2010.03.05 15:06:48 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Local\VirtualStore
[2010.03.05 15:06:39 | 000,000,000 | --SD | C] -- C:\Users\++\AppData\Roaming\Microsoft
[2010.03.05 15:06:39 | 000,000,000 | R--D | C] -- C:\Users\++\Videos
[2010.03.05 15:06:39 | 000,000,000 | R--D | C] -- C:\Users\++\Saved Games
[2010.03.05 15:06:39 | 000,000,000 | R--D | C] -- C:\Users\++\Pictures
[2010.03.05 15:06:39 | 000,000,000 | R--D | C] -- C:\Users\++\Music
[2010.03.05 15:06:39 | 000,000,000 | R--D | C] -- C:\Users\++\Links
[2010.03.05 15:06:39 | 000,000,000 | R--D | C] -- C:\Users\++\Favorites
[2010.03.05 15:06:39 | 000,000,000 | R--D | C] -- C:\Users\++\Downloads
[2010.03.05 15:06:39 | 000,000,000 | R--D | C] -- C:\Users\++\Documents
[2010.03.05 15:06:39 | 000,000,000 | R--D | C] -- C:\Users\++\Desktop
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Vorlagen
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\AppData\Local\Verlauf
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\AppData\Local\Temporary Internet Files
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Startmenü
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\SendTo
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Recent
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Netzwerkumgebung
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Lokale Einstellungen
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Documents\Eigene Videos
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Documents\Eigene Musik
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Eigene Dateien
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Documents\Eigene Bilder
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Druckumgebung
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Cookies
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\AppData\Local\Anwendungsdaten
[2010.03.05 15:06:39 | 000,000,000 | -HSD | C] -- C:\Users\++\Anwendungsdaten
[2010.03.05 15:06:39 | 000,000,000 | -H-D | C] -- C:\Users\++\AppData
[2010.03.05 15:06:39 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Local\Temp
[2010.03.05 15:06:39 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Local\Microsoft
[2010.03.05 15:06:39 | 000,000,000 | ---D | C] -- C:\Users\++\AppData\Roaming\Media Center Programs
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.03.05 15:06:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.03.05 15:03:40 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.03.05 15:01:04 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.03.05 15:00:50 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.03.05 15:00:04 | 000,000,000 | ---D | C] -- C:\Windows\Panther

========== Files - Modified Within 30 Days ==========

[2010.03.23 07:32:52 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\++\Desktop\OTL.exe
[2010.03.23 07:31:27 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.23 07:31:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.23 07:31:19 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2010.03.22 21:44:57 | 005,242,880 | -HS- | M] () -- C:\Users\++\NTUSER.DAT
[2010.03.22 21:44:52 | 001,879,390 | -H-- | M] () -- C:\Users\++\AppData\Local\IconCache.db
[2010.03.22 18:17:04 | 000,781,909 | ---- | M] () -- C:\Users\+\Desktop\RSIT.exe
[2010.03.22 17:52:43 | 000,000,997 | ---- | M] () -- C:\Users\++\Desktop\HijackThis.lnk
[2010.03.22 17:49:30 | 000,023,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.22 17:49:30 | 000,023,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.22 17:40:32 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.03.22 17:40:32 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.03.22 17:40:32 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.03.22 17:40:32 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.03.22 17:40:32 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.03.22 13:48:50 | 000,000,705 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.21 22:45:19 | 000,000,095 | ---- | M] () -- C:\Windows\wininit.ini
[2010.03.21 22:33:59 | 000,380,794 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.03.21 22:32:01 | 000,000,948 | ---- | M] () -- C:\Users\++\Desktop\Spybot - Search & Destroy.lnk
[2010.03.21 19:15:52 | 000,160,768 | ---- | M] () -- C:\Windows\Xcehia.exe
[2010.03.19 16:15:35 | 010,108,928 | ---- | M] () -- C:\Users\++\Desktop\Scorpions - Rock You Like A Hurricane.mp3
[2010.03.13 11:06:14 | 000,000,985 | ---- | M] () -- C:\Users\++\Desktop\SpeedBit Video Accelerator.lnk
[2010.03.13 11:06:10 | 000,172,032 | ---- | M] (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) -- C:\Windows\SysWow64\AniGIF.ocx
[2010.03.12 08:14:46 | 000,266,992 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.03.11 18:14:06 | 000,057,960 | ---- | M] () -- C:\Users\++\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.11 13:08:59 | 000,000,786 | ---- | M] () -- C:\Users\++\Desktop\start_wh40k.jnlp
[2010.03.10 22:05:18 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.03.10 22:02:32 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.03.10 12:02:12 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2010.03.10 12:02:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.03.10 12:02:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.03.10 12:02:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.03.07 13:43:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.03.07 09:32:44 | 000,001,243 | ---- | M] () -- C:\Users\++\Desktop\DVDVideoSoft Free Studio.lnk
[2010.03.06 22:22:31 | 000,001,089 | ---- | M] () -- C:\Users\++\Desktop\MassEffect2 - Verknüpfung.lnk
[2010.03.06 13:03:10 | 000,000,654 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm.lnk
[2010.03.06 12:24:35 | 000,000,711 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2010.03.05 17:22:10 | 000,380,343 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100321-223359.backup
[2010.03.05 16:11:34 | 000,540,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010.03.05 15:52:24 | 000,000,938 | ---- | M] () -- C:\Users\++\Desktop\firefox - Verknüpfung.lnk
[2010.03.05 15:51:23 | 000,000,673 | ---- | M] () -- C:\Users\++\Desktop\QIP 2005.lnk
[2010.03.05 15:18:03 | 000,524,288 | -HS- | M] () -- C:\Users\++\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.03.05 15:18:03 | 000,524,288 | -HS- | M] () -- C:\Users\++\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.03.05 15:18:03 | 000,065,536 | -HS- | M] () -- C:\Users\++\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.03.05 15:06:39 | 000,000,020 | -HS- | M] () -- C:\Users\++\ntuser.ini
[2010.03.05 15:04:05 | 000,056,735 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.03.05 15:04:05 | 000,056,735 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2010.03.22 18:16:54 | 000,781,909 | ---- | C] () -- C:\Users\++\Desktop\RSIT.exe
[2010.03.22 17:52:43 | 000,000,997 | ---- | C] () -- C:\Users\++\Desktop\HijackThis.lnk
[2010.03.22 13:48:50 | 000,000,705 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.21 22:45:19 | 000,000,095 | ---- | C] () -- C:\Windows\wininit.ini
[2010.03.21 22:32:01 | 000,000,948 | ---- | C] () -- C:\Users\++\Desktop\Spybot - Search & Destroy.lnk
[2010.03.21 19:15:57 | 000,160,768 | ---- | C] () -- C:\Windows\Xcehia.exe
[2010.03.19 16:15:23 | 010,108,928 | ---- | C] () -- C:\Users\++\Desktop\Scorpions - Rock You Like A Hurricane.mp3
[2010.03.13 11:06:14 | 000,000,985 | ---- | C] () -- C:\Users\++\Desktop\SpeedBit Video Accelerator.lnk
[2010.03.11 13:08:58 | 000,000,786 | ---- | C] () -- C:\Users\++\Desktop\start_wh40k.jnlp
[2010.03.10 22:05:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.10 22:02:32 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.03.07 15:36:50 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010.03.07 15:36:50 | 000,005,504 | ---- | C] () -- C:\Windows\SysNative\drivers\StarOpen.sys
[2010.03.07 13:43:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.03.07 10:10:25 | 000,206,848 | ---- | C] () -- C:\Windows\SysNative\unrar.dll
[2010.03.07 10:10:24 | 000,100,352 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2010.03.07 09:32:44 | 000,001,243 | ---- | C] () -- C:\Users\++\Desktop\DVDVideoSoft Free Studio.lnk
[2010.03.06 22:22:31 | 000,001,089 | ---- | C] () -- C:\Users\++\Desktop\MassEffect2 - Verknüpfung.lnk
[2010.03.06 13:03:10 | 000,000,654 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm.lnk
[2010.03.06 12:24:00 | 000,000,711 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2010.03.05 15:52:24 | 000,000,938 | ---- | C] () -- C:\Users\++\Desktop\firefox - Verknüpfung.lnk
[2010.03.05 15:51:23 | 000,000,673 | ---- | C] () -- C:\Users\++\Desktop\QIP 2005.lnk
[2010.03.05 15:06:39 | 000,524,288 | -HS- | C] () -- C:\Users\++\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.03.05 15:06:39 | 000,524,288 | -HS- | C] () -- C:\Users\++\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.03.05 15:06:39 | 000,065,536 | -HS- | C] () -- C:\Users\++\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.03.05 15:06:39 | 000,000,020 | -HS- | C] () -- C:\Users\++\ntuser.ini
[2010.03.05 15:06:38 | 005,242,880 | -HS- | C] () -- C:\Users\++NTUSER.DAT
[2010.03.05 15:00:50 | 1609,424,896 | -HS- | C] () -- C:\hiberfil.sys
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.06.11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.06.11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.06.11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008.06.05 08:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
< End of report >


