| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.08.2011, 15:37
| #16 |
 |  Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? Hallo, ich habe das alles jetzt weiter ausgeführt....bis zum schluss was du wolltest, hier die logs/Berichte! Code:
ATTFilter All processes killed
========== OTL ==========
Prefs.js: "" removed from browser.search.defaultenginename
Prefs.js: "" removed from browser.search.selectedEngine
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
ADS C:\ProgramData\TEMP:0888F409 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DCCDFEE5-3621-4515-8C75-D29DA8C7E6DF}C:\users\marco\desktop\marco alter laptop\iphone cracken\umbrella-4.1.4.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DE93F1BC-AC08-4962-B583-D20E19BFAF5B}C:\program files\icq6\icq.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{17553674-4733-4E00-982C-8B878F721049}C:\users\marco\desktop\marco alter laptop\iphone cracken\umbrella-4.1.4.exe deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Marco
->Temp folder emptied: 8749770 bytes
->Temporary Internet Files folder emptied: 639966 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 67202780 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 1432 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 1465513 bytes
Total Files Cleaned = 74,00 mb
OTL by OldTimer - Version 3.2.26.5 log created on 08192011_162327
Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\mcafee_bGEs9Nj92cIb61H not found!
Registry entries deleted on Reboot...
Code:
ATTFilter SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 08/20/2011 at 03:05 PM
Application Version : 5.0.1118
Core Rules Database Version : 7585
Trace Rules Database Version: 5397
Scan type : Complete Scan
Total Scan Time : 01:02:53
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)
Memory items scanned : 792
Memory threats detected : 0
Registry items scanned : 38195
Registry threats detected : 26
File items scanned : 48712
File threats detected : 122
Unclassified.Oreans32
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#DeviceDesc
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Capabilities
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000\Control
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000\Control#ActiveService
HKLM\SYSTEM\CurrentControlSet\Services\oreans32
HKLM\SYSTEM\CurrentControlSet\Services\oreans32#Type
HKLM\SYSTEM\CurrentControlSet\Services\oreans32#Start
HKLM\SYSTEM\CurrentControlSet\Services\oreans32#ErrorControl
HKLM\SYSTEM\CurrentControlSet\Services\oreans32#ImagePath
HKLM\SYSTEM\CurrentControlSet\Services\oreans32#DisplayName
HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum
HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum#0
HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum#Count
HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum#NextInstance
Application.Oreans32
HKLM\System\ControlSet001\Services\OREANS32
C:\WINDOWS\SYSTEM32\DRIVERS\OREANS32.SYS
HKLM\System\ControlSet001\Enum\Root\LEGACY_OREANS32
HKLM\System\ControlSet002\Services\OREANS32
HKLM\System\ControlSet002\Enum\Root\LEGACY_OREANS32
Trojan.Agent/Gen-FakeTool
C:\LOP SD\UNINSTAL.EXE
Adware.Tracking Cookie
account.goodgamestudios.com [ C:\USERS\MARCO\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D725JSUU ]
.doubleclick.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIR
EFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\MARCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6DP35KC7.DEFAULT\COOKIES.SQLITE ]
Dieses Programm ist jetzt in meiner startleiste, soll das so sein, kann ich die funde löschen und dann programm wieder deinstallieren, oder brauch ich das nochmal? Code:
ATTFilter OTL logfile created on: 20.08.2011 15:31:11 - Run 7 OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Marco\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 70,62% Memory free 7,18 Gb Paging File | 5,69 Gb Available in Paging File | 79,33% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 186,26 Gb Total Space | 27,64 Gb Free Space | 14,84% Space Free | Partition Type: NTFS Computer Name: MARCO-PC | User Name: Marco | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.08.18 20:27:13 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011.08.17 18:48:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe PRC - [2011.08.12 23:37:06 | 004,603,264 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2011.06.28 07:01:30 | 001,195,408 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2011.04.14 14:01:38 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe PRC - [2011.04.14 14:01:38 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe PRC - [2011.04.14 14:01:38 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe PRC - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe PRC - [2010.08.24 11:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.09.24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2007.09.07 17:27:08 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe PRC - [2007.09.07 11:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe PRC - [2007.08.29 14:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe PRC - [2007.07.24 19:02:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007.07.02 14:29:22 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe PRC - [2007.06.06 17:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007.05.22 15:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe PRC - [2007.03.28 20:47:34 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\upeksvr.exe PRC - [2007.02.20 14:29:00 | 000,679,936 | ---- | M] (Logitech Inc.) -- C:\Program Files\SetPoint\SetPoint.exe PRC - [2007.01.11 20:15:00 | 000,101,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.exe PRC - [2006.11.03 18:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2006.11.03 18:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2006.09.08 16:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe ========== Modules (No Company Name) ========== MOD - [2011.08.20 15:14:37 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll MOD - [2011.08.20 14:01:16 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL MOD - [2011.08.20 14:01:16 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll MOD - [2011.08.20 14:01:15 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll MOD - [2011.08.18 20:27:12 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011.08.11 05:53:09 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2006.11.03 18:25:56 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll MOD - [2006.05.07 18:28:48 | 000,057,451 | ---- | M] () -- C:\Program Files\ICQLite\ICQLiteShell.dll ========== Win32 Services (SafeList) ========== SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011.04.14 14:01:38 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire) SRV - [2011.04.14 14:01:38 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV - [2011.04.14 14:01:38 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp) SRV - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2010.10.07 22:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2010.08.24 11:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV - [2008.09.24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.09.07 11:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV) SRV - [2007.08.29 14:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters) SRV - [2007.07.24 19:02:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) ========== Driver Services (SafeList) ========== DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011.04.14 14:01:38 | 000,387,480 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk) DRV - [2011.04.14 14:01:38 | 000,314,088 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek) DRV - [2011.04.14 14:01:38 | 000,165,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk) DRV - [2011.04.14 14:01:38 | 000,153,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2011.04.14 14:01:38 | 000,095,824 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk) DRV - [2011.04.14 14:01:38 | 000,084,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet) DRV - [2011.04.14 14:01:38 | 000,064,584 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk) DRV - [2011.04.14 14:01:38 | 000,056,064 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids) DRV - [2011.04.14 14:01:38 | 000,052,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2010.10.17 01:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009.09.16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009.09.16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009.07.24 19:19:44 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2007.10.10 18:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev) DRV - [2007.09.26 09:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2007.09.07 11:26:04 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007.06.25 19:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007.03.21 23:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007.03.05 19:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx) DRV - [2007.02.24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007.01.23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007.01.11 20:15:16 | 000,032,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007.01.11 20:15:06 | 000,032,272 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2005.06.13 10:03:12 | 000,060,768 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "http://www.google.de/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010.12.19 19:02:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010.12.19 19:02:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.08.11 03:32:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.18 20:27:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.10 16:22:39 | 000,000,000 | ---D | M] [2008.12.31 15:35:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Extensions [2008.06.03 16:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011.08.17 18:51:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\6dp35kc7.default\extensions [2010.06.24 06:15:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\6dp35kc7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.07.09 21:56:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010.06.20 13:40:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} File not found (No name found) -- [2011.08.18 20:27:13 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll [2010.06.20 13:39:54 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.08.19 18:01:01 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml O1 HOSTS File: ([2011.08.17 18:52:39 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll () O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110515092528.