Servus , hab seit einigen Tagen das Problem , dass beim Start des Rechners meine Firewall aus ist . Zudem "crasht" mein System 2-3 x zu Beginn des Starts, das offenbart sich dadurch , dass der Bildschirm blau wird und ein gewirr von Nachrichten dort steht , verstehen jedoch davon tuh ich nix. Hoffe ihr könnt mir helfen .


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:42:27, on 04.01.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\G DATA InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files\G DATA InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Logitech Vid\Vid.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gllod.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,c:\program files\g data internetsecurity\avkkid\avkcks.exe
O1 - Hosts: ::1 localhost
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA InternetSecurity\Webfilter\AVKWebIE.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA InternetSecurity\Webfilter\AVKWebIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G DATA InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA InternetSecurity\AVKTray\AVKTray.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [fsc-reg] C:\ProgramData\fsc-reg\fscreg.exe 20091230
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: G DATA Firewall Tray.lnk = ?
O8 - Extra context menu item: Öffnen mit WordPerfect - c:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:\Program Files\G DATA InternetSecurity\AVK\AVKService.exe
O23 - Service: AntiVirus Wächter (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: FSCLBaseUpdaterService - Unknown owner - C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
O23 - Service: G DATA Personal Firewall (GDFwSvc) - G DATA Software AG - C:\Program Files\G DATA InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - c:\Windows\system32\PSIService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 9189 bytes

Hallo und Herzlich Willkommen!

- Die Anweisungen bitte gründlich lesen und immer streng einhalten, da ich die Reihenfolge nach bestimmten Kriterien vorbereitet habe:

1.
- Lade dir RSIT - 2.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
installieren ("Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

3.
Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :

• - also lade Dir Gmer herunter und entpacke es auf deinen Desktop
  - starte gmer.exe
  - [b]schließe alle Programme, ausserdem Antiviren und andere Schutzprogramme usw müssen deaktiviert sein, keine Verbindung zum Internet, WLAN auch trennen)
  - bitte nichts am Pc machen während der Scan läuft!
  - "Show all" soll nicht angehakt sein! dann klicke auf "Scan", um das Tool zu starten
  - wenn der Scan fertig ist klicke auf "Copy" (das Log wird automatisch in die Zwischenablage kopiert) und mit STRG + V musst Du gleich da einfügen
  - mit "Ok" wird GMER beendet.
  - das Log aus der Zwischenablage hier in Deinem Thread vollständig hineinkopieren

** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen
Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren!
** kannst Du das Log bei File-Upload.net/kostenlos hochladen und den Link mir hier posten.

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du:[code]
hier kommt dein Logfile rein
→ dahinter:[/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
Coverflow

Wow! Vielen Dank für diese ausführlichen Schritte. Habe jeden Schritt soweit befolgt , hier folgt das Resultat.

1.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Tyreal at 2010-01-05 15:19:19
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 164 GB (69%) free of 237 GB
Total RAM: 3326 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:19:24, on 05.01.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\G DATA InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files\G DATA InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Logitech Vid\Vid.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Tyreal\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Tyreal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gllod.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,c:\program files\g data internetsecurity\avkkid\avkcks.exe
O1 - Hosts: ::1 localhost
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA InternetSecurity\Webfilter\AVKWebIE.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA InternetSecurity\Webfilter\AVKWebIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G DATA InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA InternetSecurity\AVKTray\AVKTray.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [fsc-reg] C:\ProgramData\fsc-reg\fscreg.exe 20091230
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: G DATA Firewall Tray.lnk = ?
O8 - Extra context menu item: Öffnen mit WordPerfect - c:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/Messen.../GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:\Program Files\G DATA InternetSecurity\AVK\AVKService.exe
O23 - Service: AntiVirus Wächter (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: FSCLBaseUpdaterService - Unknown owner - C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
O23 - Service: G DATA Personal Firewall (GDFwSvc) - G DATA Software AG - C:\Program Files\G DATA InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - c:\Windows\system32\PSIService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 8905 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G DATA WebFilter - C:\Program Files\G DATA InternetSecurity\Webfilter\AVKWebIE.dll [2007-10-22 652872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-30 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G DATA WebFilter - C:\Program Files\G DATA InternetSecurity\Webfilter\AVKWebIE.dll [2007-10-22 652872]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-02 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-02 92704]
"GDFirewallTray"=C:\Program Files\G DATA InternetSecurity\Firewall\GDFirewallTray.exe [2007-10-25 1189552]
"AVKTray"=C:\Program Files\G DATA InternetSecurity\AVKTray\AVKTray.exe [2007-12-04 603720]
"QuickFinder Scheduler"=c:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE [2007-01-02 83568]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-07 6139904]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-30 30192]
"Google EULA Launcher"=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2008-07-09 29984]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2008-07-09 46368]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2009-01-19 1150976]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2009-01-09 114688]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"fsc-reg"=C:\ProgramData\fsc-reg\fscreg.exe [2007-11-08 533264]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"Logitech Vid"=C:\Program Files\Logitech\Logitech Vid\vid.exe [2009-07-16 5458704]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
G DATA Firewall Tray.lnk - C:\Program Files\G DATA InternetSecurity\Firewall\GDFirewallTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36643486-ddb1-11de-b548-806e6f6e6963}]
shell\AutoRun\command - F:\autorun.exe