~
__________________

Alt 23.03.2010, 13:43   #4
Walker13
 
sshnas.dll fehlt ( Win 7 64) - Standard

sshnas.dll fehlt ( Win 7 64)



Hi
so nun den 2.

Zitat:
OTL Extras logfile created on: 23.03.2010 07:33:38 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\++\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 41,25 Gb Free Space | 70,52% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 144,06 Gb Free Space | 73,76% Space Free | Partition Type: NTFS
Drive E: | 211,85 Gb Total Space | 78,64 Gb Free Space | 37,12% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ++-PC
Current User Name: ++
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.2.0
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A7E07C2B-2220-4415-87E3-784D5814BC93}" = NVIDIA PhysX v8.09.04
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Free Studio_is1" = Free Studio version 4.3
"HijackThis" = HijackThis 2.0.2
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mp3tag" = Mp3tag v2.45d
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ProcessLasso" = Process Lasso
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Guild Wars" = GUILD WARS
"OnlineCodex" = OnlineCodex
"QIP 2005" = QIP 2005 8095

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 07.03.2010 06:33:44 | Computer Name = ++-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MassEffect2.exe, Version: 1.0.1593.2,
Zeitstempel: 0x4b2845cd Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.4927,
Zeitstempel: 0x4a2752ff Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001500a ID des fehlerhaften
Prozesses: 0x30c Startzeit der fehlerhaften Anwendung: 0x01cabddb27a15b75 Pfad der
fehlerhaften Anwendung: D:\Mass Effect 2\Binaries\MassEffect2.exe Pfad des fehlerhaften
Moduls: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\MSVCR80.dll
Berichtskennung:
e70f591c-29d4-11df-8e9d-001d7d02583a

Error - 07.03.2010 06:33:48 | Computer Name = ++-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MassEffect2.exe, Version: 1.0.1593.2,
Zeitstempel: 0x4b2845cd Name des fehlerhaften Moduls: MassEffect2.exe, Version:
1.0.1593.2, Zeitstempel: 0x4b2845cd Ausnahmecode: 0xc0000005 Fehleroffset: 0x00a03efa
ID
des fehlerhaften Prozesses: 0x30c Startzeit der fehlerhaften Anwendung: 0x01cabddb27a15b75
Pfad
der fehlerhaften Anwendung: D:\Mass Effect 2\Binaries\MassEffect2.exe Pfad des fehlerhaften
Moduls: D:\Mass Effect 2\Binaries\MassEffect2.exe Berichtskennung: e98ee169-29d4-11df-8e9d-001d7d02583a

Error - 07.03.2010 14:24:29 | Computer Name = ++-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"d:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 07.03.2010 14:24:43 | Computer Name = ++-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"d:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 08.03.2010 14:20:29 | Computer Name = ++-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "E:\Steam\steamapps\common\grand
theft auto iv\GTAIV\gta4Browser.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 08.03.2010 14:20:29 | Computer Name = ++-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "E:\Steam\steamapps\common\grand
theft auto iv\GTAIV\GTAIV.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 08.03.2010 15:30:13 | Computer Name = ++-PC | Source = Application Hang | ID = 1002
Description = Programm GTAIV.exe, Version 1.0.0.4 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: eac Startzeit:
01cabeec60f87e19 Endzeit: 53 Anwendungspfad: e:\steam\steamapps\common\grand theft
auto iv\GTAIV\GTAIV.exe Berichts-ID:

Error - 13.03.2010 07:34:49 | Computer Name = ++-PC | Source = Application Hang | ID = 1002
Description = Programm FreeYouTubeToMP3Converter.exe, Version 3.2.7.123 kann nicht
mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: e8c Startzeit: 01cac29b8de201b9 Endzeit: 3 Anwendungspfad: D:\Program
Files (x86)\DVDVideoSoft\Free Studio\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe

Berichts-ID:
6c646907-2e94-11df-92b4-001d7d02583a

Error - 21.03.2010 17:10:49 | Computer Name = ++-PC | Source = SDWinSec.exe | ID = 0
Description =

Error - 22.03.2010 02:28:28 | Computer Name = ++-PC | Source = Application Hang | ID = 1002
Description = Programm SpybotSD.exe, Version 1.6.2.46 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 9f0 Startzeit:
01cac988782db2fc Endzeit: 5 Anwendungspfad: D:\Program Files (x86)\Spybot - Search
& Destroy\SpybotSD.exe Berichts-ID:

[ System Events ]
Error - 18.03.2010 11:56:23 | Computer Name = ++-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.

Error - 18.03.2010 11:56:23 | Computer Name = ++-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 19.03.2010 11:13:16 | Computer Name = ++-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "VideoAcceleratorService" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.

Error - 20.03.2010 10:08:05 | Computer Name = ++-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "VideoAcceleratorService" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.

Error - 20.03.2010 17:25:06 | Computer Name = ++-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst lmhosts erreicht.

Error - 21.03.2010 16:28:08 | Computer Name = ++-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.