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Marco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.08.20 15:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2011.08.20 14:01:10 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\SUPERAntiSpyware.com [2011.08.20 14:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.08.20 14:00:39 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.08.20 14:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2011.08.20 13:58:55 | 012,495,296 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Marco\Desktop\SUPERAntiSpyware.exe [2011.08.18 20:33:42 | 016,852,768 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Marco\Desktop\jre-6u26-windows-i586-s.exe [2011.08.18 18:34:42 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2011.08.18 18:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011.08.18 17:44:51 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2011.08.18 17:43:53 | 002,617,176 | ---- | C] (VS Revo Group Ltd.) -- C:\Users\Marco\Desktop\revosetup.exe [2011.08.18 17:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lottoschein-Check [2011.08.18 16:44:37 | 000,909,600 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Marco\Desktop\jxpiinstall.exe [2011.08.17 19:09:28 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.08.17 19:09:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.08.17 19:09:24 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.08.17 19:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.08.17 19:00:42 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Marco\Desktop\mbam-setup-1.51.1.1800.exe [2011.08.17 18:51:37 | 000,000,000 | ---D | C] -- C:\_OTL [2011.08.17 18:48:39 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe [2011.08.14 08:33:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV [2011.08.14 08:15:34 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Canon Easy-PhotoPrint EX [2011.08.11 20:33:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2 [2011.08.11 20:33:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP [2011.08.11 20:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon IJ Network Tool [2011.08.11 20:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities [2011.08.11 20:30:47 | 001,335,296 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC6100C.dll [2011.08.11 20:30:47 | 000,307,200 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC6100L.dll [2011.08.11 20:30:47 | 000,114,688 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC6100I.dll [2011.08.11 20:30:47 | 000,106,496 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC6100U.dll [2011.08.11 20:30:47 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNHMCA.dll [2011.08.11 20:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup [2011.08.11 20:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series Benutzerregistrierung [2011.08.11 20:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON [2011.08.11 20:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt [2011.08.11 20:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint [2011.08.11 20:23:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series Manual [2011.08.11 20:22:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2011.08.11 20:22:06 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information [2011.08.11 20:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series [2011.08.11 20:20:52 | 000,290,816 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLMAG.DLL [2011.08.11 20:20:39 | 000,180,224 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMIUAG.DLL [2011.08.11 20:20:18 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2011.08.11 20:19:57 | 000,034,816 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMNPUI.DLL [2011.08.11 20:19:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\STRING [2011.08.11 20:08:41 | 000,038,480 | ---- | C] (CANON INC.) -- C:\Windows\System32\IJRMF.exe [2011.08.11 03:03:45 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.08.11 03:03:44 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.08.11 03:03:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.08.11 03:03:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.08.11 03:03:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.08.10 16:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.08.10 16:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2011.08.10 06:21:24 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2011.08.10 06:20:57 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011.08.10 06:20:57 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011.08.07 09:19:11 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\Firma Bilder [2011.08.07 09:13:09 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\Garage [2011.08.03 18:19:24 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\K1024 [2011.07.27 16:58:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.07.27 16:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011.07.27 16:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011.07.27 16:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour ========== Files - Modified Within 30 Days ========== [2011.08.20 15:12:55 | 000,122,479 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011.08.20 15:12:54 | 000,122,479 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011.08.20 15:12:54 | 000,001,695 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk [2011.08.20 15:12:43 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.08.20 15:12:42 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.08.20 15:12:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.08.20 15:12:37 | 3756,064,768 | -HS- | M] () -- C:\hiberfil.sys [2011.08.20 15:11:45 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.08.20 14:00:43 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.08.20 14:00:08 | 012,495,296 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Marco\Desktop\SUPERAntiSpyware.exe [2011.08.20 08:49:07 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.08.20 08:49:06 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.08.20 08:49:06 | 000,127,200 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.08.20 08:49:06 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.08.18 20:35:02 | 016,852,768 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Marco\Desktop\jre-6u26-windows-i586-s.exe [2011.08.18 18:46:33 | 000,909,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Marco\Desktop\jxpiinstall.exe [2011.08.18 18:34:43 | 000,001,017 | ---- | M] () -- C:\Users\Marco\Desktop\Revo Uninstaller.lnk [2011.08.18 17:44:08 | 002,617,176 | ---- | M] (VS Revo Group Ltd.) -- C:\Users\Marco\Desktop\revosetup.exe [2011.08.18 17:20:53 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Lottoschein-Check.lnk [2011.08.17 19:09:28 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.08.17 19:02:26 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Marco\Desktop\mbam-setup-1.51.1.1800.exe [2011.08.17 18:52:39 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2011.08.17 18:48:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe [2011.08.17 18:43:28 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe [2011.08.17 16:52:09 | 000,302,592 | ---- | M] () -- C:\Users\Marco\Desktop\uxt98hes.exe [2011.08.13 19:39:56 | 000,002,591 | ---- | M] () -- C:\Users\Marco\Desktop\Microsoft Office Word 2007.lnk [2011.08.11 22:29:00 | 000,000,020 | ---- | M] () -- C:\Users\Marco\defogger_reenable [2011.08.11 20:27:23 | 000,001,816 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk [2011.08.11 20:24:04 | 000,002,093 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG6100 series Online-Handbuch.lnk [2011.08.11 05:53:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.08.10 16:22:27 | 000,001,686 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.08.06 14:48:38 | 000,045,221 | R--- | M] () -- C:\Users\Marco\Desktop\Elektronik_2000_Perfekt_S_SE.pdf [2011.08.03 17:14:28 | 000,002,695 | ---- | M] () -- C:\Users\Marco\Desktop\Microsoft Office Outlook 2007.lnk [2011.08.02 16:53:00 | 001,318,700 | ---- | M] () -- C:\Users\Marco\Desktop\2011-07-18 06.39.31.jpg [2011.08.02 16:18:48 | 000,001,356 | ---- | M] () -- C:\Users\Marco\AppData\Local\d3d9caps.dat [2011.07.29 19:24:12 | 000,247,808 | ---- | M] () -- C:\Users\Marco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.07.27 17:59:15 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.07.27 16:58:54 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.07.22 04:54:43 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.07.22 04:47:24 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.07.22 04:46:48 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.07.22 04:44:36 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.07.22 04:43:07 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll ========== Files Created - No Company Name ========== [2011.08.20 14:00:43 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.08.18 20:24:17 | 3756,064,768 | -HS- | C] () -- C:\hiberfil.sys [2011.08.18 18:34:43 | 000,001,017 | ---- | C] () -- C:\Users\Marco\Desktop\Revo Uninstaller.lnk [2011.08.18 17:20:53 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Lottoschein-Check.lnk [2011.08.17 19:09:28 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.08.17 18:45:11 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe [2011.08.17 16:52:07 | 000,302,592 | ---- | C] () -- C:\Users\Marco\Desktop\uxt98hes.exe [2011.08.11 22:28:40 | 000,000,020 | ---- | C] () -- C:\Users\Marco\defogger_reenable [2011.08.11 20:30:47 | 000,013,056 | ---- | C] () -- C:\Windows\System32\CNC174AD.TBL [2011.08.11 20:27:23 | 000,001,816 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk [2011.08.11 20:24:04 | 000,002,093 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG6100 series Online-Handbuch.lnk [2011.08.10 16:22:27 | 000,001,686 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.08.06 14:48:41 | 000,045,221 | R--- | C] () -- C:\Users\Marco\Desktop\Elektronik_2000_Perfekt_S_SE.pdf [2011.08.02 16:53:00 | 001,318,700 | ---- | C] () -- C:\Users\Marco\Desktop\2011-07-18 06.39.31.jpg [2011.07.27 16:58:54 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.05.24 00:03:43 | 000,000,600 | ---- | C] () -- C:\Users\Marco\AppData\Roaming\winscp.rnd [2010.03.05 02:39:02 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.03.05 02:39:02 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.01.28 02:09:54 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009.05.30 01:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009.05.30 01:31:52 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009.01.18 18:54:46 | 000,000,141 | ---- | C] () -- C:\Users\Marco\AppData\Roaming\default.rss [2009.01.18 10:42:34 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009.01.17 14:08:13 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini [2009.01.10 16:33:51 | 000,131,584 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe [2008.12.31 15:35:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2008.11.29 12:07:54 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll [2008.11.16 11:24:46 | 000,122,479 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008.11.16 11:24:46 | 000,122,479 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008.11.14 23:13:26 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2008.11.14 23:13:07 