======List of files/folders created in the last 1 months======

2010-01-05 15:19:19 ----D---- C:\rsit
2010-01-04 15:42:20 ----D---- C:\Program Files\Trend Micro
2009-12-26 03:00:34 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-12-25 02:21:50 ----D---- C:\Users\Tyreal\AppData\Roaming\Leadertech
2009-12-25 02:21:29 ----D---- C:\ProgramData\LogiShrd
2009-12-25 02:21:27 ----D---- C:\Program Files\Logitech
2009-12-23 22:56:01 ----D---- C:\Program Files\SSI
2009-12-23 22:55:32 ----A---- C:\Windows\IsUn0407.exe
2009-12-23 21:18:28 ----D---- C:\Program Files\AC3Filter
2009-12-22 06:46:41 ----D---- C:\Users\Tyreal\AppData\Roaming\Corel
2009-12-15 21:01:19 ----D---- C:\Users\Tyreal\AppData\Roaming\Thunderbird
2009-12-15 21:00:58 ----D---- C:\Program Files\Mozilla Thunderbird
2009-12-15 20:54:38 ----D---- C:\Program Files\CCleaner
2009-12-12 00:30:24 ----D---- C:\Program Files\mp3DirectCut
2009-12-12 00:27:05 ----D---- C:\Program Files\Ask.com
2009-12-12 00:26:41 ----D---- C:\Program Files\DVDVideoSoft
2009-12-12 00:26:41 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2009-12-11 15:04:09 ----D---- C:\Windows\Minidump
2009-12-11 00:43:47 ----D---- C:\Users\Tyreal\AppData\Roaming\skypePM
2009-12-11 00:41:41 ----D---- C:\Users\Tyreal\AppData\Roaming\Skype
2009-12-11 00:40:47 ----D---- C:\Program Files\Common Files\Skype
2009-12-11 00:40:46 ----RD---- C:\Program Files\Skype
2009-12-11 00:40:41 ----D---- C:\ProgramData\Skype
2009-12-10 11:24:21 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-10 11:24:19 ----A---- C:\Windows\system32\httpapi.dll
2009-12-09 13:42:19 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 13:42:18 ----A---- C:\Windows\system32\wininet.dll
2009-12-09 13:42:18 ----A---- C:\Windows\system32\urlmon.dll
2009-12-09 13:42:18 ----A---- C:\Windows\system32\occache.dll
2009-12-09 13:42:17 ----A---- C:\Windows\system32\ieframe.dll
2009-12-09 13:42:16 ----A---- C:\Windows\system32\mstime.dll
2009-12-09 13:42:16 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-09 13:42:16 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-09 13:42:16 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-09 13:42:16 ----A---- C:\Windows\system32\iertutil.dll
2009-12-09 13:42:16 ----A---- C:\Windows\system32\ieencode.dll
2009-12-09 13:42:16 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-09 13:42:16 ----A---- C:\Windows\system32\ieapfltr.dll
2009-12-09 13:42:16 ----A---- C:\Windows\system32\ieaksie.dll
2009-12-09 13:41:18 ----A---- C:\Windows\system32\rastls.dll
2009-12-09 13:41:18 ----A---- C:\Windows\system32\raschap.dll
2009-12-06 18:41:06 ----D---- C:\Users\Tyreal\AppData\Roaming\Apple Computer

