Jump to content

Jojo1

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral
  1. yep, i think we nailed it. everything looks fine now. [*]^/
  2. ComboFix 11-02-12.02 - PC01 13.02.2011 21:14:48.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.2047.1598 [GMT 1:00] ausgef
  3. combofix gave an error after scanning like: Not enough main memory to complete the sort nothing happened for few minutes so i rebooted. should i try again? i can not find C:\Combo-Fix.txt here is C:\Combo-Fix\ComboFix.txt ComboFix 11-02-12.02 - PC01 13.02.2011 20:08:23.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.2047.1600 [GMT 1:00] ausgef
  4. this is still there. if i hit the button "
  5. i posted the script and did "fix". after 1-2 minutes it had to reboot to complete the deletion of some files. after the reboot i got the message: cant find otl.exe (apparently it also got deleted with some other files on my desktop (like the DDS.exe)) i klicked around and found the folder C:\_OTL\MovedFiles there is a log (and some more folders): All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\0 not found. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\jre1.6.0_23 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\tmp\si folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\tmp folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\9 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\8 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\7 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\63 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\62 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\61 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\60 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\6 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\59 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\58 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\57 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\56 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\55 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\53 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\52 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\51 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\5 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\49 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\48 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\47 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\45 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\44 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\43 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-434ba2df-n folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\42 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\41 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\40 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-60d61b48-n folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\4 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\39 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\38 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\37 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\36 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\35 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\34 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\33 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\32 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\31 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\30 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\3 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\29 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\28 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\27 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\26 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\25 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\24 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\23 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\22 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\21 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\20 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\2 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\19 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\18 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\17 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\16 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\15 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\14 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\13 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\12 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\11 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\10 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\1 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\0 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\SystemCache folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\security folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\log folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\ext folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\host folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\9 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\8 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\7 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\63 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\62 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\61 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\60 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\6 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\59 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\58 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\57 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\56 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\55 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\54 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\53 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\52 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\51 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\50 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\5 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\49 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\48 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\47 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\46 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\45 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\44 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\43 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\42 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\41 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\40 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\4 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\39 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\38 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\37 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\36 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\35 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\34 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\33 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\32 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\31 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\30 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\3 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\29 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\28 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\27 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\26 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\25 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\24 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\23 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\22 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\21 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\20 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\2 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\19 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\18 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\17 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\16 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\15 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\14 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\13 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\12 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\11 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\10 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\1 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\0 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache\6.0 folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment\cache folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\Deployment folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java\AU folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun\Java folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Sun folder moved successfully. C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\QuickScan folder moved successfully. ADS C:\Dokumente und Einstellungen\All Users\Startmen