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2008.10.07 19:19:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.06.20 16:46:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Nlsdl.dll [2008.03.15 21:50:54 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini [2008.03.09 20:28:45 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI [2008.03.05 20:22:26 | 000,247,808 | ---- | C] () -- C:\Users\Marco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.03.03 20:57:35 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin [2008.03.03 20:11:32 | 000,027,335 | ---- | C] () -- C:\Users\Marco\AppData\Roaming\nvModes.001 [2008.03.03 20:08:42 | 000,027,335 | ---- | C] () -- C:\Users\Marco\AppData\Roaming\nvModes.dat [2008.03.03 19:57:28 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2008.03.03 19:12:54 | 000,001,356 | ---- | C] () -- C:\Users\Marco\AppData\Local\d3d9caps.dat [2008.03.03 19:02:43 | 000,002,140 | ---- | C] () -- C:\Windows\bthservsdp.dat [2007.09.04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2007.07.25 17:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll [2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006.11.03 18:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2006.11.02 17:33:31 | 000,632,252 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,127,200 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,410,104 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,598,900 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,104,914 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 11:03:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\mcicda.dll [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2009.06.27 16:41:31 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Ashampoo [2011.07.25 21:21:08 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\BOM [2011.08.14 08:50:35 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Canon [2008.03.09 21:07:01 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\CD-LabelPrint [2011.03.27 16:34:46 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\DVDVideoSoft [2011.03.24 20:59:21 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\DVDVideoSoftIEHelpers [2010.04.05 21:07:20 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\FreeAudioPack [2011.08.17 22:36:46 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\ICQ [2008.03.05 20:11:24 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\ICQLite [2008.09.30 19:36:25 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\IrfanView [2008.11.14 23:16:47 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\MAGIX [2008.03.09 20:28:39 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\ScanSoft [2009.09.04 13:43:13 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\temp [2008.03.03 20:14:23 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\TMP [2008.03.12 18:19:45 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\TomTom [2011.07.23 22:06:01 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\VideoReDoPlus [2010.04.10 13:49:43 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\VistaCodecs [2011.06.23 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\XMedia Recode [2011.08.20 15:11:43 | 000,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 20.08.2011 15:31:11 - Run 7
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Marco\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 70,62% Memory free
7,18 Gb Paging File | 5,69 Gb Available in Paging File | 79,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,26 Gb Total Space | 27,64 Gb Free Space | 14,84% Space Free | Partition Type: NTFS
Computer Name: MARCO-PC | User Name: Marco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{AC4693A2-308F-4A20-97DD-997CD862F57E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{494A99F4-963A-44CB-A9D9-1558E6BD8C25}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{4AE840F9-D1CB-4853-9E78-222F621156E9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{50CFFE47-333C-4AA7-9708-F2C7D55B1070}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{529F3582-B2FE-4358-89B3-5458516F155B}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{5B42FC9E-EFDE-46CE-8720-59EDF6C96049}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{607C5962-280F-413A-A3CA-911091A3A1C1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{60CEF585-35DA-4623-8846-54BC9709288E}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{72F1AC96-BFDA-4BF3-8EF6-53E6AA3BA308}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{ACC2B5B8-D82B-4366-A9BD-C0E7B538C79A}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{B5D1B49F-D1F2-4DB2-BF9C-05CD9E2A2CA3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D6BD6BF7-3F03-4AC7-8669-72DD23CAF500}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{DEAC9C11-C236-4B0A-8BE2-1DA0B9101A1C}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{E36B54E1-999B-4184-87E7-64B094F5BCBC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E5108FD3-BFCD-4B8B-A028-BD3B7F3360C9}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{E9474FC0-AF0F-4A1C-96B6-877305B0A51A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{04E3576E-B4CA-49FE-ABFE-5A6F70FD1168}C:\program files\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"TCP Query User{276E2E4F-9EA5-46F1-AD97-DC5A22A378D5}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{7B25A99D-AEBA-40BE-BD4F-D8C63DEF4D20}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{B0988C33-5909-41B9-BCB5-677611BB06B7}C:\program files\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series" = Canon MG6100 series MP Drivers
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1C9DC767-ABC7-4427-B758-FA2CF0FA9F47}_is1" = Lottoschein-Check Version 1.27
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = SetPoint
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9060B698-2B29-4A1F-B876-BEAC4C0A25D5}" = KhalSetup
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A2289997-10A3-48F2-AA03-99180D761661}" = Protector Suite QL 5.6
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC76BA86-7AD7-1031-7B44-A81300000003}_814" = KB408682
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ace2a21f-2106-4ecc-a963-360cd3ca68af}" = Nero 9
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.14
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"AviSynth" = AviSynth 2.5
"Biet-O-Matic v2.8.3" = Biet-O-Matic v2.8.3
"Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
"Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
"Canon MG6100 series Benutzerregistrierung" = Canon MG6100 series Benutzerregistrierung
"Canon MP600 Benutzerregistrierung" = Canon MP600 Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"DivX Setup.divx.com" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Easy-PhotoPrint Pro
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 3.2.17.324
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.34.305
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 6.0 (x86 de)" = Mozilla Firefox 6.0 (x86 de)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSC" = McAfee SecurityCenter
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel(R) PROSet/Wireless Software
"Revo Uninstaller" = Revo Uninstaller 1.93
"TomTom HOME" = TomTom HOME 2.7.6.2056
"Uninstall_is1" = Uninstall 1.0.0.1
"VideoReDo-Plus_is1" = VideoReDo/Plus Version 2.5.6.512
"VLC media player" = VLC media player 1.0.5
"WBFS Manager 3.0" = WBFS Manager 3.0
"XMedia Recode" = XMedia Recode 3.0.0.0
"YTdetect" = Yahoo! Detect
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.08.2011 02:32:19 | Computer Name = Marco-PC | Source = SecurityCenter | ID = 5
Description = Es konnten keine Instanzen von AntiVirusProduct aus der WMI geladen
werden.
Error - 20.08.2011 02:32:19 | Computer Name = Marco-PC | Source = SecurityCenter | ID = 6
Description = Es konnten keine Instanzen von AntiSpywareProduct aus der WMI geladen
werden.
Error - 20.08.2011 02:36:20 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 20.08.2011 02:44:45 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 20.08.2011 07:29:57 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 20.08.2011 07:35:56 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 20.08.2011 07:47:43 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 20.08.2011 07:53:28 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 20.08.2011 09:15:40 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 20.08.2011 09:30:38 | Computer Name = Marco-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.26.5 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: ff8 Anfangszeit: 01cc5f3d1e7d1d8f Zeitpunkt der Beendigung:
18
[ OSession Events ]
Error - 25.09.2009 16:16:43 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.
Error - 25.09.2009 16:19:24 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 155
seconds with 120 seconds of active time. This session ended with a crash.
Error - 05.10.2009 08:05:35 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.
Error - 05.10.2009 08:08:30 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 169
seconds with 120 seconds of active time. This session ended with a crash.
Error - 05.10.2009 08:09:49 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.
Error - 05.10.2009 08:14:34 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.07.2010 12:52:23 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 25
seconds with 0 seconds of active time. This session ended with a crash.
Error - 10.12.2010 12:23:59 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 33
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.12.2010 15:43:29 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.
Error - 20.04.2011 10:43:39 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 37
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 20.08.2011 02:23:26 | Computer Name = Marco-PC | Source = DCOM | ID = 10010
Description =
Error - 20.08.2011 02:30:06 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 02:34:56 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 02:41:37 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 02:43:11 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 07:27:59 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 07:34:28 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 07:46:05 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 07:51:50 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 09:13:45 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Was ist mit mein nicht Installierten Java das Probleme macht?! Ich finde am laptop hat sich nichts verändert, zumindes bemerk ich es jetzt noch nicht! Gruß Marco |
|
21.08.2011, 05:25
| #17 |
| /// Helfer-Team    | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? Ich würde gerne erneut all deine installierten Programme sehen:
__________________CCleaner starten → klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein
__________________ Geändert von kira (21.08.2011 um 05:41 Uhr) |
|
21.08.2011, 07:50
| #18 |
| | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? Hallo, hier nochmal die Textdatei der Installierten Programme.