Error - 22.03.2010 02:45:54 | Computer Name = ++-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error - 22.03.2010 02:45:55 | Computer Name = ++-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error - 22.03.2010 02:45:55 | Computer Name = ++-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error - 22.03.2010 02:45:56 | Computer Name = ++-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


< End of report >

Alt 23.03.2010, 16:21   #5
Chris4You
 
sshnas.dll fehlt ( Win 7 64) - Standard

sshnas.dll fehlt ( Win 7 64)



Hi,

die Eitnräge sind bewusst?:
Code:
ATTFilter
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
         
Zur Sicherheit noch zu prüfen:


Dateien Online überprüfen lassen:
  • Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:
Code:
ATTFilter
C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll 
C:\Users\**\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll 
C:\Windows\Xcehia.exe
         
  • Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)
  • Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.
  • Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

chris

__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 23.03.2010, 17:07   #6
Walker13
 
sshnas.dll fehlt ( Win 7 64) - Standard

sshnas.dll fehlt ( Win 7 64)



Hi
Die Toolbar ist zwar nicht 100% beabsichtigt, aber die hab ich schon länger drauf und hat noch nie irgendwas ausgelöst.

Zitat:
Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.5.0.50 2010.03.23 -
AhnLab-V3 5.0.0.2 2010.03.23 -
AntiVir 8.2.1.196 2010.03.23 -
Antiy-AVL 2.0.3.7 2010.03.23 -
Authentium 5.2.0.5 2010.03.23 -
Avast 4.8.1351.0 2010.03.23 -
Avast5 5.0.332.0 2010.03.23 -
AVG 9.0.0.787 2010.03.23 -
BitDefender 7.2 2010.03.23 -
CAT-QuickHeal 10.00 2010.03.23 -
ClamAV 0.96.0.0-git 2010.03.23 -
Comodo 4358 2010.03.23 -
DrWeb 5.0.1.12222 2010.03.23 -
eSafe 7.0.17.0 2010.03.23 -
eTrust-Vet 35.2.7383 2010.03.23 -
F-Prot 4.5.1.85 2010.03.23 -
F-Secure 9.0.15370.0 2010.03.23 -
Fortinet 4.0.14.0 2010.03.22 -
GData 19 2010.03.23 -
Ikarus T3.1.1.80.0 2010.03.23 -
Jiangmin 13.0.900 2010.03.23 -
K7AntiVirus 7.10.1004 2010.03.22 -
Kaspersky 7.0.0.125 2010.03.23 -
McAfee 5928 2010.03.22 -
McAfee+Artemis 5928 2010.03.22 -
McAfee-GW-Edition 6.8.5 2010.03.23 -
Microsoft 1.5605 2010.03.23 -
NOD32 4968 2010.03.23 -
Norman 6.04.10 2010.03.23 -
nProtect 2009.1.8.0 2010.03.23 -
Panda 10.0.2.2 2010.03.23 -
PCTools 7.0.3.5 2010.03.23 -
Prevx 3.0 2010.03.23 -
Rising 22.40.01.04 2010.03.23 -
Sophos 4.51.0 2010.03.23 -
Sunbelt 6031 2010.03.22 -
Symantec 20091.2.0.41 2010.03.23 -
TheHacker 6.5.2.0.242 2010.03.23 -
TrendMicro 9.120.0.1004 2010.03.23 -
VBA32 3.12.12.2 2010.03.23 -
ViRobot 2010.3.23.2240 2010.03.23 -
VirusBuster 5.0.27.0 2010.03.23 -
weitere Informationen
File size: 2447360 bytes
MD5...: 8e1e02d905163d8e6c33b1847b4b1e59
SHA1..: b56091f0092e62c0977eb1632dc7e01b202d0525
SHA256: fa85bc73085392fb2359b095ac52586f7e3b438ac72cffa3560fba8940d82681
ssdeep: 24576:goP1ynvNM32TXHCFutuRMskGr0slM7CtB/b32VImNzjul2o2cnHfkRzdA3
88Zj:gWQiS0r/lM7CPL2GgHulxHfk9dAvZj
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x153e1f
timedatestamp.....: 0x4b222226 (Fri Dec 11 10:42:46 2009)
machinetype.......: 0x14c (I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x191046 0x191200 6.20 97879701d8e3d3a0ca259355325e6316
.rdata 0x193000 0x61fb4 0x62000 4.69 2b9b766ad81873675ca6bc8913e83986
.data 0x1f5000 0xcba8 0x9400 4.63 3b2640e4bed5b3b769c0d9c5aa1f803d
.SHARED 0x202000 0x3f4bc 0x3f600 0.00 3b7fc83efc14a54ee69768b096d185c4
.rsrc 0x242000 0x64fc 0x6600 5.03 efa4106220e28263468e84e0acc1b472
.reloc 0x249000 0x11a5e 0x11c00 6.56 a2f43db754fc9b4c48efbf83f261a7c6