======List of files/folders modified in the last 1 months======

2010-01-05 15:19:24 ----D---- C:\Windows\Prefetch
2010-01-05 15:19:23 ----D---- C:\Windows\Temp
2010-01-05 15:16:27 ----SHD---- C:\System Volume Information
2010-01-05 15:16:27 ----D---- C:\Windows\System32
2010-01-05 15:16:27 ----D---- C:\Windows\inf
2010-01-05 15:16:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-05 15:11:44 ----RSD---- C:\Windows\assembly
2010-01-04 19:17:00 ----D---- C:\Users\Tyreal\AppData\Roaming\ICQ
2010-01-04 15:42:20 ----RD---- C:\Program Files
2010-01-04 15:29:30 ----D---- C:\Windows
2010-01-04 15:29:14 ----D---- C:\Program Files\Mozilla Firefox
2010-01-02 16:17:42 ----D---- C:\Windows\system32\catroot2
2009-12-30 14:35:55 ----D---- C:\Big Fish Games
2009-12-29 12:40:44 ----D---- C:\Program Files\ICQ6.5
2009-12-28 17:50:36 ----D---- C:\Windows\system32\drivers
2009-12-26 03:00:35 ----SHD---- C:\Windows\Installer
2009-12-25 02:21:42 ----D---- C:\Windows\system32\catroot
2009-12-25 02:21:38 ----D---- C:\Program Files\Common Files\logishrd
2009-12-25 02:21:29 ----HD---- C:\ProgramData
2009-12-24 17:19:11 ----SD---- C:\Users\Tyreal\AppData\Roaming\Microsoft
2009-12-24 17:17:09 ----D---- C:\ProgramData\Corel
2009-12-17 23:25:44 ----SD---- C:\Windows\Downloaded Program Files
2009-12-15 21:00:00 ----D---- C:\Windows\Debug
2009-12-12 00:30:12 ----D---- C:\Windows\system32\Tasks
2009-12-12 00:26:41 ----D---- C:\Program Files\Common Files
2009-12-10 15:54:11 ----D---- C:\Windows\winsxs
2009-12-10 15:41:45 ----D---- C:\Program Files\Windows Mail
2009-12-10 15:41:45 ----D---- C:\Program Files\Internet Explorer
2009-12-07 18:44:20 ----D---- C:\Windows\Logs
2009-12-07 07:18:51 ----D---- C:\Windows\system32\WDI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 gdwfpcd;G DATA WFP CD; C:\Windows\system32\DRIVERS\gdwfpcd32.sys [2007-10-04 39880]
R2 GDTdiInterceptor;GDTdiInterceptor; \??\C:\Windows\system32\drivers\GDTdiIcpt.sys [2008-05-12 41928]
R3 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2008-05-12 46024]
R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2008-05-12 42952]
R3 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2008-05-12 32200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-07 2134424]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-02 7460320]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-02-15 14336]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 LVUVC;Logitech QuickCam S5500(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2009-10-07 6756632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088]
S3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S4 ahcix86s;ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [2007-12-19 170000]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-09-29 308248]
S4 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2008-04-03 76688]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 RxFilter;RxFilter; C:\Windows\system32\DRIVERS\RxFilter.sys [2007-11-08 57328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVKProxy;G DATA AntiVirus Proxy; C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe [2007-12-04 722504]
R2 AVKService;G DATA Scheduler; C:\Program Files\G DATA InternetSecurity\AVK\AVKService.exe [2007-12-04 427592]
R2 AVKWCtl;AntiVirus Wächter; C:\Program Files\G DATA InternetSecurity\AVK\AVKWCtl.exe [2007-12-04 1095240]
R2 FSCLBaseUpdaterService;FSCLBaseUpdaterService; C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe [2007-06-04 65536]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-02 118784]
R2 ProtexisLicensing;ProtexisLicensing; c:\Windows\system32\PSIService.exe [2006-11-02 174656]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [2008-02-29 307200]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-11-13 1021256]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 GDFwSvc;G DATA Personal Firewall; C:\Program Files\G DATA InternetSecurity\Firewall\GDFwSvc.exe [2007-10-24 1496648]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-30 30192]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-11-12 74384]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-12-01 435016]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.06 2010-01-05 15:19:25

