computer mit malware durchsucht was jetzt |
|
---|---|
24.01.2010, 23:51
Member
Beiträge: 13 |
|
|
|
25.01.2010, 00:03
Member
Themenstarter Beiträge: 13 |
#2
MEIN PRONLEM 1 . ES DAUERT EWIG BIS SICH MEIN FIREFOX OEFFNET
2. AUCH ANDERE PROGRAMME SIND EXTREM LANGSAM GEWORDEN 3 MEINE FREUNDIN SAGT WENN SIE AUF MEIN MYSPACE PROFILE GEHT BEKOMMT SIE EINEN VIRUS UND DAS ICH MEIN PROFILE BEREINIGEN SOLL WEIL ICH EINEN TROJANER DRAUF HABE |
|
|
25.01.2010, 00:05
Member
Themenstarter Beiträge: 13 |
#3
ACH JA MEIN COMPUTER HAT ANTIVIRUS PROGRAMM (AVG)
SUPERANTISPAYWARE MALWAREBYTES HATTE ABER NUR VIRUS PROGRAMM DRAUF HABE ERST HEUTE SPY UND MAL INSTALIERT |
|
|
25.01.2010, 00:11
Moderator
Beiträge: 5694 |
#4
Hallo und Willkommen
Bitte schreibe nicht mit Grossbuchstaben Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop >Doppelklick auf die OTL.exe -->Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen >Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output >Unter Extra Registry, wähle bitte Use SafeList >Klicke nun auf Run Scan links oben >Wenn der Scan beendet wurde werden 2 Logfiles erstellt >Poste die Logfiles in Code-Tags hier in den Thread. |
|
|
25.01.2010, 00:24
Member
Themenstarter Beiträge: 13 |
#5
also ich versuche das ja mit der rechten maustaste aber es zeigt mir nichts an "als Administrator ausfuehren"
was mache ich falsch P.S. ich kenne mich nicht so gut aus an computer |
|
|
25.01.2010, 01:57
Moderator
Beiträge: 5694 |
#6
Das musst Du nur wenn du Vista oder WIN7 hast. Bei XP musst Du einfach diese olt.exe doppelklicken.
|
|
|
25.01.2010, 06:44
Member
Themenstarter Beiträge: 13 |
#7
ja ich habe vista
|
|
|
25.01.2010, 17:17
Moderator
Beiträge: 5694 |
#8
Du hast Dir das Programm auf den Desktop geladen?
|
|
|
25.01.2010, 17:20
Member
Themenstarter Beiträge: 13 |
#9
nein habe ich jetzt noch nicht
also ich muss es erst rauf laden und dann kann ich das mit rechter mausklick "als Administrator ausfuehren"???? |
|
|
25.01.2010, 17:43
Moderator
Beiträge: 5694 |
#10
Genau. Einfach die Anleitung Schritt für Schritt.
Zitat 1. Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktopusw... |
|
|
25.01.2010, 18:55
Member
Themenstarter Beiträge: 13 |
#11
ok habe ich gemacht hier das logfile
OTL logfile created on: 25.01.2010 18:45:54 - Run 1 OTL by OldTimer - Version 3.1.26.0 Folder = C:\Users\DuBose Gisela\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 64,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 296,62 Gb Total Space | 207,47 Gb Free Space | 69,94% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DUBOSEGISELA-PC Current User Name: DuBose Gisela Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\DuBose Gisela\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\MySpace\IM\MySpaceIM.exe () PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\QuickTime\qttask.exe (Apple Computer, Inc.) PRC - C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.) PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.) PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.) PRC - C:\Windows\SysWOW64\atashost.exe (WebEx Communications, Inc.) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation) PRC - C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION) PRC - C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) PRC - C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe (TOSHIBA Corporation.) PRC - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) PRC - C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.) PRC - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) PRC - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) PRC - C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe () [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Users\DuBose Gisela\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:64bit: - (SmartFaceVWatchSrv) -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe (Toshiba) SRV:64bit: - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (AgereModemAudio) -- C:\Windows\SysNative\agr64svc.exe (Agere Systems) SRV:64bit: - (TOSHIBA SMART Log Service) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation) SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation) SRV - (avg9emc) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (avg9wd) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (fsssvc) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (nmservice) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.) SRV - (TMachInfo) -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (atashost) -- C:\Windows\SysWOW64\atashost.exe (WebEx Communications, Inc.) SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (TNaviSrv) -- C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (ConfigFree Gadget Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe (TOSHIBA Corporation.) SRV - (hpqcxs08) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.) SRV - (hpqddsvc) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.) SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006.11.02 14:34:14 | 00,000,000 | ---D | M] SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof () SRV - (UleadBurningHelper) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) SRV - (IDriverT) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:64bit: - (AvgTdiA) -- C:\Windows\SysNative\Drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AvgLdx64) -- C:\Windows\SysNative\Drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AvgMfx64) -- C:\Windows\SysNative\Drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira GmbH) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (purendis) -- C:\Windows\SysNative\DRIVERS\purendis.sys (Cisco Systems, Inc.) DRV:64bit: - (pnarp) -- C:\Windows\SysNative\DRIVERS\pnarp.sys (Cisco Systems, Inc.) DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys (TOSHIBA Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation) DRV:64bit: - (NETw5v64) Intel(R) -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys (Intel Corporation) DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation ) DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\DRIVERS\agrsm64.sys (Agere Systems) DRV:64bit: - (usbvideo) -- C:\Windows\SysNative\Drivers\usbvideo.sys (Microsoft Corporation) DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\DRIVERS\CmBatt.sys (Microsoft Corporation) DRV:64bit: - (UVCFTR) -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.) DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys (TOSHIBA Corporation.