( 16 imports )
> WININET.dll: FindNextUrlCacheEntryW, DeleteUrlCacheEntryW, FindCloseUrlCache, FtpOpenFileW, InternetWriteFile, InternetCloseHandle, InternetOpenW, FtpSetCurrentDirectoryW, InternetConnectW, FtpCreateDirectoryW, FindFirstUrlCacheEntryW
> SHLWAPI.dll: PathFileExistsW, PathRemoveFileSpecW
> dbghelp.dll: SymGetOptions, SymCleanup, SymInitialize, MiniDumpWriteDump, SymSetOptions, SymFunctionTableAccess, StackWalk, SymGetSymFromAddr, SymLoadModule, SymGetModuleBase, SymGetLineFromAddr
> VERSION.dll: GetFileVersionInfoW, GetFileVersionInfoSizeW, VerQueryValueW
> IPHLPAPI.DLL: GetAdaptersInfo
> RPCRT4.dll: UuidCreate, RpcStringFreeW, UuidToStringW
> WINMM.dll: PlaySoundW
> gdiplus.dll: GdipGetImageGraphicsContext, GdipSetImageAttributesColorMatrix, GdipDisposeImageAttributes, GdipCreateImageAttributes, GdipCreateHBITMAPFromBitmap, GdipBitmapGetPixel, GdipGetImageHeight, GdipGetImageWidth, GdipDrawImageRectI, GdipDeleteGraphics, GdipCreateFromHDC, GdipCreateBitmapFromResource, GdipCloneImage, GdipDisposeImage, GdipLoadImageFromFileICM, GdipLoadImageFromFile, GdipAlloc, GdipFree, GdipDrawImageRectRect, GdipCreateBitmapFromScan0, GdipGetImagePaletteSize, GdipSetImagePalette, GdipBitmapLockBits, GdipBitmapUnlockBits, GdiplusStartup, GdiplusShutdown, GdipGetImagePalette
> KERNEL32.dll: lstrlenW, GetLastError, InitializeCriticalSection, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, FreeLibrary, MultiByteToWideChar, SizeofResource, LoadResource, FindResourceW, SetLastError, LoadLibraryExW, OutputDebugStringA, LoadLibraryW, GetModuleHandleA, GetProcAddress, GetFileAttributesW, GetVersion, lstrcmpiW, GetCurrentThreadId, RaiseException, FlushInstructionCache, GetCurrentProcess, LoadLibraryA, InterlockedIncrement, InterlockedDecrement, LockResource, FindResourceExW, IsBadCodePtr, HeapFree, GetProcessHeap, SetUnhandledExceptionFilter, HeapAlloc, IsBadWritePtr, GetCurrentProcessId, lstrcpynW, lstrlenA, FormatMessageW, IsBadReadPtr, ReadProcessMemory, GetCurrentThread, GetVersionExW, CreateFileW, CloseHandle, OpenProcess, WideCharToMultiByte, OpenMutexW, HeapReAlloc, GlobalLock, TerminateThread, WaitForSingleObject, CreateThread, CopyFileW, VerLanguageNameW, ReadFile, GetFileSize, DeleteFileW, RemoveDirectoryW, WriteFile, GetTempPathW, MoveFileW, CreateDirectoryW, GetLongPathNameW, TerminateProcess, Process32NextW, Module32NextW, GetModuleFileNameW, Process32FirstW, CreateToolhelp32Snapshot, GetStringTypeExW, GetFullPathNameW, FindFirstFileW, FindNextFileW, FindClose, GlobalFree, GlobalReAlloc, GlobalAlloc, Sleep, lstrcmpW, MulDiv, WriteProcessMemory, DisableThreadLibraryCalls, GetShortPathNameW, MoveFileExW, ReleaseMutex, CreateMutexW, MapViewOfFile, CreateFileMappingW, OpenFileMappingW, UnmapViewOfFile, LocalFree, LocalAlloc, FileTimeToSystemTime, SetFilePointer, GetFileInformationByHandle, SystemTimeToFileTime, GetLocalTime, GetTickCount, SetCurrentDirectoryW, ExpandEnvironmentStringsW, HeapSize, RtlUnwind, ExitThread, ResumeThread, GetSystemTimeAsFileTime, GetCommandLineA, UnhandledExceptionFilter, IsDebuggerPresent, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, GetStdHandle, GetModuleFileNameA, HeapCreate, FatalAppExitA, ExitProcess, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, LCMapStringW, SetHandleCount, GetFileType, GetStartupInfoA, GetTimeZoneInformation, GetConsoleCP, InterlockedCompareExchange, IsProcessorFeaturePresent, VirtualFree, VirtualAlloc, GetConsoleMode, HeapDestroy, FreeEnvironmentStringsA, Module32FirstW, GetModuleHandleW, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, QueryPerformanceCounter, SetConsoleCtrlHandler, GetLocaleInfoW, GetLocaleInfoA, InitializeCriticalSectionAndSpinCount, InterlockedExchange, LCMapStringA, GetStringTypeA, GetStringTypeW, GetTimeFormatA, GetDateFormatA, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale, SetStdHandle, FlushFileBuffers, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, SetEndOfFile, CreateFileA, CompareStringA, CompareStringW, SetEnvironmentVariableA, GlobalUnlock
> USER32.dll: DialogBoxIndirectParamW, DrawFrameControl, LoadBitmapW, GetCursorPos, EndMenu, DrawTextW, InvalidateRgn, ScreenToClient, CreateAcceleratorTableW, GetDesktopWindow, RedrawWindow, DestroyAcceleratorTable, RegisterWindowMessageW, GetUpdateRect, GetWindowTextLengthW, GetKeyState, GetSysColorBrush, GetSysColor, OffsetRect, FindWindowExW, DialogBoxParamW, GetDC, GetWindowThreadProcessId, IsWindowVisible, CallNextHookEx, SetCursor, DestroyCursor, UnregisterClassA, GetWindow, MonitorFromWindow, GetMonitorInfoW, EndDialog, GetActiveWindow, EnableWindow, DrawEdge, DrawFocusRect, FillRect, EndPaint, BeginPaint, SetWindowPos, GetMenu, AdjustWindowRectEx, GetDlgCtrlID, SetCapture, IsWindowEnabled, KillTimer, SetTimer, UpdateWindow, PtInRect, CharLowerBuffW, GetCapture, SystemParametersInfoW, GetSystemMetrics, InflateRect, InvalidateRect, SetActiveWindow, SetFocus, GetWindowTextW, TranslateMessage, DispatchMessageW, CharUpperBuffW, SetLastErrorEx, wsprintfW, IsChild, GetDlgItem, GetMessagePos, MapWindowPoints, GetWindowLongW, OpenClipboard, EmptyClipboard, CloseClipboard, TrackPopupMenu, MonitorFromPoint, GetAsyncKeyState, SetWindowsHookExW, WindowFromDC, UnhookWindowsHookEx, DefWindowProcW, GetWindowDC, GetClientRect, CallWindowProcW, GetWindowRect, GetClassNameW, PostMessageW, CopyRect, SetWindowLongW, RegisterClassExW, LoadCursorW, GetClassInfoExW, GetParent, CreateWindowExW, ShowWindow, MoveWindow, SetWindowTextW, MessageBoxW, SendMessageW, GetFocus, IsWindow, DestroyWindow, DestroyMenu, CreatePopupMenu, AppendMenuW, GetMenuInfo, SetMenuInfo, GetMenuItemInfoW, SetMenuItemInfoW, WindowFromPoint, ClientToScreen, CharNextW, SetDlgItemTextW, MessageBeep, LoadCursorFromFileW, UnregisterClassW, LoadImageW, ReleaseCapture, SetWindowRgn, ReleaseDC, EnumChildWindows
> GDI32.dll: CreateRectRgnIndirect, CreateFontW, ExtTextOutW, SelectObject, GetTextExtentPoint32W, CreateSolidBrush, FrameRgn, CreateRectRgn, CombineRgn, SelectClipRgn, GetClipBox, RestoreDC, SaveDC, SetBkColor, SetBkMode, GetObjectW, GetDeviceCaps, CreateCompatibleBitmap, GetTextMetricsW, GetTextExtentPointW, CreateBrushIndirect, SetTextColor, CreatePen, CreatePatternBrush, CreateDIBSection, Rectangle, CreateCompatibleDC, BitBlt, DeleteDC, GetStockObject, DeleteObject
> ADVAPI32.dll: RegOpenKeyExW, RegEnumKeyExW, RegSetValueExW, RegQueryInfoKeyW, GetUserNameW, SetNamedSecurityInfoW, GetSidSubAuthority, InitializeSid, GetSidLengthRequired, CopySid, GetLengthSid, IsValidSid, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, AddAce, InitializeAcl, RegQueryValueExW, RegEnumValueW, GetTokenInformation, OpenProcessToken, GetSidSubAuthorityCount, GetSidIdentifierAuthority, FreeSid, CheckTokenMembership, AllocateAndInitializeSid, EqualSid, OpenThreadToken, RegSetKeySecurity, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegGetKeySecurity, RegEnumKeyW, RegDeleteKeyW
> SHELL32.dll: SHGetFolderPathW, SHEmptyRecycleBinW, ShellExecuteW, SHAddToRecentDocs, DragQueryFileW, SHLoadInProc, DoEnvironmentSubstW, SHCreateDirectoryExW
> ole32.dll: CoTaskMemFree, CoTaskMemAlloc, CoTaskMemRealloc, CoCreateInstance, RegisterDragDrop, ReleaseStgMedium, CoUninitialize, CoInitialize, OleUninitialize, CreateStreamOnHGlobal, OleInitialize, CoGetClassObject, CLSIDFromProgID, CLSIDFromString, StringFromGUID2, OleLockRunning, CoCreateGuid, CoGetInterfaceAndReleaseStream, CoMarshalInterThreadInterfaceInStream
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> UxTheme.dll: DrawThemeParentBackground, GetThemeSysColor, CloseThemeData, OpenThemeData