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
AC3Filter 1.63b-->"C:\Program Files\AC3Filter\unins000.exe"
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Apple Software Update-->MsiExec.exe /I{55FA89BD-21D3-42F7-9249-C94C0094A83C}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Atlantica_EU-->C:\nDoors\Atlantica_EU\uninst.exe
Big Fish Games Center (remove only)-->C:\Big Fish Games\Uninstall.exe
Big Fish Games Sudoku (remove only)-->C:\Big Fish Games\Sudoku\Uninstall.exe
Brockhaus multimedial 2008-->MsiExec.exe /I{50D69C54-6963-49A6-B762-A9FF8F56AF0F}
Brother MFL-Pro Suite DCP-375CW-->"C:\Program Files\InstallShield Installation Information\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}\Setup.exe" -runfromtemp -l0x0007 UNINSTALL Reg=BH9e_C1 -removeonly
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cradle of Rome (remove only)-->C:\Big Fish Games\Cradle of Rome\Uninstall.exe
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Plus Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
FaceFilter Studio Brother Edition-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}\Setup.exe" -l0x7 /uninstall
Free Audio CD Burner version 1.2-->"C:\Program Files\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
Free YouTube to MP3 Converter version 3.2-->"C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"
FSCLounge-->MsiExec.exe /I{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}
G DATA InternetSecurity-->C:\Program Files\InstallShield Installation Information\{EBC48410-C292-412D-A72A-4F2855988D55}\setup.exe -runfromtemp -l0x0007 -removeonly
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Logitech Vid-->MsiExec.exe /I{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}
Logitech Webcam Software-->MsiExec.exe /I{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}
Luxor Amun Rising (remove only)-->C:\Big Fish Games\Luxor Amun Rising\Uninstall.exe
Mahjong Towers Eternity EU (remove only)-->C:\Big Fish Games\Mahjong Towers Eternity EU\Uninstall.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (3.0)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Mystery Case Files - Prime Suspects (remove only)-->C:\Big Fish Games\Mystery Case Files - Prime Suspects\Uninstall.exe
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
PaperPort Image Printer-->MsiExec.exe /X{2BC2781A-F7F6-452E-95EB-018A522F1B2C}
Poker Superstars II (remove only)-->C:\Big Fish Games\Poker Superstars II\Uninstall.exe
QuickTime-->MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Roxio BackOnTrack-->MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}
Roxio Central Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Central Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Central Core-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Central Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Central Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio File Backup-->MsiExec.exe /I{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Roxio WinOnCD LE 10-->MsiExec.exe /I{79AE264A-7DEA-49AF-AFAF-7A2D8F706F51}
ScanSoft PaperPort 11-->MsiExec.exe /I{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SystemDiagnostics-->MsiExec.exe /X{C87BC0B7-2BB8-49D1-8CE0-EB0410EF0938}
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Virtual Villagers (remove only)-->C:\Big Fish Games\Virtual Villagers\Uninstall.exe
Warlords Battlecry-->C:\Windows\IsUn0407.exe -f"C:\Program Files\SSI\Warlords Battlecry\Uninst.isu"
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
WordPerfect Office X3-->"c:\Program Files\WordPerfect Office X3\CabsDE\MSILauncher.exe" "{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}"
WordPerfect Office X3-->MsiExec.exe /I{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}

======Security center information======

AV: G DATA AntiVirus 2008 (outdated)
FW: G DATA Personal Firewall
AS: Windows Defender

======System event log======

Computer Name: Tyreal-PC
Event Code: 10029
Message: DCOM hat den Dienst swprv mit den Argumenten "" gestartet, um den Server auszuführen:
{65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A}
Record Number: 39555
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20100105141619.000000-000
Event Type: Informationen
User:

Computer Name: Tyreal-PC
Event Code: 7036
Message: Dienst "Microsoft-Softwareschattenkopie-Anbieter" befindet sich jetzt im Status "Ausgeführt".
Record Number: 39556
Source Name: Service Control Manager
Time Written: 20100105141619.000000-000
Event Type: Informationen
User:

Computer Name: Tyreal-PC
Event Code: 2000
Message: Die Windows-Defender-Signaturversion wurde aktualisiert.
Aktuelle Signaturversion: 1.71.1705.0
Vorherige Signaturversion: 1.71.1568.0
Aktualisierungsquelle: Benutzer
Signaturtyp: AntiSpyware
Aktualisierungstyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.5302.0
Vorherige Modulversion: 1.1.5302.0
Record Number: 39557
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20100105141639.000000-000
Event Type: Informationen
User:

Computer Name: Tyreal-PC
Event Code: 19
Message: Installation erfolgreich: Das folgende Update wurde installiert. Definition Update for Windows Defender - KB915597 (Definition 1.71.1705.0)
Record Number: 39558
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20100105141650.173725-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: Tyreal-PC
Event Code: 7036
Message: Dienst "Anwendungsinformationen" befindet sich jetzt im Status "Ausgeführt".
Record Number: 39559
Source Name: Service Control Manager
Time Written: 20100105141913.000000-000
Event Type: Informationen
User:

=====Application event log=====

Computer Name: Tyreal-PC
Event Code: 1
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.
Record Number: 3994
Source Name: SecurityCenter
Time Written: 20100105141325.000000-000
Event Type: Informationen
User:

Computer Name: Tyreal-PC
Event Code: 1001
Message: Die Leistungsindikatoren für den Dienst WmiApRpl (WmiApRpl) wurden entfernt. Die Daten enthalten die neuen Werte der Registrierungseinträge "Last Counter" und "Last Help".
Record Number: 3995
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100105141627.000000-000
Event Type: Informationen
User:

Computer Name: Tyreal-PC
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst WmiApRpl (WmiApRpl) wurden erfolgreich geladen. Die Eintragsdaten im Datenbereich enthalten die neuen Indexwerte, die diesem Dienst zugeordnet sind.
Record Number: 3996
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100105141627.000000-000
Event Type: Informationen
User:

Computer Name: Tyreal-PC
Event Code: 8194
Message: Der Wiederherstellungspunkt wurde erfolgreich erstellt (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update).
Record Number: 3997
Source Name: System Restore
Time Written: 20100105141631.000000-000
Event Type: Informationen
User:

Computer Name: Tyreal-PC
Event Code: 8194
Message: Der Wiederherstellungspunkt wurde erfolgreich erstellt (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update).
Record Number: 3998
Source Name: System Restore
Time Written: 20100105141640.000000-000
Event Type: Informationen
User:

=====Security event log=====

Computer Name: Tyreal-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5450
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100105141922.836725-000
Event Type: Überwachung gescheitert
User:

Computer Name: Tyreal-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5451
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100105141922.874725-000
Event Type: Überwachung gescheitert
User:

Computer Name: Tyreal-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5452
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100105141922.929725-000
Event Type: Überwachung gescheitert
User:

Computer Name: Tyreal-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5453
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100105141922.969725-000
Event Type: Überwachung gescheitert
User:

Computer Name: Tyreal-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 5454
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100105141923.004725-000
Event Type: Überwachung gescheitert
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\DivX Shared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=1707
"NUMBER_OF_PROCESSORS"=4
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------