__________________Evtl kann ich ja was deinstallieren was unwichtig ist, vieleicht hast du ein TIPP, möchte nicht einfach was löschen/deinstallieren, kenn mich doch nicht so aus :-(! Code:
ATTFilter 7-Zip 4.65 26.02.2010 3,13MB
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 11.09.2010 10.1.82.76
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 10.08.2011 10.3.183.5
Adobe Reader 9.4.5 - Deutsch Adobe Systems Incorporated 14.06.2011 164,1MB 9.4.5
Advanced Audio FX Engine 02.03.2008
Advanced Video FX Engine 02.03.2008
Apple Application Support Apple Inc. 26.07.2011 60,2MB 2.0.1
Apple Mobile Device Support Apple Inc. 12.06.2011 22,1MB 3.4.1.2
Apple Software Update Apple Inc. 11.07.2011 2,38MB 2.1.3.127
AviSynth 2.5 16.01.2011 5,81MB
Biet-O-Matic v2.8.3 BOM Development Team 28.11.2008 2,75MB Biet-O-Matic v2.8.3
Bonjour Apple Inc. 26.07.2011 0,73MB 3.0.0.2
Canon Easy-PhotoPrint EX 10.08.2011 227MB
Canon Easy-PhotoPrint Pro 10.08.2011 36,0MB
Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data 10.08.2011 36,0MB
Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data 10.08.2011 11,8MB
Canon Easy-WebPrint EX 18.08.2011 6,81MB
Canon IJ Network Scan Utility 10.08.2011 1,07MB
Canon IJ Network Tool 10.08.2011 2,97MB
Canon MG6100 series Benutzerregistrierung 10.08.2011 1,18MB
Canon MG6100 series MP Drivers 10.08.2011 401MB
Canon MP Navigator EX 4.0 10.08.2011 75,3MB
Canon MP600 Benutzerregistrierung 08.03.2008 0,50MB
Canon My Printer 10.08.2011 5,55MB
Canon Solution Menu EX 10.08.2011 12,4MB
CCleaner Piriform 26.07.2011 3,82MB 3.09
CD-LabelPrint 10.08.2011 11,7MB
CyberLink MediaShow CyberLink Corp. 13.11.2008 327MB 4.0.1827
Dell Resource CD Ihr Firmenname 02.03.2008 3,05MB 1.10.0000
Dell Touchpad Alps Electric 02.03.2008 7,66MB 7.1.102.7
Dell Webcam Center 02.03.2008 14,1MB
Dell Webcam Manager 02.03.2008 0,77MB
DivX-Setup DivX, LLC 22.06.2011 3,11MB 2.5.0.15
Free Audio CD Burner version 1.4.7 DVDVideoSoft Limited. 23.03.2011 3,02MB
Free Video to iPhone Converter version 3.2.17.324 DVDVideoSoft Limited. 26.03.2011 5,57MB
Free YouTube to MP3 Converter version 3.9.34.305 DVDVideoSoft Limited. 23.03.2011 3,41MB
ICQ7.5 ICQ 14.05.2011 52,1MB 7.5
Intel(R) PROSet/Wireless Software Intel Corporation 02.03.2008 11.01.0000
Intel® Matrix Storage Manager 02.03.2008 37,1MB
iPhone-Konfigurationsprogramm Apple Inc. 13.09.2009 22,4MB 2.1.0.163
IrfanView (remove only) 30.05.2009 1,57MB
iTunes Apple Inc. 26.07.2011 141,9MB 10.4.0.80
Laptop Integrated Webcam Driver (1.04.01.1011) 03.03.2008
Live! Cam Avatar Creative Technology Ltd. 02.03.2008 14,0MB 1.0
Live! Cam Avatar Creator Creative Technology Ltd. 02.03.2008 183,2MB 4.6.0817.1
Lottoschein-Check Version 1.27 Stefan Oellerich 17.08.2011 0,91MB 1.27
Malwarebytes' Anti-Malware Version 1.51.1.1800 Malwarebytes Corporation 16.08.2011 6,71MB 1.51.1.1800
Marvell Miniport Driver Marvell 02.03.2008 1,80MB 10.22.6.3
McAfee SecurityCenter McAfee, Inc. 06.08.2011 27,6MB 10.5.240
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 30.03.2009 37,0MB
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 29.03.2009 37,0MB
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 24.06.2010 120,3MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 24.06.2010 24,5MB 4.0.30319
Microsoft Office Live Add-in 1.3 Microsoft Corporation 29.03.2009 0,48MB 2.0.2313.0
Microsoft Silverlight Microsoft Corporation 09.09.2009 3.0.40818.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 29.07.2009 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 12.11.2008 0,41MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 03.10.2010 0,59MB 9.0.30729
MobileMe Control Panel Apple Inc. 08.05.2011 11,3MB 3.1.6.0
Mozilla Firefox 6.0 (x86 de) Mozilla 17.08.2011 34,7MB 6.0
MSXML 4.0 SP2 (KB936181) Microsoft Corporation 10.03.2008 1,27MB 4.20.9848.0
MSXML 4.0 SP2 (KB941833) Microsoft Corporation 18.03.2008 1,27MB 4.20.9849.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 13.11.2008 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 25.11.2009 1,34MB 4.20.9876.0
Nero 9 Nero AG 23.10.2010 1.075MB
NVIDIA Drivers NVIDIA Corporation 08.11.2009 1.3
Protector Suite QL 5.6 UPEK Inc. 02.03.2008 48,1MB 5.6.2.3447
QuickSet Dell Inc. 02.03.2008 8,27MB 8.2.17
QuickTime Apple Inc. 09.08.2011 73,0MB 7.70.80.34
Revo Uninstaller 1.93 VS Revo Group 17.08.2011 6,60MB 1.93
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 02.03.2008 1,49MB 3.51.01
Safari Apple Inc. 26.07.2011 43,4MB 5.34.50.0
ScanSoft OmniPage SE 4.0 Nuance Communications, Inc. 08.03.2008 157,5MB 15.00.0020
SetPoint Logitech 02.03.2008 13,0MB 3.2
SigmaTel Audio SigmaTel 02.03.2008 15,1MB 5.10.5207.0
Spelling Dictionaries Support For Adobe Reader 9 Adobe Systems Incorporated 05.03.2010 29,7MB 9.0.0
SUPERAntiSpyware SUPERAntiSpyware.com 19.08.2011 64,7MB 5.0.1118
Tinypic 3.14 E. Fiedler 02.01.2011 1,16MB Tinypic 3.14
TomTom HOME 2.7.6.2056 TomTom 05.09.2010 40,5MB 2.7.6.2056
TomTom HOME Visual Studio Merge Modules TomTom International B.V. 01.05.2009 1,88MB 1.0.2
Uninstall 1.0.0.1 26.03.2011 20,4MB
VideoReDo/Plus Version 2.5.6.512 DRD Systems, Inc. 04.03.2008 15,6MB
Vista Codec Package Shark007 09.04.2010 53,8MB 5.6.7
VLC media player 1.0.5 VideoLAN Team 05.04.2010 76,6MB 1.0.5
WBFS Manager 3.0 AlexDP 15.10.2009 3,48MB 3.0
WIDCOMM Bluetooth Software 6.0.1.3100 Dell 02.03.2008 33,3MB 6.0.1.3100
Windows Live Anmelde-Assistent Microsoft Corporation 30.03.2009 1,93MB 5.000.818.6
Windows Media Player Firefox Plugin Microsoft Corp 17.06.2011 0,29MB 1.0.0.8
XMedia Recode 3.0.0.0 Sebastian Dörfler 22.06.2011 16,3MB 3.0.0.0
Was machen wir jetzt mit den blöden Java:-( das angeblich nicht installiert ist aber? Und was mit der Spyware in der Qarantäne, Spyware Programm ist noch immer unten in der Satrtleiste offen :-(? Ich finde auch (vieleicht ist es auch nur einbildung) das emein Internet seit gestern etwas langsamer ist! Gruß Marco |
|
24.08.2011, 17:00
| #19 |
| /// Helfer-Team | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? 1. Fixen mit OTL
Code:
ATTFilter :OTL
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found
[2010.06.20 13:40:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.06.20 13:39:54 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
[2011.08.18 20:33:42 | 016,852,768 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Marco\Desktop\jre-6u26-windows-i586-s.exe
[2011.08.18 18:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.08.18 20:35:02 | 016,852,768 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Marco\Desktop\jre-6u26-windows-i586-s.exe
[2011.08.18 18:46:33 | 000,909,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Marco\Desktop\jxpiinstall.exe
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4A03706F-666A-4037-7777-5F2748764D10}" =-
:Commands
[purity]
[emptytemp]
2. reinige dein System mit Ccleaner:
3. erneut einen Scan mit OTL:
versuche erneut mit Java: 4. → Downloade nun die Offline-Version von Java Version 6 Update 26 von Oracle herunter Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
24.08.2011, 20:13
| #20 |
| | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? Hallo, Danke erstmal bis hier her für deine hilfe :-)! Nun erstmal die gewünschten logs die du wolltest :-).....hab dann unten noch ein paar fragen :-(! Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin\ deleted successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\Users\Marco\Desktop\jre-6u26-windows-i586-s.exe moved successfully.