( 8 exports )
CanReload, DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer, GetUpdaterAPI, MyUnregisterServer, TBStudioReg
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: DirectShow filter (52.6%)
Windows OCX File (32.2%)
Win32 Executable MS Visual C++ (generic) (9.8%)
Win32 Executable Generic (2.2%)
Win32 Dynamic Link Library (generic) (1.9%)
sigcheck:
publisher....: n/a
copyright....: Copyright (c) 2001-2010. All rights reserved.
product......: IE Toolbar
description..: IE Toolbar Engine
original name: tbcore3U.dll
internal name: tbcore3U
file version.: 4, 2, 0, 0
comments.....: n/a
signers......: Speed-Bit LTD
Thawte Code Signing CA
Thawte Premium Server CA
signing date.: 9:22 AM 12/17/2009
verified.....: -
Zitat:
Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.5.0.50 2010.03.23 -
AhnLab-V3 5.0.0.2 2010.03.23 -
AntiVir 8.2.1.196 2010.03.23 -
Antiy-AVL 2.0.3.7 2010.03.23 -
Authentium 5.2.0.5 2010.03.23 -
Avast 4.8.1351.0 2010.03.23 -
Avast5 5.0.332.0 2010.03.23 -
AVG 9.0.0.787 2010.03.23 -
BitDefender 7.2 2010.03.23 -
CAT-QuickHeal 10.00 2010.03.23 -
ClamAV 0.96.0.0-git 2010.03.23 -
Comodo 4358 2010.03.23 -
DrWeb 5.0.1.12222 2010.03.23 -
eSafe 7.0.17.0 2010.03.23 -
eTrust-Vet 35.2.7383 2010.03.23 -
F-Prot 4.5.1.85 2010.03.23 -
F-Secure 9.0.15370.0 2010.03.23 -
Fortinet 4.0.14.0 2010.03.22 -
GData 19 2010.03.23 -
Ikarus T3.1.1.80.0 2010.03.23 -
Jiangmin 13.0.900 2010.03.23 -
K7AntiVirus 7.10.1004 2010.03.22 -
Kaspersky 7.0.0.125 2010.03.23 -
McAfee 5928 2010.03.22 -
McAfee+Artemis 5928 2010.03.22 -
McAfee-GW-Edition 6.8.5 2010.03.23 -
Microsoft 1.5605 2010.03.23 -
NOD32 4968 2010.03.23 -
Norman 6.04.10 2010.03.23 -
nProtect 2009.1.8.0 2010.03.23 -
Panda 10.0.2.2 2010.03.23 -
PCTools 7.0.3.5 2010.03.23 -
Prevx 3.0 2010.03.23 -
Rising 22.40.01.04 2010.03.23 -
Sophos 4.51.0 2010.03.23 -
Sunbelt 6031 2010.03.22 -
Symantec 20091.2.0.41 2010.03.23 -
TheHacker 6.5.2.0.242 2010.03.23 -
TrendMicro 9.120.0.1004 2010.03.23 -
VBA32 3.12.12.2 2010.03.23 -
ViRobot 2010.3.23.2240 2010.03.23 -
VirusBuster 5.0.27.0 2010.03.23 -
weitere Informationen
File size: 149968 bytes
MD5...: a317d9883350fa8f2a181a53be9c7f41
SHA1..: 6b8efa0b29bf483fa427f77f36a1495664e3501e
SHA256: ecf778a828449a5835a15d440ec76cf4b25cf7858ff7a677a0e9a44f1f5942f5
ssdeep: 3072:7kjmT0veTm5fdErM8g7pEQgyuwqrt8Z3W0Ro:78GTQfdED9jLWZY
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xfcbd
timedatestamp.....: 0x4a55a527 (Thu Jul 09 08:07:03 2009)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x182c1 0x19000 6.35 2d1f99da41e3c17e0ac813d1714f3a2b
.rdata 0x1a000 0x4b83 0x5000 4.88 a1685e9484476008020dd649df25b88d
.data 0x1f000 0x2e64 0x2000 1.60 e5e0d1441877c9e663cf9a2dddbab5fe
.rsrc 0x22000 0x850 0x1000 4.73 7bf96d9c0b6c6f7fccf563f6a324abd6
.reloc 0x23000 0x1f14 0x2000 4.74 cd84bca1581a6341de74935f034c3289

( 5 imports )
> KERNEL32.dll: InterlockedDecrement, RaiseException, MultiByteToWideChar, WideCharToMultiByte, GetModuleHandleW, FreeLibrary, SizeofResource, LoadResource, FindResourceW, SetLastError, InterlockedIncrement, OutputDebugStringA, LoadLibraryW, GetModuleHandleA, GetProcAddress, GetFileAttributesW, GetVersion, lstrcmpiW, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, GetLastError, GetModuleFileNameW, lstrlenW, GetThreadLocale, SetThreadLocale, LoadLibraryExW, DisableThreadLibraryCalls, FlushFileBuffers, CloseHandle, CreateFileA, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetVersionExA, InterlockedExchange, GetACP, GetLocaleInfoA, RtlUnwind, HeapFree, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapReAlloc, HeapAlloc, GetCurrentThreadId, GetCommandLineA, GetProcessHeap, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, Sleep, HeapSize, ExitProcess, GetCPInfo, GetOEMCP, WriteFile, GetStdHandle, GetModuleFileNameA, SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, SetFilePointer, GetConsoleCP, GetConsoleMode, LoadLibraryA, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW
> USER32.dll: UnregisterClassA, CharNextW, LoadStringW
> ADVAPI32.dll: RegEnumValueW, RegQueryInfoKeyW, RegSetValueExW, RegQueryValueExW, RegOpenKeyExW, RegCreateKeyExW, RegEnumKeyExW, RegCloseKey, RegDeleteKeyW, RegDeleteValueW
> ole32.dll: StringFromGUID2, CoTaskMemFree, CoTaskMemAlloc, CoTaskMemRealloc, CoCreateInstance
> OLEAUT32.dll: -, -, -, -, -, -, -, -

( 4 exports )
DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: DirectShow filter (52.6%)
Windows OCX File (32.2%)
Win32 Executable MS Visual C++ (generic) (9.8%)
Win32 Executable Generic (2.2%)
Win32 Dynamic Link Library (generic) (1.9%)
sigcheck:
publisher....: qip.ru
copyright....: qip.ru
product......: qipbar
description..: qipbar
original name: qipbar.dll
internal name: qipbar.dll
file version.: 1, 0, 1, 0
comments.....: n/a
signers......: OOO Russkie Internet Reshenija
Thawte Code Signing CA
Thawte Premium Server CA
signing date.: 4:58 PM 3/23/2010
verified.....: -
Zitat:
Datei Xcehia.exe empfangen 2010.03.23 16:00:52 (UTC)
Status: Laden ... Wartend Warten Überprüfung Beendet Nicht gefunden Gestoppt
Ergebnis: 15/42 (35.72%)
Laden der Serverinformationen...
Ihre Datei wartet momentan auf Position: 1.
Geschätzte Startzeit ist zwischen 42 und 60 Sekunden.
Dieses Fenster bis zum Abschluss des Scans nicht schließen.
Der Scanner, welcher momentan Ihre Datei bearbeitet ist momentan gestoppt. Wir warten einige Sekunden um Ihr Ergebnis zu erstellen.
Falls Sie längern als fünf Minuten warten, versenden Sie bitte die Datei erneut.
Ihre Datei wird momentan von VirusTotal überprüft,
Ergebnisse werden sofort nach der Generierung angezeigt.
Filter Filter
Drucken der Ergebnisse Drucken der Ergebnisse
Datei existiert nicht oder dessen Lebensdauer wurde überschritten
Dienst momentan gestoppt. Ihre Datei befindet sich in der Warteschlange (position: ). Diese wird abgearbeitet, wenn der Dienst wieder startet.