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics, Inc.) DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation) DRV:64bit: - (FwLnk) -- C:\Windows\SysNative\DRIVERS\FwLnk.sys (TOSHIBA Corporation) DRV:64bit: - (KR10N64) -- C:\Windows\SysNative\drivers\kr10n64.sys (TOSHIBA CORPORATION) DRV:64bit: - (KR10I64) -- C:\Windows\SysNative\drivers\kr10i64.sys (TOSHIBA CORPORATION) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV - (SASENUM) -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://de.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://de.search.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://de.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://de.search.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://de.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://de.search.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 90 DE 60 FE 99 CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: *{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: *{EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search" FF - prefs.js..browser.search.defaultthis.engineName: "Playdom Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q=" FF - prefs.js..browser.search.order.1: "Fast Browser Search" FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157" FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716 FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005 FF - prefs.js..extensions.enabledItems: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:2.1.1 FF - prefs.js..extensions.enabledItems: myspacefftb@myspace.com:1.0.56.0 FF - prefs.js..extensions.enabledItems: {69d1a568-ffdf-4ef5-8919-7003582e0ee8}:2.5.4.7 FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.9 FF - prefs.js..extensions.enabledItems: {03B08592-E5B4-45ff-A0BE-C1D975458688}:0.6.0.5 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220 FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={E64A47C6-3940-7B10-4170-1872A96B2376}&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://yahoo-de-toolbar/locale/yahoo-de-toolbar.properties" FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://de.search.yahoo.com/search?ei=UTF-8&fr=ffbr-nb&p=" FF - HKLM\software\mozilla\Firefox\Extensions\\myspacefftb@myspace.com: C:\Program Files (x86)\MySpace\Toolbar\1.0.56.0\ [2009.10.21 17:11:02 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2010.01.09 23:12:32 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010.01.09 23:13:01 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009.11.30 19:21:56 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.01.21 03:18:56 | 00,000,000 | ---D | M] [2009.11.01 19:27:01 | 00,000,000 | ---D | M] -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Extensions [2009.11.01 19:27:01 | 00,000,000 | ---D | M] -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com [2010.01.20 23:42:57 | 00,000,000 | ---D | M] -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions [2009.05.01 21:35:33 | 00,000,000 | ---D | M] (Toolbar Buttons) -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2009.11.30 19:40:58 | 00,000,000 | ---D | M] (AddThis) -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2009.07.24 19:02:38 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.01.19 20:50:18 | 00,000,000 | ---D | M] (Playdom Toolbar) -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\{69d1a568-ffdf-4ef5-8919-7003582e0ee8} [2009.10.27 04:28:55 | 00,000,000 | ---D | M] (Update Notifier) -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}(150) [2009.08.31 23:30:55 | 00,000,000 | ---D | M] (No name found) -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB} [2009.11.30 21:58:18 | 00,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2009.10.27 04:13:47 | 00,000,000 | ---D | M] (No name found) -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}(151) [2009.10.27 04:28:54 | 00,000,000 | ---D | M] -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\abhere2@moztw(148).org [2009.10.27 04:28:55 | 00,000,000 | ---D | M] -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\piclens@cooliris(149).com [2009.05.01 21:16:45 | 00,000,000 | ---D | M] -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\smartbookmarksbar@remy.juteau [2008.12.27 18:18:14 | 00,000,000 | ---D | M] -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\extensions\toolbar_extras@de.yahoo.com [2009.11.30 20:40:29 | 00,002,171 | ---- | M] () -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\searchplugins\bing.xml [2010.01.12 15:26:22 | 00,000,917 | ---- | M] () -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\searchplugins\conduit.xml [2009.08.31 23:31:01 | 00,005,413 | ---- | M] () -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\searchplugins\fast-browser-search.xml [2009.09.29 02:46:40 | 00,002,160 | ---- | M] () -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\searchplugins\MySpace.xml [2009.11.30 21:57:28 | 00,003,915 | ---- | M] () -- C:\Users\DuBose Gisela\AppData\Roaming\Mozilla\Firefox\Profiles\0lgo97mi.default\searchplugins\sweetim.xml [2009.08.07 11:16:18 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2009.08.07 11:16:18 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2009.01.01 19:53:12 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\toolbar_extras@de.yahoo.com [2006.07.31 16:07:16 | 00,098,304 | ---- | M] (Zylom) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll [2009.07.30 23:59:14 | 00,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2009.07.30 23:59:14 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2009.07.30 23:59:14 | 00,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2009.09.20 22:53:14 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2009.07.30 23:59:14 | 00,000,801 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:37:24 | 00,000,736 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: ::1 localhost O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files (x86)\MySpace\Toolbar\1.0.56.0\MySpaceToolbar.dll () O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files (x86)\SGPSA\BHO.dll File not found O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Fast Browser Search\IE\FBStoolbar.dll () O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Fast Browser Search\IE\FBStoolbar.dll () O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files (x86)\MySpace\Toolbar\1.0.56.0\MySpaceToolbar.dll () O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Fast Browser Search\IE\FBStoolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [cfFncEnabler.exe] File not found O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [nmapp] C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\qttask.exe (Apple Computer, Inc.) O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe File not found O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKCU..\Run: [MsnMsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [MySpaceIM] C:\Program Files (x86)\MySpace\IM\MySpaceIM.exe () O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - Startup: C:\Users\DuBose Gisela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.79.51.76 66.79.78.47 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.) O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O24 - Desktop WallPaper: C:\Users\DuBose Gisela\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\DuBose Gisela\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found 64bit: O35 - comfile [open] -- "%1" %* File not found 64bit: O35 - exefile [open] -- "%1" %* File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010.01.24 23:22:21 | 00,000,000 | ---D | C] -- C:\Users\DuBose Gisela\AppData\Roaming\Malwarebytes [2010.01.24 23:22:09 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.01.24 23:22:05 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.01.24 23:22:04 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.01.24 23:22:04 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.01.24 21:27:30 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2010.01.24 21:26:30 | 00,000,000 | ---D | C] -- C:\Users\DuBose Gisela\AppData\Roaming\SUPERAntiSpyware.com [2010.01.24 21:26:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SUPERAntiSpyware [2010.01.24 21:24:49 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2010.01.23 20:38:28 | 02,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll [2010.01.23 20:38:27 | 00,916,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll [2010.01.23 20:38:26 | 01,147,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2010.01.23 20:38:26 | 00,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll [2010.01.23 20:38:26 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2010.01.23 20:38:26 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2010.01.23 20:38:25 | 00,700,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010.01.23 20:38:25 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010.01.23 20:38:25 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll [2010.01.23 20:38:24 | 01,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2010.01.23 20:38:24 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2010.01.23 20:38:24 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.01.23 20:38:24 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.01.23 20:38:24 | 00,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2010.01.23 20:38:24 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2010.01.23 20:38:23 | 00,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.01.23 20:38:23 | 00,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.01.23 20:38:23 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2010.01.23 20:38:23 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2010.01.23 20:38:23 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2010.01.23 20:38:23 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2010.01.23 20:38:23 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2010.01.23 20:38:23 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll [2010.01.23 20:38:23 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2010.01.23 20:38:23 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2010.01.23 20:38:23 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2010.01.23 20:38:23 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll [2010.01.23 20:38:23 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll [2010.01.23 20:38:23 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll [2010.01.23 20:38:23 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010.01.23 20:38:23 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.01.14 03:01:09 | 00,000,000 | ---D | C] -- C:\00798c419d8d10c272 [2010.01.13 18:37:31 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2010.01.13 18:37:31 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2010.01.13 18:37:31 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2010.01.13 18:37:31 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2010.01.13 13:40:49 | 00,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2010.01.11 18:13:35 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\avg [2010.01.09 23:18:23 | 00,000,000 | ---D | C] -- C:\Users\DuBose Gisela\AppData\Local\AVG Security Toolbar [2010.01.09 23:13:19 | 00,000,000 | -H-D | C] -- C:\$AVG [2010.01.09 23:13:17 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll [2010.01.09 23:13:16 | 00,470,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys [2010.01.09 23:13:07 | 00,422,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys [2010.01.09 23:13:04 | 00,034,248 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys [2010.01.09 23:13:03 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\Avg [2010.01.09 23:13:01 | 00,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar [2010.01.09 23:12:32 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2010.01.09 23:12:28 | 00,000,000 | ---D | C] -- C:\ProgramData\avg9 [2010.01.09 02:08:19 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010.01.07 04:49:02 | 00,074,880 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010.01.07 04:49:01 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\SysWow64\drivers\ssmdrv.sys [2010.01.07 04:49:00 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira(111) [2010.01.07 04:49:00 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira(109) [2010.01.07 04:49:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Avira(0) [2010.01.07 04:49:00 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.01.07 04:49:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2010.01.06 19:10:46 | 00,000,000 | ---D | C] -- C:\Users\DuBose Gisela\AppData\Roaming\InstallShield [2010.01.06 19:10:36 | 00,000,000 | ---D | C] -- C:\Users\DuBose Gisela\AppData\Roaming\WinBatch [2010.01.04 08:00:13 | 00,000,000 | ---D | C] -- C:\Users\DuBose Gisela\Documents\LES 2010 [2010.01.04 07:49:32 | 00,000,000 | ---D | C] -- C:\Users\DuBose Gisela\Documents\LES 2009 [2010.01.04 07:49:07 | 00,000,000 | ---D | C] -- C:\Users\DuBose Gisela\Documents\LES_DJMSA.aspx-Dateien [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010.01.25 18:45:28 | 03,407,872 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat [2010.01.25 18:45:09 | 02,542,427 | -H-- | M] () -- C:\Users\DuBose Gisela\AppData\Local\IconCache.db [2010.01.25 18:17:14 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.01.25 18:17:14 | 00,587,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.01.25 18:17:14 | 00,101,250 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.01.25 18:14:57 | 00,024,056 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\drive reese 2.odt [2010.01.25 17:59:09 | 00,021,696 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\drivel reese.odt [2010.01.25 17:47:42 | 00,015,514 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\dubose-patrick2895061746.xml [2010.01.25 17:12:40 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.01.25 17:12:39 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.01.25 16:15:30 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.01.25 15:19:21 | 54,652,432 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm [2010.01.25 15:18:47 | 00,000,450 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{753AC736-3BF9-40B5-A996-0EE588D67F7D}.job [2010.01.25 15:12:43 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.01.25 15:12:26 | 41,565,51168 | -HS- | M] () -- C:\hiberfil.sys [2010.01.25 06:55:14 | 00,524,288 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{2482ddaf-fcd9-11de-b579-001e337895db}.TMContainer00000000000000000001.regtrans-ms [2010.01.25 06:55:14 | 00,065,536 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{2482ddaf-fcd9-11de-b579-001e337895db}.TM.blf [2010.01.24 23:22:13 | 00,000,859 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.01.24 21:26:35 | 00,000,955 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2010.01.24 21:24:19 | 07,520,288 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\SUPERAntiSpyware.exe [2010.01.24 21:16:43 | 00,276,538 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\hiphop_jenny3308946882.xml [2010.01.23 22:59:14 | 00,061,218 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\williams_88881652184584.xml [2010.01.23 20:32:16 | 00,485,199 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\melie_gscheidhaferl3203123393.xml [2010.01.23 19:43:28 | 00,011,784 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\installationpermissionform.pdf [2010.01.21 20:06:17 | 50,502,8891 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.01.21 19:02:51 | 00,496,497 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\melanie flugRECH692550_00.pdf [2010.01.21 16:25:31 | 00,016,761 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\ueberweisung von maurice an mich 440 euro fuer flug.odt [2010.01.21 16:08:14 | 00,015,193 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\melanie flug bezahlt ueberweisung.odt [2010.01.21 03:18:56 | 00,001,928 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.01.20 18:30:30 | 00,142,495 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg [2010.01.17 06:57:10 | 00,011,149 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\banana pudding.odt [2010.01.17 06:56:53 | 00,011,838 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\banana pudding 1.odt [2010.01.13 20:43:16 | 00,044,544 | ---- | M] () -- C:\Users\DuBose Gisela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.01.09 23:13:19 | 00,001,700 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk [2010.01.09 23:13:17 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll [2010.01.09 23:13:16 | 00,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys [2010.01.09 23:13:07 | 00,422,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys [2010.01.09 23:13:04 | 00,113,461 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm [2010.01.09 23:13:04 | 00,034,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys [2010.01.09 23:13:03 | 06,061,540 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\avi7.avg [2010.01.09 23:13:03 | 00,492,629 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\miniavi.avg [2010.01.09 07:45:23 | 00,524,288 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{2482ddaf-fcd9-11de-b579-001e337895db}.TMContainer00000000000000000002.regtrans-ms [2010.01.09 06:23:18 | 00,524,288 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{3e72b406-fcd4-11de-956d-001e337895db}.TMContainer00000000000000000002.regtrans-ms [2010.01.09 06:23:18 | 00,524,288 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{3e72b406-fcd4-11de-956d-001e337895db}.TMContainer00000000000000000001.regtrans-ms [2010.01.09 06:23:18 | 00,065,536 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{3e72b406-fcd4-11de-956d-001e337895db}.TM.blf [2010.01.09 05:30:36 | 00,524,288 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{22b92e3c-fcb3-11de-82d1-001e337895db}.TMContainer00000000000000000001.regtrans-ms [2010.01.09 05:30:36 | 00,065,536 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{22b92e3c-fcb3-11de-82d1-001e337895db}.TM.blf [2010.01.09 02:08:55 | 00,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2010.01.09 01:47:32 | 00,524,288 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{22b92e3c-fcb3-11de-82d1-001e337895db}.TMContainer00000000000000000002.regtrans-ms [2010.01.09 01:15:10 | 00,524,288 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{1dfd2812-fca3-11de-8b6f-001e337895db}.TMContainer00000000000000000001.regtrans-ms [2010.01.09 01:15:10 | 00,065,536 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{1dfd2812-fca3-11de-8b6f-001e337895db}.TM.blf [2010.01.09 01:02:49 | 00,524,288 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{1dfd2812-fca3-11de-8b6f-001e337895db}.TMContainer00000000000000000002.regtrans-ms [2010.01.08 23:59:08 | 00,524,288 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{7e198d4e-ddd7-11de-904a-001e337895db}.TMContainer00000000000000000001.regtrans-ms [2010.01.08 23:59:08 | 00,065,536 | -HS- | M] () -- C:\Users\DuBose Gisela\ntuser.dat{7e198d4e-ddd7-11de-904a-001e337895db}.TM.blf [2010.01.08 20:27:48 | 00,074,880 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010.01.07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.01.07 16:07:06 | 00,022,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.01.04 