C:\Program Files\Common Files\Java\Java Update folder moved successfully.
C:\Program Files\Common Files\Java folder moved successfully.
File C:\Users\Marco\Desktop\jre-6u26-windows-i586-s.exe not found.
C:\Users\Marco\Desktop\jxpiinstall.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{4A03706F-666A-4037-7777-5F2748764D10} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A03706F-666A-4037-7777-5F2748764D10}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Marco
->Temp folder emptied: 780743 bytes
->Temporary Internet Files folder emptied: 45171564 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 297749596 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 4526 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2048 bytes
RecycleBin emptied: 1028871 bytes
Total Files Cleaned = 329,00 mb
OTL by OldTimer - Version 3.2.26.5 log created on 08242011_200538
Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\mcafee_VgI3qcMeqlc2Ig6 not found!
C:\Windows\temp\mcafee_ZtfBqboWJFKLkcH moved successfully.
Registry entries deleted on Reboot...
Code:
ATTFilter OTL logfile created on: 24.08.2011 20:35:31 - Run 8 OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Marco\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 74,53% Memory free 7,18 Gb Paging File | 5,96 Gb Available in Paging File | 82,99% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 186,26 Gb Total Space | 20,13 Gb Free Space | 10,81% Space Free | Partition Type: NTFS Computer Name: MARCO-PC | User Name: Marco | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.08.17 18:48:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe PRC - [2011.08.12 23:37:06 | 004,603,264 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2011.06.28 07:01:30 | 001,195,408 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2011.04.14 14:01:38 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe PRC - [2011.04.14 14:01:38 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe PRC - [2011.04.14 14:01:38 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe PRC - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe PRC - [2010.08.24 11:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.09.24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2007.09.07 17:27:08 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe PRC - [2007.09.07 11:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe PRC - [2007.08.29 14:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe PRC - [2007.07.24 19:02:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007.07.02 14:29:22 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe PRC - [2007.06.06 17:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007.05.22 15:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe PRC - [2007.03.28 20:47:34 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\upeksvr.exe PRC - [2007.02.20 14:29:00 | 000,679,936 | ---- | M] (Logitech Inc.) -- C:\Program Files\SetPoint\SetPoint.exe PRC - [2007.01.11 20:15:00 | 000,101,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.exe PRC - [2006.11.03 18:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2006.11.03 18:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2006.09.08 16:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe ========== Modules (No Company Name) ========== MOD - [2011.08.24 20:10:43 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll MOD - [2011.08.20 14:01:16 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL MOD - [2011.08.20 14:01:16 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll MOD - [2011.08.20 14:01:15 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2006.11.03 18:25:56 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll MOD - [2006.05.07 18:28:48 | 000,057,451 | ---- | M] () -- C:\Program Files\ICQLite\ICQLiteShell.dll ========== Win32 Services (SafeList) ========== SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011.04.14 14:01:38 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire) SRV - [2011.04.14 14:01:38 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV - [2011.04.14 14:01:38 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp) SRV - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2010.10.07 22:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2010.08.24 11:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV - [2008.09.24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.09.07 11:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV) SRV - [2007.08.29 14:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters) SRV - [2007.07.24 19:02:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) ========== Driver Services (SafeList) ========== DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011.04.14 14:01:38 | 000,387,480 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk) DRV - [2011.04.14 14:01:38 | 000,314,088 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek) DRV - [2011.04.14 14:01:38 | 000,165,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk) DRV - [2011.04.14 14:01:38 | 000,153,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2011.04.14 14:01:38 | 000,095,824 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk) DRV - [2011.04.14 14:01:38 | 000,084,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet) DRV - [2011.04.14 14:01:38 | 000,064,584 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk) DRV - [2011.04.14 14:01:38 | 000,056,064 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids) DRV - [2011.04.14 14:01:38 | 000,052,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2010.10.17 01:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009.09.16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009.09.16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009.07.24 19:19:44 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2007.10.10 18:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev) DRV - [2007.09.26 09:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2007.09.07 11:26:04 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007.06.25 19:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007.03.21 23:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007.03.05 19:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx) DRV - [2007.02.24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007.01.23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007.01.11 20:15:16 | 000,032,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007.01.11 20:15:06 | 000,032,272 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2005.06.13 10:03:12 | 000,060,768 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "http://www.google.de/" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010.12.19 19:02:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010.12.19 19:02:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.08.11 03:32:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.18 20:27:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.24 20:05:41 | 000,000,000 | ---D | M] [2008.12.31 15:35:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Extensions [2008.06.03 16:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011.08.17 18:51:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\6dp35kc7.default\extensions [2010.06.24 06:15:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\6dp35kc7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.08.24 20:05:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- [2011.08.18 20:27:13 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.08.19 18:01:01 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml O1 HOSTS File: ([2011.08.17 18:52:39 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll () O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110515092528.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Marco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.08.24 20:09:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2011.08.24 16:32:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011.08.24 16:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.08.24 16:28:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011.08.24 16:28:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011.08.20 14:01:10 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\SUPERAntiSpyware.com [2011.08.20 14:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.08.20 14:00:39 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.08.20 14:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2011.08.18 18:34:42 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2011.08.18 17:44:51 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2011.08.18 17:43:53 | 002,617,176 | ---- | C] (VS Revo Group Ltd.) -- C:\Users\Marco\Desktop\revosetup.exe [2011.08.18 17:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lottoschein-Check [2011.08.17 19:09:28 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.08.17 19:09:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.08.17 19:09:24 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.08.17 19:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.08.17 19:00:42 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Marco\Desktop\mbam-setup-1.51.1.1800.exe [2011.08.17 18:51:37 | 000,000,000 | ---D | C] -- C:\_OTL [2011.08.17 18:48:39 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe [2011.08.14 08:33:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV [2011.08.14 08:15:34 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Canon