SIe können auf einen automatischen reload der homepage warten, oder ihre email in das untere formular eintragen. Klicken Sie auf "Anfragen", damit das System sie benachrichtigt wenn die Überprüfung abgeschlossen ist.
Email:

Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.5.0.50 2010.03.23 -
AhnLab-V3 5.0.0.2 2010.03.23 -
AntiVir 8.2.1.196 2010.03.23 TR/Agent.AS.3300
Antiy-AVL 2.0.3.7 2010.03.23 -
Authentium 5.2.0.5 2010.03.23 -
Avast 4.8.1351.0 2010.03.23 -
Avast5 5.0.332.0 2010.03.23 -
AVG 9.0.0.787 2010.03.23 Crypt.QSI
BitDefender 7.2 2010.03.23 -
CAT-QuickHeal 10.00 2010.03.23 Win32.Packed.Krap.as.5
ClamAV 0.96.0.0-git 2010.03.23 -
Comodo 4358 2010.03.23 -
DrWeb 5.0.1.12222 2010.03.23 Trojan.DownLoad1.47680
eSafe 7.0.17.0 2010.03.23 -
eTrust-Vet 35.2.7383 2010.03.23 -
F-Prot 4.5.1.85 2010.03.23 -
F-Secure 9.0.15370.0 2010.03.23 Trojan-Downloader:W32/Renos.gen!C
Fortinet 4.0.14.0 2010.03.22 -
GData 19 2010.03.23 -
Ikarus T3.1.1.80.0 2010.03.23 -
Jiangmin 13.0.900 2010.03.23 -
K7AntiVirus 7.10.1004 2010.03.22 -
Kaspersky 7.0.0.125 2010.03.23 Packed.Win32.Krap.as
McAfee 5928 2010.03.22 -
McAfee+Artemis 5928 2010.03.22 -
McAfee-GW-Edition 6.8.5 2010.03.23 Trojan.Agent.AS.3300
Microsoft 1.5605 2010.03.23 TrojanDownloader:Win32/Renos.KF
NOD32 4968 2010.03.23 a variant of Win32/Kryptik.DFA
Norman 6.04.10 2010.03.23 -
nProtect 2009.1.8.0 2010.03.23 -
Panda 10.0.2.2 2010.03.23 Suspicious file
PCTools 7.0.3.5 2010.03.23 -
Prevx 3.0 2010.03.23 High Risk Cloaked Malware
Rising 22.40.01.04 2010.03.23 -
Sophos 4.51.0 2010.03.23 Sus/UnkPack-C
Sunbelt 6031 2010.03.22 -
Symantec 20091.2.0.41 2010.03.23 Suspicious.Insight
TheHacker 6.5.2.0.242 2010.03.23 Trojan/Kryptik.deq
TrendMicro 9.120.0.1004 2010.03.23 -
VBA32 3.12.12.2 2010.03.23 -
ViRobot 2010.3.23.2240 2010.03.23 -
VirusBuster 5.0.27.0 2010.03.23 Trojan.Codecpack.Gen.4
weitere Informationen
File size: 160768 bytes
MD5...: f1c6a7b5d7c3eab8e391b90725b26388
SHA1..: 50a8c1200d987e791997589dbb3830d32b6f01a9
SHA256: 2df39e3925c249ec48de96b123e2d28ffbc71b8fcbaa151f191a52c924620f4c
ssdeep: 3072:5/gS/uhb/bp+/NCpQMtkIAhrbUGt48zAWqBYG/Cg1CY2kwNXGpy:dBm1/bO
CpgTtxzNG/CSZ2kk2
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x11d7
timedatestamp.....: 0x4aaa8ac8 (Fri Sep 11 17:37:12 2009)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.CODE 0x1000 0x70ef 0x7200 5.76 155aeb8ca8468b2f361b61e8aa875a1d
.edata 0x9000 0x1d7c5 0x1d800 7.56 3e9c3d1764c54c24ea12caebe0b5ccd4
BSS 0x27000 0x151a 0x1600 4.06 98640493f189cf16cfe74b3d8f8a4b32
.tls 0x29000 0x14675 0x800 0.00 c99a74c555371a433d121f551d6c6398
.init 0x3e000 0x4c9 0x600 0.00 53e979547d8c2ea86560ac45de08ae25

( 4 imports )
> MSVCRT.dll: clock, swprintf, sprintf, atol, wcsncmp, calloc, wcstol, malloc, wcschr, srand, strlen, memset, tolower, rand, wcscspn, sqrt, memmove, _acmdln, time, mbstowcs, memcpy
> version.dll: GetFileVersionInfoSizeA
> kernel32.dll: GlobalAddAtomA, GetCurrentThreadId, HeapFree, LocalFree, Sleep, WideCharToMultiByte, HeapAlloc, ExitProcess, LoadLibraryExA, GetModuleHandleA, VirtualAlloc, GetCurrentProcess, LocalAlloc, CreateFileA, RaiseException, EnterCriticalSection, WaitForSingleObject, SetHandleCount, SetEndOfFile, GetVersion, GetTickCount, GetOEMCP, FreeResource, lstrlenA, LoadLibraryA, ExitThread, GetFileAttributesA, GetStringTypeA, GetACP, FormatMessageA, GetFileType, GetStdHandle, GlobalAlloc, GetLastError, WriteFile, LocalReAlloc, GlobalFindAtomA, HeapDestroy, GetModuleFileNameA, ResetEvent, GetCommandLineA, GetProcAddress, FreeLibrary, SetEvent, GetFileSize, InitializeCriticalSection, MoveFileExA, GetEnvironmentStrings
> USER32.dll: GetMenuState, SetWindowLongA, GetWindow, CharToOemA, SystemParametersInfoA, GetDCEx, GetMenu, GetWindowTextA, FindWindowA, GetMenuItemCount, BeginDeferWindowPos, GetKeyNameTextA, MessageBoxA, EnumChildWindows, HideCaret, GetScrollRange, GetCursorPos, DefFrameProcA, GetSysColor, ShowWindow, GetFocus, CreatePopupMenu, IsDialogMessageA, EndDeferWindowPos, DispatchMessageA, CreateWindowExA, DrawIcon, GetClientRect, CallWindowProcA, GetMessagePos, CharNextA, CharLowerBuffA, GetMenuItemID, GetForegroundWindow, DrawIconEx, SetWindowPos, EnableWindow, CreateIcon, IsMenu, FrameRect, GetDlgItem, RegisterClassA, EqualRect, GetMenuStringA, GetClipboardData, GetActiveWindow, EnableMenuItem, GetKeyState, GetLastActivePopup, GetClassInfoA, CharLowerA, GetMenuItemInfoA, DefMDIChildProcA, SetCursor, DeferWindowPos, BeginPaint, CreateMenu, DispatchMessageW, GetClassLongA, IsChild, CallNextHookEx, GetDesktopWindow, GetDC, DrawMenuBar, DrawTextA, GetSubMenu, GetPropA, DrawEdge, IsWindowEnabled, FillRect, ClientToScreen, IsWindowVisible, SetTimer, GetParent, DefWindowProcA, EnumWindows, TrackPopupMenu, GetCursor, GetScrollInfo, EnableScrollBar, EnumThreadWindows, SetWindowTextA, GetCapture, GetSysColorBrush

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (62.9%)
Win32 Executable Generic (14.2%)
Win32 Dynamic Link Library (generic) (12.6%)
Clipper DOS Executable (3.3%)
Generic Win/DOS Executable (3.3%)
<a href='hxxp://info.prevx.com/aboutprogramtext.asp?PX5=9348AF8A0063C24074A5020DBE2E2F00DE82996F' target='_blank'>hxxp://info.prevx.com/aboutprogramtext.asp?PX5=9348AF8A0063C24074A5020DBE2E2F00DE82996F</a>
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
Das schaut mir nach nem Treffer aus.