  6. OTL.txt OTL logfile created on: 13.02.2011 18:36:00 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Dokumente und Einstellungen\PC01\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 93,00% Paging File free Paging file location(s): C:\pagefile.sys 4048 4048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 465,76 Gb Total Space | 84,16 Gb Free Space | 18,07% Space Free | Partition Type: NTFS Drive E: | 19,53 Gb Total Space | 2,33 Gb Free Space | 11,95% Space Free | Partition Type: NTFS Drive F: | 170,37 Gb Total Space | 17,27 Gb Free Space | 10,14% Space Free | Partition Type: NTFS Drive M: | 698,63 Gb Total Space | 125,25 Gb Free Space | 17,93% Space Free | Partition Type: NTFS Computer Name: JOJO | User Name: PC01 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\PC01\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Sandboxie\SbieSvc.exe (tzuk) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\CTHELPER.EXE (Creative Technology Ltd) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\PC01\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation) MOD - C:\Programme\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.) MOD - C:\WINDOWS\system32\CTAGENT.DLL (Creative Technology Ltd) ========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- File not found SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Hamachi2Svc) -- C:\Programme\Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (tzuk) SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Programme\WinPcap\rpcapd.exe (CACE Technologies) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (tzuk) DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (teamviewervpn) -- C:\WINDOWS\system32\drivers\teamviewervpn.sys (TeamViewer GmbH) DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys () DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (ATIAVAIW) -- C:\WINDOWS\system32\drivers\atinavt2.sys (ATI Technologies Inc.) DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.) DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.) DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation) DRV - (nvsmu) -- C:\WINDOWS\system32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (tap0801) -- C:\WINDOWS\system32\drivers\tap0801.sys (The OpenVPN Project) DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices) DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies) DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd) DRV - (emupia) -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS (Creative Technology Ltd) DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS (Creative Technology Ltd) DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS (Creative Technology Ltd) DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.) DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd) DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\CTAC32K.SYS (Creative Technology Ltd) DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation) DRV - (sfman) Creative-SoundFont-Verwaltungstreiber (WDM) -- C:\WINDOWS\system32\drivers\sfmanm.sys (Creative Technology Ltd.) DRV - (emu10k1) Creative-Schnittstellen-Verwaltungstreiber (WDM) -- C:\WINDOWS\system32\drivers\ctlfacem.sys (Creative Technology Ltd.) DRV - (emu10k) Creative SB Live! (WDM) -- C:\WINDOWS\system32\drivers\emu10k1m.sys (Creative Technology Ltd.) DRV - (ctljystk) -- C:\WINDOWS\system32\drivers\ctljystk.sys (Creative Technology Ltd.) DRV - (PfModNT) -- C:\WINDOWS\system32\PFMODNT.SYS (Creative Technology Ltd.) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.de/ IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}:5.2.4.8 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0 FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010.08.02 21:16:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Programme\Java\jre6\lib\deploy\jqs\ff [2011.02.13 12:47:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.23 01:38:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.02.13 12:47:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.12.17 19:32:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010.01.31 17:39:22 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Mozilla\Extensions [2010.01.31 17:39:22 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2009.03.20 18:26:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2011.02.13 14:09:42 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\PC01\Anwendungsdaten\Mozilla\Firefox\Profiles\um48t8d1.default\extensions [2010.03.22 21:59:30 | 000,000,000 | ---D | M] (ImageShack
  7. additional information: i restored the previously quarantined "Aper1 Internet Browser" and rebooted before the scans. 1. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5754 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 13.02.2011 18:05:16 mbam-log-2011-02-13 (18-05-16).txt Scan type: Quick scan Objects scanned: 141060 Time elapsed: 3 minute(s), 46 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) 2. DDS (Ver_10-12-12.02) - NTFSx86 Run by PC01 at 18:05:41,81 on 13.02.2011 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_23 Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.2047.1568 [GMT 1:00] AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\Programme\Sandboxie\SbieSvc.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe -k LocalService C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\Programme\Logitech\SetPoint\SetPoint.exe C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Cisco Systems\VPN Client\cvpnd.exe C:\Programme\Hamachi\hamachi-2.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe C:\Dokumente und Einstellungen\PC01\Desktop\dds.scr C:\WINDOWS\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://google.de/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programme\gemeinsame dateien\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programme\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programme\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [?] mRun: [startCCC] "c:\programme\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [WINDVDPatch] CTHELPER.EXE mRun: [updReg] c:\windows\UpdReg.EXE mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [avgnt] "c:\programme\avira\antivir desktop\avgnt.exe" /min mRun: [Adobe Reader Speed Launcher] "c:\programme\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\programme\gemeinsame dateien\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\programme\gemeinsame dateien\java\java update\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\dokume~1\alluse~1\startm~1\progra~1\autost~1\logite~1.lnk - c:\programme\logitech\setpoint\SetPoint.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programme\messenger\msmsgs.exe Trusted Zone: whatthemovie.com DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1280779276812 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Notify: AtiExtEvent - Ati2evxx.dll Notify: LBTWlgn - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\dokume~1\pc01\anwend~1\mozilla\firefox\profiles\um48t8d1.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programme\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\programme\java\jre6\lib\deploy\jqs\ff FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} FF - Ext: TinEye Reverse Image Search: tineye@ideeinc.com - %profile%\extensions\tineye@ideeinc.com FF - Ext: ImageShack Attach.zip
  8. Hello Malewarebytes. I got Windows XP - this is what happened: I was surfing with Firefox, suddenly Java started and a file got opened by winamp!?! I did a search with AntiVir and found Java-Virus JAVA/OpenConnect.AI, deleted it and later deleted and reinstalled the whole java. After that, neither AntiVir nor Malewarebytes' Anti-Maleware could find any more malware. With Neubers "Security Task Manager" i still find one suspicious process: Aper1 Software: Aper1 Internet Browser programm, invisible, not active C:\spy.qwas\spy.qwas.exe when i open the folder C:\spy.qwas it only shows C:\ in the adress bar and the folder attribute: hidden. i just did: - Malwarebytes' Anti-Malware scan -> (No malicious items detected) - DeFogger - Disable - DDS: DDS (Ver_10-12-12.02) - NTFSx86 Run by PC01 at 17:05:45,56 on 13.02.2011 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_23 Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.2047.1518 [GMT 1:00] AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\Programme\Sandboxie\SbieSvc.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe -k LocalService C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\Programme\Logitech\SetPoint\SetPoint.exe C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Cisco Systems\VPN Client\cvpnd.exe C:\Programme\Hamachi\hamachi-2.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Dokumente und Einstellungen\PC01\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://google.de/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programme\gemeinsame dateien\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programme\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programme\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [?] mRun: [startCCC] "c:\programme\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [WINDVDPatch] CTHELPER.EXE mRun: [updReg] c:\windows\UpdReg.EXE mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [avgnt] "c:\programme\avira\antivir desktop\avgnt.exe" /min mRun: [Adobe Reader Speed Launcher] "c:\programme\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\programme\gemeinsame dateien\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\programme\gemeinsame dateien\java\java update\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\dokume~1\alluse~1\startm~1\progra~1\autost~1\logite~1.lnk - c:\programme\logitech\setpoint\SetPoint.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programme\messenger\msmsgs.exe Trusted Zone: whatthemovie.com DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1280779276812 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Notify: AtiExtEvent - Ati2evxx.dll Notify: LBTWlgn - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\dokume~1\pc01\anwend~1\mozilla\firefox\profiles\um48t8d1.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programme\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\programme\java\jre6\lib\deploy\jqs\ff FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} FF - Ext: TinEye Reverse Image Search: tineye@ideeinc.com - %profile%\extensions\tineye@ideeinc.com FF - Ext: ImageShack® Toolbar: {7378B8C2-FC38-41b8-A8C9-875D1F5B0A24} - %profile%\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24} FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} ============= SERVICES / DRIVERS =============== =============== Created Last 30 ================ ==================== Find3M ==================== ============= FINISH: 17:07:15,60 =============== Further actions? Thanks in advance. Greetings, Jojo
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.