07:49:08 | 00,037,924 | ---- | M] () -- C:\Users\DuBose Gisela\Documents\LES_DJMSA.aspx.htm [2010.01.02 08:08:29 | 01,147,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2010.01.02 08:06:53 | 00,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2010.01.02 08:04:33 | 00,700,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010.01.02 08:04:33 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll [2010.01.02 08:03:42 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll [2010.01.02 08:03:36 | 01,538,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2010.01.02 08:03:21 | 02,334,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll [2010.01.02 08:03:21 | 00,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.01.02 08:03:21 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2010.01.02 08:03:21 | 00,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2010.01.02 08:03:20 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2010.01.02 08:03:19 | 00,252,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.01.02 08:03:12 | 00,459,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll [2010.01.02 07:38:20 | 00,916,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll [2010.01.02 07:36:10 | 00,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2010.01.02 07:33:32 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010.01.02 07:33:32 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll [2010.01.02 07:32:51 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll [2010.01.02 07:32:46 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2010.01.02 07:32:33 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.01.02 07:32:33 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2010.01.02 07:32:33 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2010.01.02 07:32:32 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.01.02 07:32:32 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2010.01.02 07:32:26 | 00,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll [2010.01.02 06:25:39 | 00,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2010.01.02 06:25:27 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2010.01.02 06:24:42 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.01.02 05:57:00 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2010.01.02 05:56:50 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2010.01.02 05:56:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2009.12.30 04:10:16 | 00,130,861 | ---- | M] () -- C:\Windows\hpoins18.dat [2009.12.30 04:06:44 | 00,000,341 | ---- | M] () -- C:\Windows\win.ini [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010.01.25 18:14:54 | 00,024,056 | ---- | C] () -- C:\Users\DuBose Gisela\Documents\drive reese 2.odt [2010.01.25 17:59:04 | 00,021,696 | ---- | C] () -- C:\Users\DuBose Gisela\Documents\drivel reese.odt [2010.01.24 23:22:13 | 00,000,859 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.01.24 21:26:35 | 00,000,955 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2010.01.24 21:23:36 | 07,520,288 | ---- | C] () -- C:\Users\DuBose Gisela\Documents\SUPERAntiSpyware.exe [2010.01.23 19:43:18 | 00,011,784 | ---- | C] () -- C:\Users\DuBose Gisela\Documents\installationpermissionform.pdf [2010.01.21 20:06:17 | 50,502,8891 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010.01.21 19:02:51 | 00,496,497 | ---- | C] () -- C:\Users\DuBose Gisela\Documents\melanie flugRECH692550_00.pdf [2010.01.21 16:25:29 | 00,016,761 | ---- | C] () -- C:\Users\DuBose Gisela\Documents\ueberweisung von maurice an mich 440 euro fuer flug.odt [2010.01.21 16:08:14 | 00,015,193 | ---- | C] () -- C:\Users\DuBose Gisela\Documents\melanie flug bezahlt ueberweisung.odt [2010.01.21 03:18:56 | 00,001,928 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.01.21 00:15:06 | 45,292,032 | ---- | C] () -- C:\Users\DuBose Gisela\Documents\classic_formflow_filler_231.exe [2010.01.17 06:57:09 | 00,011,149 | ---- | C] () -- C:\Users\DuBose Gisela\Documents\banana pudding.odt [2010.01.17 06:56:51 | 00,011,838 | ---- | C] () -- C:\Users\DuBose Gisela\Documents\banana pudding 1.odt [2010.01.09 23:13:19 | 00,001,700 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk [2010.01.09 23:13:04 | 00,113,461 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm [2010.01.09 23:13:03 | 54,652,432 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm [2010.01.09 23:13:03 | 06,061,540 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\avi7.avg [2010.01.09 23:13:03 | 00,492,629 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\miniavi.avg [2010.01.09 23:13:03 | 00,142,495 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg [2010.01.09 06:39:37 | 00,524,288 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{2482ddaf-fcd9-11de-b579-001e337895db}.TMContainer00000000000000000002.regtrans-ms [2010.01.09 06:39:37 | 00,524,288 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{2482ddaf-fcd9-11de-b579-001e337895db}.TMContainer00000000000000000001.regtrans-ms [2010.01.09 06:39:37 | 00,065,536 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{2482ddaf-fcd9-11de-b579-001e337895db}.TM.blf [2010.01.09 05:44:42 | 00,524,288 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{3e72b406-fcd4-11de-956d-001e337895db}.TMContainer00000000000000000002.regtrans-ms [2010.01.09 05:44:41 | 00,524,288 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{3e72b406-fcd4-11de-956d-001e337895db}.TMContainer00000000000000000001.regtrans-ms [2010.01.09 05:44:41 | 00,065,536 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{3e72b406-fcd4-11de-956d-001e337895db}.TM.blf [2010.01.09 02:08:55 | 00,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2010.01.09 01:56:37 | 00,365,280 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistMSI2F80.txt [2010.01.09 01:56:37 | 00,011,202 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistUI2F80.txt [2010.01.09 01:46:00 | 00,364,896 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistMSI2760.txt [2010.01.09 01:46:00 | 00,011,186 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistUI2760.txt [2010.01.09 01:35:15 | 00,524,288 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{22b92e3c-fcb3-11de-82d1-001e337895db}.TMContainer00000000000000000002.regtrans-ms [2010.01.09 01:35:15 | 00,524,288 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{22b92e3c-fcb3-11de-82d1-001e337895db}.TMContainer00000000000000000001.regtrans-ms [2010.01.09 01:35:15 | 00,065,536 