Easy-PhotoPrint EX [2011.08.11 20:33:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2 [2011.08.11 20:33:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP [2011.08.11 20:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon IJ Network Tool [2011.08.11 20:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities [2011.08.11 20:30:47 | 001,335,296 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC6100C.dll [2011.08.11 20:30:47 | 000,307,200 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC6100L.dll [2011.08.11 20:30:47 | 000,114,688 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC6100I.dll [2011.08.11 20:30:47 | 000,106,496 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC6100U.dll [2011.08.11 20:30:47 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNHMCA.dll [2011.08.11 20:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup [2011.08.11 20:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series Benutzerregistrierung [2011.08.11 20:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON [2011.08.11 20:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt [2011.08.11 20:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint [2011.08.11 20:23:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series Manual [2011.08.11 20:22:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2011.08.11 20:22:06 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information [2011.08.11 20:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series [2011.08.11 20:20:52 | 000,290,816 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLMAG.DLL [2011.08.11 20:20:39 | 000,180,224 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMIUAG.DLL [2011.08.11 20:20:18 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2011.08.11 20:19:57 | 000,034,816 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMNPUI.DLL [2011.08.11 20:19:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\STRING [2011.08.11 20:08:41 | 000,038,480 | ---- | C] (CANON INC.) -- C:\Windows\System32\IJRMF.exe [2011.08.11 03:03:45 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.08.11 03:03:44 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.08.11 03:03:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.08.11 03:03:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.08.11 03:03:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.08.10 16:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.08.10 16:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2011.08.10 06:21:24 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2011.08.10 06:20:57 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011.08.10 06:20:57 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011.08.07 09:19:11 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\Firma Bilder [2011.07.27 16:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour ========== Files - Modified Within 30 Days ========== [2011.08.24 20:14:35 | 000,180,324 | ---- | M] () -- C:\Users\Marco\Desktop\Unbenannthkhk.jpg [2011.08.24 20:09:46 | 000,122,479 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011.08.24 20:09:46 | 000,122,479 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011.08.24 20:09:42 | 000,001,695 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk [2011.08.24 20:09:28 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.08.24 20:09:28 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.08.24 20:09:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.08.24 20:08:46 | 3754,008,576 | -HS- | M] () -- C:\hiberfil.sys [2011.08.24 20:07:48 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.08.24 16:30:06 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.08.21 20:26:14 | 115,083,672 | ---- | M] () -- C:\Users\Marco\Desktop\Beats & Bitches.mp3 [2011.08.21 13:49:48 | 000,006,656 | ---- | M] () -- C:\Users\Marco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.08.21 09:32:46 | 021,073,936 | ---- | M] () -- C:\Users\Marco\Documents\vlc-1.1.11-win32.exe [2011.08.21 09:31:33 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.08.21 09:31:33 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.08.21 09:31:33 | 000,127,200 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.08.21 09:31:33 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.08.20 14:00:43 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.08.18 18:34:43 | 000,001,017 | ---- | M] () -- C:\Users\Marco\Desktop\Revo Uninstaller.lnk [2011.08.18 17:44:08 | 002,617,176 | ---- | M] (VS Revo Group Ltd.) -- C:\Users\Marco\Desktop\revosetup.exe [2011.08.18 17:20:53 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Lottoschein-Check.lnk [2011.08.17 19:09:28 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.08.17 19:02:26 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Marco\Desktop\mbam-setup-1.51.1.1800.exe [2011.08.17 18:52:39 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2011.08.17 18:48:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe [2011.08.17 18:43:28 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe [2011.08.17 16:52:09 | 000,302,592 | ---- | M] () -- C:\Users\Marco\Desktop\uxt98hes.exe [2011.08.13 19:39:56 | 000,002,591 | ---- | M] () -- C:\Users\Marco\Desktop\Microsoft Office Word 2007.lnk [2011.08.11 22:29:00 | 000,000,020 | ---- | M] () -- C:\Users\Marco\defogger_reenable [2011.08.11 20:27:23 | 000,001,816 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk [2011.08.11 20:24:04 | 000,002,093 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG6100 series Online-Handbuch.lnk [2011.08.11 05:53:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.08.10 16:22:27 | 000,001,686 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.08.06 14:48:38 | 000,045,221 | R--- | M] () -- C:\Users\Marco\Desktop\Elektronik_2000_Perfekt_S_SE.pdf [2011.08.03 17:14:28 | 000,002,695 | ---- | M] () -- C:\Users\Marco\Desktop\Microsoft Office Outlook 2007.lnk [2011.08.02 16:53:00 | 001,318,700 | ---- | M] () -- C:\Users\Marco\Desktop\2011-07-18 06.39.31.jpg [2011.08.02 16:18:48 | 000,001,356 | ---- | M] () -- C:\Users\Marco\AppData\Local\d3d9caps.dat [2011.07.27 17:59:15 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk ========== Files Created - No Company Name ========== [2011.08.24 20:14:34 | 000,180,324 | ---- | C] () -- C:\Users\Marco\Desktop\Unbenannthkhk.jpg [2011.08.24 16:30:06 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.08.21 20:12:41 | 115,083,672 | ---- | C] () -- C:\Users\Marco\Desktop\Beats & Bitches.mp3 [2011.08.21 09:30:50 | 021,073,936 | ---- | C] () -- C:\Users\Marco\Documents\vlc-1.1.11-win32.exe [2011.08.20 14:00:43 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.08.18 20:24:17 | 3754,008,576 | -HS- | C] () -- C:\hiberfil.sys [2011.08.18 18:34:43 | 000,001,017 | ---- | C] () -- C:\Users\Marco\Desktop\Revo Uninstaller.lnk [2011.08.18 17:20:53 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Lottoschein-Check.lnk [2011.08.17 19:09:28 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.08.17 18:45:11 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe [2011.08.17 16:52:07 | 000,302,592 | ---- | C] () -- C:\Users\Marco\Desktop\uxt98hes.exe [2011.08.11 22:28:40 | 000,000,020 | ---- | C] () -- C:\Users\Marco\defogger_reenable [2011.08.11 20:30:47 | 000,013,056 | ---- | C] () -- C:\Windows\System32\CNC174AD.TBL [2011.08.11 20:27:23 | 000,001,816 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk [2011.08.11 20:24:04 | 000,002,093 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG6100 series Online-Handbuch.lnk [2011.08.10 16:22:27 | 000,001,686 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.08.06 14:48:41 | 000,045,221 | R--- | C] () -- C:\Users\Marco\Desktop\Elektronik_2000_Perfekt_S_SE.pdf [2011.08.02 16:53:00 | 001,318,700 | ---- | C] () -- C:\Users\Marco\Desktop\2011-07-18 06.39.31.jpg [2010.05.24 00:03:43 | 000,000,600 | ---- | C] () -- C:\Users\Marco\AppData\Roaming\winscp.rnd [2010.03.05 02:39:02 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.03.05 02:39:02 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.01.28 02:09:54 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009.05.30 01:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009.05.30 01:31:52 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009.01.18 18:54:46 | 000,000,141 | ---- | C] () -- C:\Users\Marco\AppData\Roaming\default.rss [2009.01.18 10:42:34 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009.01.17 14:08:13 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini [2009.01.10 16:33:51 | 000,131,584 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe [2008.12.31 15:35:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2008.11.29 12:07:54 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll [2008.11.16 11:24:46 | 000,122,479 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008.11.16 11:24:46 | 000,122,479 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008.11.14 23:13:26 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2008.11.14 23:13:07 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2008.10.07 19:19:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.06.20 16:46:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Nlsdl.dll [2008.03.15 21:50:54 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini [2008.03.09 20:28:45 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI [2008.03.05 20:22:26 | 000,006,656 | ---- | C] () -- C:\Users\Marco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.03.03 