2. Die Programme von CCleaner.

C3Filter 1.63b Alexander Vigovsky 22.12.2009 4,88MB 1.63b
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 29.11.2009 10.0.32.18
Adobe Flash Player ActiveX Adobe Systems Incorporated 29.11.2009 9.0.246.0
Apple Software Update Apple Computer, Inc. 12.05.2008 2,38MB 1.0.0.7
Ask Toolbar Ask.com 11.12.2009 1,88MB 1.4.4.0
Atlantica_EU NDOORS INTERACTIVE 30.11.2009 7.115,9MB 21001
Big Fish Games Center (remove only) 29.11.2009 172,3MB
Big Fish Games Sudoku (remove only) 29.11.2009 172,3MB
Brockhaus multimedial 2008 Brockhaus AG 12.05.2008 701,7MB 10.00.0000
Brother MFL-Pro Suite DCP-375CW Brother Industries, Ltd. 30.11.2009 9,00MB 1.0.0.0
CCleaner Piriform 14.12.2009 2,80MB
Cradle of Rome (remove only) 29.11.2009 38,8MB
DivX Codec DivX, Inc. 29.11.2009 1,57MB 6.9.1
DivX Converter DivX, Inc. 29.11.2009 45,3MB 7.1.0
DivX Player DivX, Inc. 29.11.2009 8,43MB 7.2.0
DivX Plus DirectShow Filters DivX, Inc. 29.11.2009 1,58MB
DivX Plus Web Player DivX,Inc. 29.11.2009 8,77MB 2.0.0
FaceFilter Studio Brother Edition 30.11.2009 16,5MB 1.0
Free Audio CD Burner version 1.2 DVDVideoSoft Limited. 11.12.2009 2,60MB
Free YouTube to MP3 Converter version 3.2 DVDVideoSoft Limited. 11.12.2009 2,67MB
FSCLounge Fujitsu Siemens Computers 29.11.2009 8,47MB 1.0.0
G DATA InternetSecurity G DATA 12.05.2008 65,6MB 17.0.0
Google Desktop Google 30.11.2009 6,65MB 5.9.0911.03589
HijackThis 2.0.2 TrendMicro 03.01.2010 0,77MB 2.0.2
ICQ Toolbar ICQ 29.11.2009 3.0.0
ICQ6.5 ICQ 29.11.2009 49,6MB 6.5
Java(TM) 6 Update 16 Sun Microsystems, Inc. 29.11.2009 95,0MB 6.0.160
Logitech Vid Logitech Inc. 24.12.2009 39,9MB 1.10.1009
Logitech Webcam Software Logitech Inc. 24.12.2009 44,0MB 12.10.1113
Luxor Amun Rising (remove only) 29.11.2009 18,1MB
Mahjong Towers Eternity EU (remove only) 29.11.2009 15,7MB
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 02.12.2009 37,0MB
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 01.12.2009 37,0MB
Microsoft Silverlight Microsoft Corporation 01.12.2009 14,9MB 3.0.40818.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 01.12.2009 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 30.11.2009 0,41MB 8.0.56336
Mozilla Firefox (3.5.5) Mozilla 29.11.2009 26,4MB 3.5.5 (de)
Mozilla Thunderbird (3.0) Mozilla 14.12.2009 31,4MB 3.0 (de)
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 01.12.2009 35,00KB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 01.12.2009 1,34MB 4.20.9876.0
Mystery Case Files - Prime Suspects (remove only) 29.11.2009 39,3MB
NVIDIA Drivers 11.05.2008
PaperPort Image Printer Nuance Communications, Inc. 30.11.2009 0,51MB 1.00.0000
Poker Superstars II (remove only) 29.11.2009 30,3MB
QuickTime Apple Computer, Inc. 12.05.2008 70,1MB 7.1.3.100
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 11.05.2008
Roxio BackOnTrack Roxio 12.05.2008 11,3MB 1.1.0
Roxio Central Audio Roxio 12.05.2008 1,95MB 3.7.0
Roxio Central Copy Roxio 12.05.2008 1,04MB 3.7.0
Roxio Central Core Roxio 12.05.2008 21,2MB 3.7.0
Roxio Central Data Roxio 12.05.2008 1,34MB 3.7.0
Roxio Central Tools Roxio 12.05.2008 0,59MB 3.7.0
Roxio Express Labeler 3 Roxio 12.05.2008 18,4MB 3.2.1
Roxio File Backup Roxio 12.05.2008 9,15MB 1.1.0
Roxio Update Manager Roxio 12.05.2008 2,30MB 6.0.0
Roxio WinOnCD LE 10 Roxio 12.05.2008 82,7MB 1.1.043
ScanSoft PaperPort 11 Nuance Communications, Inc. 30.11.2009 146,6MB 11.2.0000
Skype web features Skype Technologies S.A. 10.12.2009 4,34MB 1.0.3971
Skype™ 4.1 Skype Technologies S.A. 10.12.2009 31,1MB 4.1.179
SystemDiagnostics Fujitsu Siemens Computers 29.11.2009 14,7MB 2.00.0002
TuneUp Utilities TuneUp Software 30.11.2009 62,2MB 9.0.2010.9
Uninstall 1.0.0.1 11.12.2009 17,7MB
Virtual Villagers (remove only) 29.11.2009 20,0MB
Warlords Battlecry 22.12.2009 650,0MB
Windows Live Anmelde-Assistent Microsoft Corporation 29.11.2009 1,93MB 5.000.818.5
Windows Live Essentials Microsoft Corporation 29.11.2009 44,0MB 14.0.8089.0726
Windows Live-Uploadtool Microsoft Corporation 29.11.2009 0,22MB 14.0.8014.1029
WordPerfect Office X3 Corel Corporation 29.11.2009 507,1MB


Zu guter letzt.

File-Upload.net - log.log

Zitat:

Zitat von Enzu

Habe jeden Schritt soweit befolgt , hier folgt das Resultat.

Punkt 3. auch?:-> http://www.trojaner-board.de/81220-s...tml#post491960

1.
Deinstalliere unter `Start→ Systemsteuereung→ Ändern/Entfernen...`

Code: Alles auswählenAufklappen

ATTFilter

Ask Toolbar - Adware -Toolbar
         

2.
ist Dir bekannt?:

Code: Alles auswählenAufklappen

ATTFilter

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gllod.com
         

3.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

• Installieren und per Doppelklick starten.
• Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
• "Komplett Scan durchführen" wählen (überall Haken setzen)
• wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
• alle Funde markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
• Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Malwarebytes Anti-Malware

4.
poste erneut:
Trend Micro HijackThis-Logfile - Keine offenen Fenster, solang bis HijackThis läuft!!