Zitat:
Datei sblsp.dll empfangen 2010.03.23 16:04:29 (UTC)
Status: Laden ... Wartend Warten Überprüfung Beendet Nicht gefunden Gestoppt
Ergebnis: 0/42 (0%)
Laden der Serverinformationen...
Ihre Datei wartet momentan auf Position: 1.
Geschätzte Startzeit ist zwischen 42 und 60 Sekunden.
Dieses Fenster bis zum Abschluss des Scans nicht schließen.
Der Scanner, welcher momentan Ihre Datei bearbeitet ist momentan gestoppt. Wir warten einige Sekunden um Ihr Ergebnis zu erstellen.
Falls Sie längern als fünf Minuten warten, versenden Sie bitte die Datei erneut.
Ihre Datei wird momentan von VirusTotal überprüft,
Ergebnisse werden sofort nach der Generierung angezeigt.
Filter Filter
Drucken der Ergebnisse Drucken der Ergebnisse
Datei existiert nicht oder dessen Lebensdauer wurde überschritten
Dienst momentan gestoppt. Ihre Datei befindet sich in der Warteschlange (position: ). Diese wird abgearbeitet, wenn der Dienst wieder startet.

SIe können auf einen automatischen reload der homepage warten, oder ihre email in das untere formular eintragen. Klicken Sie auf "Anfragen", damit das System sie benachrichtigt wenn die Überprüfung abgeschlossen ist.
Email:

Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.5.0.50 2010.03.23 -
AhnLab-V3 5.0.0.2 2010.03.23 -
AntiVir 8.2.1.196 2010.03.23 -
Antiy-AVL 2.0.3.7 2010.03.23 -
Authentium 5.2.0.5 2010.03.23 -
Avast 4.8.1351.0 2010.03.23 -
Avast5 5.0.332.0 2010.03.23 -
AVG 9.0.0.787 2010.03.23 -
BitDefender 7.2 2010.03.23 -
CAT-QuickHeal 10.00 2010.03.23 -
ClamAV 0.96.0.0-git 2010.03.23 -
Comodo 4358 2010.03.23 -
DrWeb 5.0.1.12222 2010.03.23 -
eSafe 7.0.17.0 2010.03.23 -
eTrust-Vet 35.2.7383 2010.03.23 -
F-Prot 4.5.1.85 2010.03.23 -
F-Secure 9.0.15370.0 2010.03.23 -
Fortinet 4.0.14.0 2010.03.22 -
GData 19 2010.03.23 -
Ikarus T3.1.1.80.0 2010.03.23 -
Jiangmin 13.0.900 2010.03.23 -
K7AntiVirus 7.10.1004 2010.03.22 -
Kaspersky 7.0.0.125 2010.03.23 -
McAfee 5928 2010.03.22 -
McAfee+Artemis 5928 2010.03.22 -
McAfee-GW-Edition 6.8.5 2010.03.23 -
Microsoft 1.5605 2010.03.23 -
NOD32 4968 2010.03.23 -
Norman 6.04.10 2010.03.23 -
nProtect 2009.1.8.0 2010.03.23 -
Panda 10.0.2.2 2010.03.23 -
PCTools 7.0.3.5 2010.03.23 -
Prevx 3.0 2010.03.23 -
Rising 22.40.01.04 2010.03.23 -
Sophos 4.51.0 2010.03.23 -
Sunbelt 6031 2010.03.22 -
Symantec 20091.2.0.41 2010.03.23 -
TheHacker 6.5.2.0.242 2010.03.23 -
TrendMicro 9.120.0.1004 2010.03.23 -
VBA32 3.12.12.2 2010.03.23 -
ViRobot 2010.3.23.2240 2010.03.23 -
VirusBuster 5.0.27.0 2010.03.23 -
weitere Informationen
File size: 251488 bytes
MD5...: ac0b76209b04e6a50fbadb125ff7cbe9
SHA1..: b9318dfdedd95cb7992f2bfff034582736f72ed4
SHA256: 3492afe9b8350e806c576ab3be61d982327aef1aef73fe04ac6e49fa7a42492b
ssdeep: 6144eqEAmfhF5aJK7uR9cCgLJbhhvq0ncX8T0Pk:6qU5qkLNhhpe8
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x2046f
timedatestamp.....: 0x4b6a96cd (Thu Feb 04 09:43:41 2010)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2a562 0x2b000 6.57 a503fc06e70aef91f1ce95544b220d7d
.rdata 0x2c000 0x629c 0x7000 4.16 6df4c3bcc27c46fda7157c188ed291e2
.data 0x33000 0x542c 0x4000 4.88 24302b48c74412658f3c5e580b9df80e
.rsrc 0x39000 0x390 0x1000 0.95 581bc82e7f883ebae053fe97e1452e88
.reloc 0x3a000 0x3284 0x4000 5.55 a62058435684249fcba189c7baacf488