20:57:35 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin [2008.03.03 20:11:32 | 000,027,335 | ---- | C] () -- C:\Users\Marco\AppData\Roaming\nvModes.001 [2008.03.03 20:08:42 | 000,027,335 | ---- | C] () -- C:\Users\Marco\AppData\Roaming\nvModes.dat [2008.03.03 19:57:28 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2008.03.03 19:12:54 | 000,001,356 | ---- | C] () -- C:\Users\Marco\AppData\Local\d3d9caps.dat [2008.03.03 19:02:43 | 000,002,140 | ---- | C] () -- C:\Windows\bthservsdp.dat [2007.09.04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2007.07.25 17:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll [2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006.11.03 18:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2006.11.02 17:33:31 | 000,632,252 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,127,200 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,410,104 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,598,900 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,104,914 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 11:03:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\mcicda.dll [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2009.06.27 16:41:31 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Ashampoo [2011.07.25 21:21:08 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\BOM [2011.08.14 08:50:35 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Canon [2008.03.09 21:07:01 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\CD-LabelPrint [2011.03.27 16:34:46 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\DVDVideoSoft [2011.03.24 20:59:21 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\DVDVideoSoftIEHelpers [2010.04.05 21:07:20 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\FreeAudioPack [2011.08.24 20:03:11 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\ICQ [2008.03.05 20:11:24 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\ICQLite [2008.09.30 19:36:25 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\IrfanView [2008.11.14 23:16:47 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\MAGIX [2008.03.09 20:28:39 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\ScanSoft [2009.09.04 13:43:13 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\temp [2008.03.03 20:14:23 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\TMP [2008.03.12 18:19:45 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\TomTom [2011.07.23 22:06:01 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\VideoReDoPlus [2010.04.10 13:49:43 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\VistaCodecs [2011.06.23 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\XMedia Recode [2011.08.24 20:07:50 | 000,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 24.08.2011 20:35:31 - Run 8
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Marco\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 74,53% Memory free
7,18 Gb Paging File | 5,96 Gb Available in Paging File | 82,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,26 Gb Total Space | 20,13 Gb Free Space | 10,81% Space Free | Partition Type: NTFS
Computer Name: MARCO-PC | User Name: Marco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{AC4693A2-308F-4A20-97DD-997CD862F57E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{494A99F4-963A-44CB-A9D9-1558E6BD8C25}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{4AE840F9-D1CB-4853-9E78-222F621156E9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{50CFFE47-333C-4AA7-9708-F2C7D55B1070}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{529F3582-B2FE-4358-89B3-5458516F155B}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{5B42FC9E-EFDE-46CE-8720-59EDF6C96049}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{607C5962-280F-413A-A3CA-911091A3A1C1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{60CEF585-35DA-4623-8846-54BC9709288E}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{71F45FFF-C586-455D-BA07-F0E8313A9E66}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{72F1AC96-BFDA-4BF3-8EF6-53E6AA3BA308}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B5D1B49F-D1F2-4DB2-BF9C-05CD9E2A2CA3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D6BD6BF7-3F03-4AC7-8669-72DD23CAF500}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{DEAC9C11-C236-4B0A-8BE2-1DA0B9101A1C}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{E36B54E1-999B-4184-87E7-64B094F5BCBC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E5108FD3-BFCD-4B8B-A028-BD3B7F3360C9}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{E9474FC0-AF0F-4A1C-96B6-877305B0A51A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{04E3576E-B4CA-49FE-ABFE-5A6F70FD1168}C:\program files\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"TCP Query User{276E2E4F-9EA5-46F1-AD97-DC5A22A378D5}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{7B25A99D-AEBA-40BE-BD4F-D8C63DEF4D20}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{B0988C33-5909-41B9-BCB5-677611BB06B7}C:\program files\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series" = Canon MG6100 series MP Drivers
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1C9DC767-ABC7-4427-B758-FA2CF0FA9F47}_is1" = Lottoschein-Check Version 1.27
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = SetPoint
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9060B698-2B29-4A1F-B876-BEAC4C0A25D5}" = KhalSetup
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A2289997-10A3-48F2-AA03-99180D761661}" = Protector Suite QL 5.6
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC76BA86-7AD7-1031-7B44-A81300000003}_814" = KB408682
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ace2a21f-2106-4ecc-a963-360cd3ca68af}" = Nero 9
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.14
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"AviSynth" = AviSynth 2.5
"Biet-O-Matic v2.8.3" = Biet-O-Matic v2.8.3
"Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
"Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
"Canon MG6100 series Benutzerregistrierung" = Canon MG6100 series Benutzerregistrierung
"Canon MP600 Benutzerregistrierung" = Canon MP600 Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"DivX Setup.divx.com" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Easy-PhotoPrint Pro
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 3.2.17.324
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.34.305
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 6.0 (x86 de)" = Mozilla Firefox 6.0 (x86 de)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSC" = McAfee SecurityCenter
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel(R) PROSet/Wireless Software
"Revo Uninstaller" = Revo Uninstaller 1.93
"TomTom HOME" = TomTom HOME 2.7.6.2056
"Uninstall_is1" = Uninstall 1.0.0.1
"VideoReDo-Plus_is1" = VideoReDo/Plus Version 2.5.6.512
"VLC media player" = VLC media player 1.0.5
"WBFS Manager 3.0" = WBFS Manager 3.0
"XMedia Recode" = XMedia Recode 3.0.0.0
"YTdetect" = Yahoo! Detect
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.08.2011 07:47:43 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 20.08.2011 07:53:28 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 20.08.2011 09:15:40 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 20.08.2011 09:30:38 | Computer Name = Marco-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.26.5 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: ff8 Anfangszeit: 01cc5f3d1e7d1d8f Zeitpunkt der Beendigung:
18
Error - 22.08.2011 14:33:15 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 24.08.2011 10:50:37 | Computer Name = Marco-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 24.08.2011 10:50:41 | Computer Name = Marco-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
Error - 24.08.2011 14:11:48 | Computer Name = Marco-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 24.08.2011 14:31:51 | Computer Name = Marco-PC | Source = Application Hang | ID = 1002
Description = Programm CCleaner.exe, Version 3.9.0.1493 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
das Problem zu suchen. Prozess-ID: 1794 Anfangszeit: 01cc6289502150c0 Zeitpunkt der
Beendigung: 18
Error - 24.08.2011 14:35:21 | Computer Name = Marco-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.26.5 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: c8c Anfangszeit: 01cc628c5779a090 Zeitpunkt der Beendigung:
31
[ OSession Events ]
Error - 25.09.2009 16:16:43 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.
Error - 25.09.2009 16:19:24 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 155
seconds with 120 seconds of active time. This session ended with a crash.
Error - 05.10.2009 08:05:35 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.
Error - 05.10.2009 08:08:30 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 169
seconds with 120 seconds of active time. This session ended with a crash.
Error - 05.10.2009 08:09:49 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.
Error - 05.10.2009 08:14:34 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.07.2010 12:52:23 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 25
seconds with 0 seconds of active time. This session ended with a crash.
Error - 10.12.2010 12:23:59 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 33
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.12.2010 15:43:29 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.