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{22b92e3c-fcb3-11de-82d1-001e337895db}.TM.blf [2010.01.09 01:00:10 | 00,366,048 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistMSI044B.txt [2010.01.09 01:00:10 | 00,011,234 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistUI044B.txt [2010.01.09 00:38:15 | 00,524,288 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{1dfd2812-fca3-11de-8b6f-001e337895db}.TMContainer00000000000000000002.regtrans-ms [2010.01.09 00:38:15 | 00,524,288 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{1dfd2812-fca3-11de-8b6f-001e337895db}.TMContainer00000000000000000001.regtrans-ms [2010.01.09 00:38:15 | 00,065,536 | -HS- | C] () -- C:\Users\DuBose Gisela\ntuser.dat{1dfd2812-fca3-11de-8b6f-001e337895db}.TM.blf [2010.01.07 04:48:07 | 00,365,280 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistMSI167F.txt [2010.01.07 04:48:07 | 00,011,202 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistUI167F.txt [2010.01.07 04:36:59 | 00,359,726 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistMSI0DF6.txt [2010.01.07 04:36:58 | 00,011,132 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistUI0DF6.txt [2010.01.07 04:35:37 | 00,365,662 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistMSI0CED.txt [2010.01.07 04:35:37 | 00,011,218 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistUI0CED.txt [2010.01.07 04:11:19 | 00,365,578 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistMSI7A54.txt [2010.01.07 04:11:19 | 00,014,154 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistUI7A54.txt [2010.01.07 04:09:56 | 00,364,128 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistMSI7942.txt [2010.01.07 04:09:55 | 00,011,154 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistUI7942.txt [2010.01.04 07:49:05 | 00,037,924 | ---- | C] () -- C:\Users\DuBose Gisela\Documents\LES_DJMSA.aspx.htm [2009.10.12 05:43:22 | 08,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi [2009.09.24 10:11:05 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.09.24 10:09:43 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.05.27 14:23:20 | 00,425,142 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistMSI22D4.txt [2009.05.27 14:23:20 | 00,011,426 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\dd_vcredistUI22D4.txt [2009.04.30 21:30:08 | 00,000,102 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Roaming\wklnhst.dat [2009.01.10 11:10:26 | 00,044,544 | ---- | C] () -- C:\Users\DuBose Gisela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.12.28 22:08:21 | 00,000,143 | ---- | C] () -- C:\Windows\msmail.ini [2008.12.27 19:02:12 | 00,002,178 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2008.12.27 18:24:49 | 00,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini [2008.12.27 17:13:47 | 00,000,013 | RHS- | C] () -- C:\Windows\SysWow64\drivers\fbd.sys [2008.09.25 10:35:07 | 00,128,113 | ---- | C] () -- C:\Windows\SysWow64\csellang.ini [2008.09.25 10:35:07 | 00,045,056 | ---- | C] () -- C:\Windows\SysWow64\csellang.dll [2008.09.25 10:35:07 | 00,007,671 | ---- | C] () -- C:\Windows\SysWow64\cseltbl.ini [2008.08.18 19:37:34 | 00,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2008.08.18 19:23:51 | 00,204,800 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll [2008.08.18 19:23:51 | 00,200,704 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll [2008.08.18 19:23:51 | 00,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll [2008.08.18 19:23:51 | 00,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll [2008.08.18 19:23:51 | 00,188,416 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll [2008.08.18 19:23:51 | 00,020,480 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll [2008.01.21 03:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini < End of report > |
|
|
25.01.2010, 18:58
Member
Themenstarter Beiträge: 13 |
#12
2 logfile
OTL Extras logfile created on: 25.01.2010 18:45:54 - Run 1 OTL by OldTimer - Version 3.1.26.0 Folder = C:\Users\DuBose Gisela\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 64,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 296,62 Gb Total Space | 207,47 Gb Free Space | 69,94% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DUBOSEGISELA-PC Current User Name: DuBose Gisela Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] "VistaSp2" = 1D 1C 85 C4 06 54 CA 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{10BF6225-0034-4D7D-B5F0-683D12437E10}" = lport=137 | protocol=17 | dir=in | app=system | "{207DF15E-AEFE-446D-87D6-BB329F0CF690}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{24B2ABC7-75AF-4926-B159-82EE04947AC1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2BE9208E-670B-4008-B776-8C2C85FDE18A}" = rport=137 | protocol=17 | dir=out | app=system | "{2E84553D-27D9-4CB0-9E5B-64A354553B1D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{3AE25071-2D60-4E47-9216-0513DBE35829}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) | "{439E843A-BAF7-4A41-84BC-311FA9771A04}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe | "{4D082B5A-4889-4058-9956-4D379C32F9E3}" = lport=445 | protocol=6 | dir=in | app=system | "{4DF7515C-AA2C-4DBC-95C6-CA9A59BAB8C7}" = rport=139 | protocol=6 | dir=out | app=system | "{543E8CCD-9B8A-4432-A34D-8C81F94C31E5}" = lport=139 | protocol=6 | dir=in | app=system | "{5C3FA5FA-E839-41EF-B35F-AB6CFD5AB896}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{60F2C4C0-AE6F-40B3-B9E6-1821E29720D3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9031084A-0B01-4348-8AEA-DC9F73CD3C47}" = lport=138 | protocol=17 | dir=in | app=system | "{974BA6A8-3F4B-4380-89B1-8087262489DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A59775C6-95DD-487D-BDEA-800C30348372}" = lport=2869 | protocol=6 | dir=in | app=system | "{B7F41582-5B48-4BDB-AE06-FDE27B7CBF77}" = rport=445 | protocol=6 | dir=out | app=system | "{BDE9AD67-419B-462C-AE43-8CE17F7F5350}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{BFB0B9F6-F6D5-4988-AB79-CD398A4E235D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{E08E6FF0-D4D8-4075-9A0D-4BE953AFBB53}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{E8446862-6182-455B-81BD-D40A46D7377F}" = rport=138 | protocol=17 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1473F9CD-3E6B-4302-9512-7CF303118803}" = dir=in | app=c:\program files (x86)\avg\avg9\avgemc.exe | "{3B8C05DC-E192-4825-A147-E12EB4AAEFA2}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe | "{3C0DABC0-9A33-4DE0-9959-4F8D866FE6F8}" = dir=in | app=c:\program files (x86)\avg\avg9\avgnsa.exe | "{59563971-A19C-4DD0-9719-9BBF2FF44317}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{713395E7-4D47-4382-9DA0-73AA9AB14C8A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{85966EBB-9813-4081-8CDA-55A08DD9B9E9}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{87096A9D-88F6-4D22-A9BC-F6C8153EE37D}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe | "{97302AE1-3818-447E-8DF0-7C25E8005483}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) | "{A4F398B8-04B8-4A07-8048-58CD33E322AE}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) | "{A6B8F4B5-B62A-4F81-A3AD-7C33E65978A1}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{A9AE4008-6F62-415D-A3DE-D8203AF90D27}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) | "{AD1824A3-1517-492B-9AB4-BCEE9E41D10D}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) | "{B21CC4AC-0E21-46F0-AC16-EFFB59EBEA50}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe | "{B3610BEC-E420-4BF7-857A-7084E46C0650}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{BF1FA0A2-A27A-4B7B-9D11-142D861EAC73}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{CED12E3E-0BF5-4AB3-86BA-D8B72529F480}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{D2BBAEE0-F6CA-4112-82E8-E56BDF5B833F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{DFE36B2F-D2E0-41E3-99BA-06718DBABF38}" = dir=in | app=c:\program files (x86)\myspace\im\myspaceim.exe | "{E1AE1954-3165-48B4-B3A8-D87F2DB4C02F}" = dir=in | app=c:\program files (x86)\avg\avg9\avgupd.exe | "{E458B157-42A7-48E2-A697-698ACF088A51}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe | "TCP Query User{9F323E32-5B18-423F-A54D-5A7692F603AC}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "UDP Query User{2511C954-347B-43FB-B211-67AEDC5A7F4B}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi Software "{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A "{43602F34-1AA3-44FB-AEB2-D08C2C737440}" = Paint.NET v3.36 "{52D530AD-5CCA-48dc-B6F0-6D14652B0291}" = AIO_CDA_ToolboxIni64 "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B431E4D3-ECE7-4D41-8668-BCF9BD685B62}" = TOSHIBA Application Disc Creator "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{F0A36649-873E-4832-A5F1-BF5DF8600BDB}" = Windows Live Family Safety "{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition "D27D7E9318CFA89EDDE8D448B507A8EB725F5A52" = Windows Driver Package - TOSHIBA (FwLnk) System (11/19/2006 1.0.0.3) "HDMI" = Intel(R) Graphics Media Accelerator Driver "HP Imaging Device Functions" = HP Imaging Device Functions 8.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0 "HPExtendedCapabilities" = HP Customer Participation Program 8.0 "HPOCR" = HP OCR Software 8.0 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "ProInst" = Intel PROSet Wireless "SynTPDeinstKey" = Synaptics Pointing Device Driver "TOSHIBA Software Modem" = TOSHIBA Software Modem [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0 "{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar) "{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0 "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan "{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan "{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg "{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar) "{224821ED-CADA-4A8A-AC8D-3734CC0F0931}" = Amazon Links "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar) "{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64) "{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6 "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{3260D61B-DCA6-4ec6-8A41-DCCE01BC6EE4}" = c4100_Help "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0 "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext "{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc "{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password "{4C3F3228-13BE-41D0-A782-3DDE7CB2479A}" = CD/DVD Drive Acoustic Silencer "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5BA1D11C-B981-4CAA-B2B5-B8ADF413EBA5}" = Pure Networks Platform "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant "{6AEE2B0B-B3C1-4367-B1EF-FC4ED98DEED1}" = C4100 "{6BBBF237-A114-48E6-BBD0-A52BEF9CCFB2}" = Cisco Network Magic "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar "{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax "{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch "{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status "{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4 "{99D518AB-77F2-405B-B52A-18FC22394CF8}" = NetZero Internet Access Installer "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations "{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter "{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station "{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration "{C716522C-3731-4667-8579-40B098294500}" = Toolbox "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8 "{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E1E56B8A-1AAF-422A-91DB-625059FB9863}" = TOSHIBA Desktop Links "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential "{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AVG9Uninstall" = AVG Free 9.0 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Everest Poker" = Everest Poker (Remove Only) "FormFlow 2.3.1 Filler" = FormFlow 2.3.1 Filler "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3) "MySpaceIM" = MySpaceIM "MySpaceToolbar" = MySpace Toolbar "Network MagicUninstall" = Network Magic "PokerStars" = PokerStars "PokerStars.net" = PokerStars.net "QuickTime" = QuickTime "Search Guard Plus" = Search Guard Plus (My Tattoons) "Search Guard Plus Updater" = Search Guard Plus Updater (My Tattoons) "TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Tattoons) "VLC media player" = VLC media player 0.9.8a "WildTangent toshiba Master Uninstall" = WildTangent Games "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite_Wave3" = Windows Live Essentials "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Search Defender" = Yahoo! Search Protection "Yahoo! Software Update" = Yahoo! Software Update "Zylom Games Player Plugin" = Zylom Games Player Plugin [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 17.01.2010 14:32:02 | Computer Name = DuBoseGisela-PC | Source = WinMgmt | ID = 10 Description = Error - 17.01.2010 19:53:22 | Computer Name = DuBoseGisela-PC | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18865, time stamp 0x4b077416, faulting module mshtml.dll, version 8.0.6001.18865, time stamp 0x4b078a9b, exception code 0xc00000fd, fault offset 0x000d6a3b, process id 0x14b0, application start time 0x01ca97a3a6c80063. Error - 18.01.2010 01:06:38 | Computer Name = DuBoseGisela-PC | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18865, time stamp 0x4b077416, faulting module mshtml.dll, version 8.0.6001.18865, time stamp 0x4b078a9b, exception code 0xc00000fd, fault offset 0x000d6a3b, process id 0x134c, application start time 0x01ca97d044cdf320. Error - 18.01.2010 01:06:40 | Computer Name = DuBoseGisela-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 8.0.6001.18865 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 1040 Start Time: 01ca97a388bf1903 Termination Time: 0 Error - 18.01.2010 15:22:27 | Computer Name = DuBoseGisela-PC | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18865, time stamp 0x4b077416, faulting module mshtml.dll, version 8.0.6001.18865, time stamp 0x4b078a9b, exception code 0xc00000fd, fault offset 0x000d6a3b, process id 0x176c, application start time 0x01ca97fc05694be0. Error - 19.01.2010 21:23:02 | Computer Name = DuBoseGisela-PC | Source = TOSHIBA Service Station | ID = 0 Description = Operation failed. Error - 20.01.2010 01:51:26 | Computer Name = DuBoseGisela-PC | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18865, time stamp 0x4b077416, faulting module mshtml.dll, version 8.0.6001.18865, time stamp 0x4b078a9b, exception code 0xc00000fd, fault offset 0x000d6a3b, process id 0x1f8c, application start time 0x01ca995967fc5690. Error - 20.01.2010 01:51:37 | Computer Name = DuBoseGisela-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 8.0.6001.18865 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 190c Start Time: 01ca97fc050f4500 Termination Time: 18 Error - 20.01.2010 13:24:50 | Computer Name = DuBoseGisela-PC | Source = Avira AntiVir | ID = 4122 Description = Unable to load file AVPREF.DLL. Returned error code: 0x45a Error - 20.01.2010 13:25:01 | Computer Name = DuBoseGisela-PC | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 31.12.2008 10:17:30 | Computer Name = DuBoseGisela-PC | Source = MCUpdate | ID = 0 Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed due to an abandoned mutex.'. [ System Events ] Error - 24.01.2010 18:54:33 | Computer Name = DuBoseGisela-PC | Source = Application Popup | ID = 1060 Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 24.01.2010 18:55:08 | Computer Name = DuBoseGisela-PC | Source = Service Control Manager | ID = 7000 Description = Error - 24.01.2010 18:55:15 | Computer Name = DuBoseGisela-PC | Source = Service Control Manager | ID = 7026 Description = Error - 25.01.2010 01:40:24 | Computer Name = DuBoseGisela-PC | Source = Service Control Manager | ID = 7011 Description = Error - 25.01.2010 10:12:21 | Computer Name = DuBoseGisela-PC | Source = Application Popup | ID = 1060 Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 25.01.2010 10:12:21 | Computer Name = DuBoseGisela-PC | Source = Application Popup | ID = 1060 Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 25.01.2010 10:12:52 | Computer Name = DuBoseGisela-PC | Source = Dhcp | ID = 1002 Description = The IP address lease 192.168.1.102 for the Network Card with network address 00216B24F8B2 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). Error - 25.01.2010 10:13:05 | Computer Name = DuBoseGisela-PC | Source = Service Control Manager | ID = 7000 Description = Error - 25.01.2010 10:13:05 | Computer Name = DuBoseGisela-PC | Source = Service Control Manager | ID = 7026 Description = Error - 25.01.2010 12:53:14 | Computer Name = DuBoseGisela-PC | Source = Print | ID = 6161 Description = The document Florida Driving Record for ..., owned by DuBose Gisela, failed to print on printer HP Photosmart C4100 series. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 102916. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client computer: \\DUBOSEGISELA-PC. Win32 error code returned by the print processor: 6. The handle is invalid. < End of report > |
|
|
25.01.2010, 18:59
Member
Themenstarter Beiträge: 13 |
#13
ich hoffe ich hab das jetzt richtig gepostet
ach ja beim ersten posten hat der browser sich geschlossen und fehler gemeldet habe ich was falsch gemacht? bin jetzt kurz weg also nicht wundern wenn ich nicht sofort zurueck schreibe |
|
|
25.01.2010, 20:56
Moderator
Beiträge: 5694 |
#14
Schritt 1
Mehrere Anti-Virus-Programme Code AVG9 Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Entscheide Dich für eine Variante und deinstalliere die andere über Systemsteuerung => Software. Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast und deinstalliere die anderen. Schritt 2 [color=blue]Fixen mit OTL[/color] • Starte bitte die OTL.exe. Vista-User mit Rechtsklick "als Administrator starten"• Kopiere nun den Inhalt in die Textbox. Code :OTL • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Run Fix Button. • Klick auf .• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument. Schritt 3 LSPfix - repairs Winsock 2 settings Gehe auf diese Seite, lade Dir lspfix.zip runter und entpacke das Archiv auf Deinen Desktop. Wenn Du kein Zip-Programm hast, kannst Du auch LSPFix.exe und spfix.txt runterladen. Das Programm nich anwenden!!! Schritt 4 Lade Fixwareout.exe --> next --> Install --> Run fixit --> Finish / der PC wird neustarten --> C:\fixwareout\report.txt |
|
|
26.01.2010, 00:18
Member
Themenstarter Beiträge: 13 |
#15
da habe ich gleich ein problem hatte es schon vor 1 oder 2 wochen hier geschrieben aber niemand hat geantwortet
ich hatte einen systhem restore gemacht danach war mein antivir verschwunden dann habe ich die systhemrestore rueckgaengig gemacht aber der antivir war immer noch nicht da finde ihn auch nicht in meinen dateien oder programmen also wollte ich ihn neu runter laden ging aber nicht weil es immer heisst er ist schon drauf bekomme aber am anfang wenn ich mein pc starte immer die meldung antivir konnte nicht gefunden werden also habe ich mir den avg runtergeladen was soll ich nun machen wegen meinen virus programmen? |
|
|
Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3630
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882
24.01.2010 23:49:34
mbam-log-2010-01-24 (23-49-34).txt
Scan-Methode: Quick-Scan
Durchsuchte Objekte: 98202
Laufzeit: 10 minute(s), 35 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)