( 5 imports )
> KERNEL32.dll: CreateIoCompletionPort, WaitForMultipleObjectsEx, PostQueuedCompletionStatus, ReleaseSemaphore, WaitForSingleObjectEx, GetQueuedCompletionStatus, HeapAlloc, HeapDestroy, InterlockedDecrement, HeapFree, HeapCreate, InitializeCriticalSection, GetProcAddress, LoadLibraryA, ExpandEnvironmentStringsA, WideCharToMultiByte, LoadLibraryW, ExpandEnvironmentStringsW, DeleteCriticalSection, TlsFree, Sleep, TlsAlloc, TlsSetValue, TlsGetValue, InterlockedExchange, FreeLibrary, OpenMutexA, OutputDebugStringA, CreateMutexA, GetSystemInfo, ReleaseMutex, FlushFileBuffers, WriteFile, TerminateThread, GetModuleFileNameA, CreateDirectoryA, SetFilePointer, GetFileSize, CreateFileA, MoveFileExA, WaitForMultipleObjects, GetLocalTime, SetThreadPriority, GetShortPathNameA, GetCommandLineA, CompareStringW, CompareStringA, GetLocaleInfoW, SetConsoleCtrlHandler, SetStdHandle, GetVersionExA, GetUserDefaultLCID, EnumSystemLocalesA, GetLocaleInfoA, IsValidCodePage, IsValidLocale, GetStringTypeW, CreateSemaphoreA, InterlockedIncrement, ResetEvent, CloseHandle, GetCurrentProcessId, SetEvent, ExitThread, EnterCriticalSection, CreateEventA, CreateThread, LeaveCriticalSection, WaitForSingleObject, GetExitCodeThread, GetLastError, GetCurrentThreadId, GetStringTypeA, LCMapStringW, LCMapStringA, MultiByteToWideChar, UnhandledExceptionFilter, IsBadCodePtr, GetEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsW, FreeEnvironmentStringsA, GetStartupInfoA, GetFileType, GetStdHandle, SetHandleCount, HeapSize, GetCurrentProcess, RtlUnwind, RaiseException, GetTimeZoneInformation, GetSystemTime, IsBadReadPtr, GetVersion, SetLastError, GetCurrentThread, ExitProcess, FatalAppExitA, VirtualFree, VirtualAlloc, HeapReAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, GetCPInfo, GetACP, GetOEMCP, TerminateProcess, SetEnvironmentVariableA
> USER32.dll: IsWindow, DefWindowProcA, PostQuitMessage, PostMessageA, UnregisterClassA, DestroyWindow, DispatchMessageA, TranslateMessage, GetMessageA, CreateWindowExA, RegisterClassA
> ADVAPI32.dll: RegSetValueExA, RegNotifyChangeKeyValue, RegOpenKeyA, RegQueryValueA, RegDeleteKeyA, RegDeleteValueA, RegEnumValueA, RegEnumKeyA, RegOpenKeyExA, RegQueryValueExA, RegCreateKeyExA, RegCloseKey, InitializeSecurityDescriptor, SetSecurityDescriptorDacl
> WS2_32.dll: -, WPUCompleteOverlappedRequest, WSCEnumProtocols, WSCGetProviderPath, -, -, -, -, -, -, -
> VERSION.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA

( 2 exports )
GetLspGuid, WSPStartup
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Speedbit Ltd.
copyright....: Copyright (c) 1999-2010 SpeedBit Ltd.
product......: sblsp
description..: sblsp
original name: sblsp.dll
internal name: sblsp
file version.: 3,1,3,3
comments.....:
signers......: Speed-Bit LTD
Thawte Code Signing CA
Thawte Premium Server CA
signing date.: 10:48 AM 2/4/2010
verified.....: -
Soll ich die Xcehia.exe rauslöschen?
~

Alt 24.03.2010, 07:29   #7
Chris4You
 
sshnas.dll fehlt ( Win 7 64) - Standard

sshnas.dll fehlt ( Win 7 64)



Hi,
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"
Code:
ATTFilter
:OTL
[2010.03.21 19:15:52 | 000,160,768 | ---- | M] () -- C:\Windows\Xcehia.exe

:Commands
[emptytemp]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

Cureit:
http://www.trojaner-board.de/59299-a...eb-cureit.html
Nach Beendigung des Scans findes Du das Log unter %USERPROFILE%\DoctorWeb\CureIt.log.
Bevor du irgendwelche Aktionen unternimmst, kopiere bitte den Inhalt des Logs und poste ihn.
Die Log Datei ist sehr groß, ca. über 5MB Text. Benutzt einfach die Suche nach "infiziert" und kopiert betreffende Teile heraus, bevor Du sie postet.

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 24.03.2010, 11:48   #8
Walker13
 
sshnas.dll fehlt ( Win 7 64) - Standard

sshnas.dll fehlt ( Win 7 64)



Hey,
danke für die Hilfe soweit.
Allerdings ist irgendetwas seltsames passiert.
Als ich nach C/Windows/ ging um nach der Datei zu schauen, sprang auf einmal mein Antivir 5 mal an und meldete die Datei "$RST9ARI.exe"
Habs dann erstmal in Quarantäne verschoben, aber nun ist die
"C:\Windows\Xcehia.exe" nicht mehr auffindbar.

Bin gerade etwas verunsichert.

~

Antwort

Themen zu sshnas.dll fehlt ( Win 7 64)
anti maleware, antivir, antivir guard, avg, avira, bho, cdburnerxp, desktop, downloader, entfernen, explorer, fehlermeldung, firefox, hijack, hijackthis, infiziert, internet, internet explorer, logfile, malwarebytes' anti-malware, mozilla, neustart, nvidia, safer networking, security, software, system, syswow64, trojan.downloader, windows



Ähnliche Themen: sshnas.dll fehlt ( Win 7 64)


  1. Fehler beim Laden von C:Windows\system32\sshnas.dll
    Plagegeister aller Art und deren Bekämpfung - 28.12.2012 (14)
  2. Trojan.Agent/Gen-SSHNAS
    Log-Analyse und Auswertung - 04.07.2012 (5)
  3. Fehler beim Laden von C:\Windows\system32\sshnas.dll
    Plagegeister aller Art und deren Bekämpfung - 10.11.2010 (3)
  4. sshnas.dll nicht gefunden! Mailware Log...was nun?
    Log-Analyse und Auswertung - 22.10.2010 (11)
  5. Habe mir auch einen sshnas.dll - Virus eingefangen
    Log-Analyse und Auswertung - 23.09.2010 (2)
  6. Infizierung mit SSHNAS ?
    Log-Analyse und Auswertung - 22.09.2010 (11)
  7. Fehler beim Laden von C:\Windows\system32\sshnas.dll
    Log-Analyse und Auswertung - 26.08.2010 (8)
  8. sshnas.dll bei jedem Systemstart
    Plagegeister aller Art und deren Bekämpfung - 17.08.2010 (21)
  9. Trojaner: Fehler beim laden... sshnas.dll
    Plagegeister aller Art und deren Bekämpfung - 09.02.2010 (1)
  10. sshnas.dll fehlt..habe ich virena uf dem pc? vorsichtsmasnahme
    Log-Analyse und Auswertung - 07.01.2010 (9)
  11. System verseucht durch sshnas.dll?
    Plagegeister aller Art und deren Bekämpfung - 04.01.2010 (1)
  12. TR/Dldr.Agent.278 in sshnas.dll - Genereller Status meines PCs
    Log-Analyse und Auswertung - 24.12.2009 (1)
  13. was ist sshnas?
    Plagegeister aller Art und deren Bekämpfung - 15.12.2009 (5)
  14. sshnas.dll.....und ein paar generelle Anmerkungen
    Plagegeister aller Art und deren Bekämpfung - 10.12.2009 (5)
  15. sshnas.dll fehlt
    Plagegeister aller Art und deren Bekämpfung - 10.12.2009 (3)
  16. Start Taskleiste fehlt, sound fehlt, kopieren & einfügen nicht mögli - hijack logfile
    Log-Analyse und Auswertung - 16.06.2009 (0)
  17. RPC, Netzwerktransfer fehlt, Taskleiste fehlt
    Plagegeister aller Art und deren Bekämpfung - 09.01.2006 (6)

Zum Thema sshnas.dll fehlt ( Win 7 64) - Guten Tag, Ich hoffe, jemand kann mir helfen. Gestern habe ich dummerweise eine unseriöse Datei geöffnet und es auch gleich bereut, weil bei dem Neustart meines Windows direkt die Meldung - sshnas.dll fehlt ( Win 7 64)...
Archiv
Du betrachtest: sshnas.dll fehlt ( Win 7 64) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.