Error - 20.04.2011 10:43:39 | Computer Name = Marco-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 37
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 20.08.2011 07:27:59 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 07:34:28 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 07:46:05 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 07:51:50 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20.08.2011 09:13:45 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.08.2011 14:32:30 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.08.2011 14:36:15 | Computer Name = Marco-PC | Source = DCOM | ID = 10010
Description =
Error - 22.08.2011 14:36:15 | Computer Name = Marco-PC | Source = DCOM | ID = 10010
Description =
Error - 24.08.2011 14:05:38 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 24.08.2011 14:10:01 | Computer Name = Marco-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Leider musste ich beim CCleaner das häckchen bei internet explorer entfernen, denn wenn ich cleaner starten gesagt hab ist er bei 2% "verlauf internet explorer" hängen geblieben :-)! Warum ohne häckchen geht es komischer weise!? Java hab ich danach erfolgreich installiert:-)! Jetzt hab ich plötzlich so milchige 3 dateien auf mein desktop -WCThumb.tmb -desktop.ini -desktop.ini Was mach ich jetzt mit diese 3 Dateien/konfigurationseinstellung??? super anti Spyware programm ist in autostart aktiviert wenn ich laptop anmach, muss das sein? Was mach ich mit den sachen in Quarantäne, kann ich die löschen und dann programm wieder deinstallieren, oder brauch ich das Programm noch? Gruß Marco |
|
25.08.2011, 12:33
| #21 | ||||
| /// Helfer-Team | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus?Zitat:
IE 9: Tipps zu Internet Explorer 9 -> Wie kann ich den Verlauf, bzw. Cache im Internet Explorer leeren?: Zitat:
Zitat:
kannst wieder rückgängig machen! Zitat:
► Punkt 7. noch bitte:-> http://www.trojaner-board.de/102435-...tml#post694444 ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ --> Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? Geändert von kira (25.08.2011 um 12:40 Uhr) |
|
25.08.2011, 19:24
| #22 |
| | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? Hallo, also der Laptop läuft soweit gut! Manchmal hackt er, leider ist das lüfter geräusch unverändert hoch hab immernoch das gefühl das im hintergrund was läuft. in der sidebar ist ein multimeter und der zeigt bei corel1 und corel2 ca 80% an, daraufhin vermut ich ja das da irgendwas läuft?! Aber anscheind ist doch alles ok, sonst hättest du was endeckt, oder? übrigens hab ich im intnernet explorer verlauf usw manuel gelöscht. danach bin ich wieder auf CCleaner und siehe da er bleibt wieder bei verlauf von internet exploerer über eine std bei 2% hängen, hab dann wieder abgebrochen. :-(. wenn ich häcken beim internet explorer rausnehme, funktioniert das innerhalb 1 min mit ccleaner ! Gruß Marco |
|
25.08.2011, 19:37
| #23 |
| /// Helfer-Team | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? 1. Windows Defender: Parallel zu McAfee nicht Empfehlenswert aktiv laufen lassen, weil dadurch kommen sich die Beiden in die Quere. Bitte dich ihn so zu deaktivieren: -> Aktivieren und Deaktivieren von Windows Defender ► Nach einem Neustart (falls noch existirt) unter "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK -> Systemstart kontrolliere, ob mitläuft?! - ggf Häckhen rausnehmen 2. ► Rechtsklick auf HijackThis-> "Als administrator ausführen" wählen... lade Dir HijackThis 2.0.4 von *von hier* herunter HijackThis starten→ "Do a system scan and save a logfile" klicken→ das erhaltene Logfile "markieren" → "kopieren"→ hier in deinem Thread (rechte Maustaste) "einfügen"
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
25.08.2011, 19:55
| #24 |
| | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? Hallo, Windows Defender war nicht aktiviert. hier die gewünschte log datei Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:52:11, on 25.08.2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\DellTPad\Apoint.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\SetPoint\SetPoint.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\rundll32.exe C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe C:\Program Files\trend micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://de.search.yahoo.com/search?fr=mcafee&p=%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110515092528.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O4 - Global Startup: SetPoint.lnk = ? O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Marco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Personal Firewall-Dienst (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 11194 bytes |
|
26.08.2011, 03:24
| #25 |
| /// Helfer-Team | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? 1. Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ "Do a system scan only"→ Einträge auswählen→ Häckhen setzen→ "Fix checked" klicken→ PC neu aufstarten): HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen Code:
ATTFilter R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ÿþ127.0.0.1 localhost
Achtung!: Für die aufgelisteten Programme gelten zusätzlich, dass man nach Aktualisierung (AfterUpdate) erneut unter Start und Dienste nachkontrollieren muss! Empfehlungen/Vorschläge: Wie lange dauert die Startvorgang? Wenn du auf der Stelle ein schnelleres System haben möchtest: - Beim Hochfahren von Windows werden einige Programme mit gestartet, die sich (mit oder ohne Zustimmung des Users) im Autostart eingetragen haben - Je mehr Programme hier aufgeführt sind, umso langsamer startet Windows. Deshalb kann es sinnvoll sein, Software die man nicht unbedingt immer benötigt, aus dem Autostart zu entfernen. "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK" it-academy.cc pqtuning.de Laden von Programmen beim Start von Windows Vista verhindern - Bei allem Häkchen weg was nicht starten soll, aber immer nur einen deaktivieren (Haken weg), also Schrittweise -> Neustart... - Wird noch nach dem nächsten Neustart ein Hinweisfenster erscheinen, da ist ein Haken setzen : `Meldung nicht mehr anzeigen und dieses Programm beim Windows-Star nicht mehr starten` (Du kannst es jederzeit Rückgängig machen wenn du den Haken wieder reinmachst.) - Falls Du mal brauchst, manueller Start jederzeit möglich - Autostart-Einträge die Du nicht findest, kannst mit HJT fixen - Unter 04_Sektion - (*HijackThis Tutorial in German*): Alle Programme, Browser etc schließen→ HijackTis starten→ "Do a system scan only" anklicken→ Eintrag auswählen→ "Fix checked"klicken→ PC neu aufstarten HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen Code:
ATTFilter Du solltest nicht deaktivieren :
Grafiktreibers
Firewall
Antivirenprogramm
Sound
Gleich ein paar Vorschläge: Code:
ATTFilter O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
kannst auch mit HijackThis fixen: Code:
ATTFilter 08,09 und 018 Einträge - alle
- Überflüssige Dienste belasten nur den Prozessor und Arbeitsspeicher, daher ist es empfehlenswert solche Dienste ganz einfach abschalten: Code:
ATTFilter O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
mit der rechten Maustaste auf den Dienstnamen klicken→ wähle `Eigenschaften`→ `Starttyp`→ Deaktiviert, damit wird der Dienst ruhiggestellt. Den Dienst erst dann nur starten, wenn ein Programm ihn benötigt. - auf keinen Fall Grafiktreibers, Firewall und Anti-Viren-Programmen abschalten!! 5. poste erneut - nach der vorgenommenen Reinigungsaktion: TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!! ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
26.08.2011, 17:46
| #26 |
| | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? Hallo, zu punkt 1= wie kann ich HijackThis als admin ausführen, ich kann nur öffnen sagen, und wenn ich dann scanne kommt dieses hier "siehe Bild" :-(! O1 - Hosts: ÿþ127.0.0.1 localhost lässt sich nicht fixen, sowie 08, 09, 018 beiträge! Was mach ich falsch :-(? Gruß Marco |
|
27.08.2011, 05:37
| #27 |
| /// Helfer-Team | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? Rechtsklick auf HijackThis, "Als Administrator ausfüren" auswählen
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
27.08.2011, 11:53
| #28 |
| | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? geht nicht auswählen:-( , warum nicht ? Gruß Marco |
|
27.08.2011, 11:56
| #29 |
| | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? siehe screenshoot :-( |
|
27.08.2011, 13:03
| #30 |
| | Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? ups ging doch. hier nun die log´s von Punkt 5= Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:51:28, on 27.08.2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\DellTPad\Apoint.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\SetPoint\SetPoint.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\System32\mobsync.exe C:\Users\Marco\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://de.search.yahoo.com/search?fr=mcafee&p=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110515092528.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O4 - Global Startup: SetPoint.lnk = ? O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O15 - Trusted Zone: http://*.mcafee.com O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing) O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Personal Firewall-Dienst (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 7541 bytes Ich finde Laptop läuft etwas schneller, nur leider hört man immer noch stark den Lüfter, das war früher denk ich nicht :-(!? In Sidebar "Multimeter" ist corel1 und 2 immernoch bei 75-90%?! Soll ich noch etwas machen, wenn ja was :-)? Gruß Marco |
|
| Themen zu Laptop läuft ständig hoch und 3 updates von Win werden nicht Installiert, hab ich sowas wie Virus? |
| auslagerungsdatei, beendet, bild, cpu, device, fehler, hintergrund, home, intel, laptop, lüfter, nicht installiert, pagefile.sys, physikalischer speicher, probleme, programm, prozessor, screenshot, service, speicher, starten, updates, virus, virus?, win, windows, zone |
.
Linear-Darstellung
