| |
| |||||||
Log-Analyse und Auswertung: stimme die etwas von cookies und brownser erzähltWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.11.2011, 17:44
| #16 |
| /// Selecta Jahrusso   |  stimme die etwas von cookies und brownser erzählt Dann sollen dir diese Profis auch helfen, wie du in Zukunft dein System absicherst.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.11.2011, 18:17
| #17 |
 | stimme die etwas von cookies und brownser erzählt ich werde stammgast.....denn.....diese stimme spricht wieder....
__________________ich lade otl runter und bewahre die ruhe.... bis später  |
|
28.11.2011, 18:43
| #18 |
| | stimme die etwas von cookies und brownser erzählt OTL EXTRAS Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 28.11.2011 18:26:38 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Susanne\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,43 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 54,26% Memory free
6,85 Gb Paging File | 4,91 Gb Available in Paging File | 71,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424,66 Gb Total Space | 374,87 Gb Free Space | 88,28% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 20,49 Gb Free Space | 51,22% Space Free | Partition Type: NTFS
Computer Name: SUSANNE-PC | User Name: Susanne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02EE107B-8D95-4949-8935-4DEBE8F08BE3}" = Bing Bar Platform
"{040FF9BD-17BE-427B-85DD-67694FB8F786}" = Badoo Desktop
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2605461E-AB2E-49F5-8A16-64B7F3595030}" = 5600Trb
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 26
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3DB5FD00-BB93-4AF3-B925-77DAA0E4E2F4}" = eBay Toolbar
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}" = Firebird SQL Server - MAGIX Edition
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7DCBC3D8-8954-491D-A1B9-8C61C563B004}" = 5600_Help
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{CF346565-52CF-4985-B72A-C164A3B525C1}" = o2 Communication Center
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.5.0.8
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F2DC2589-C894-43DD-BA70-8FDCA7360584}" = 5600
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALDI Süd Foto Manager Free D" = ALDI Süd Foto Manager Free
"ALDI Süd Foto Service D" = ALDI Süd Foto Service
"Aldi Süd Fotoservice_is1" = Aldi Süd Fotoservice
"ALDI SÜD Mah Jong" = ALDI SÜD Mah Jong
"ALDI Süd Online Druck Service D" = ALDI Süd Online Druck Service
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"AVG Secure Search" = AVG Security Toolbar
"BabylonToolbar" = Babylon toolbar on IE
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"BullGuard" = BullGuard
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{CF346565-52CF-4985-B72A-C164A3B525C1}" = o2 Communication Center
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"MEDION Fotos auf CD & DVD SE Sued D" = MEDION Fotos auf CD & DVD SE Sued
"Message Faces for IE" = Message Faces für Internet Explorer (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"o2DE" = Mobile Connection Manager
"Picasa 3" = Picasa 3
"RegClean Pro_is1" = RegClean Pro
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TomTom HOME" = TomTom HOME 2.7.6.2056
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"TVWiz" = Intel(R) TV Wizard
"Visitenkarten in 2 Minuten" = Visitenkarten in 2 Minuten
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"X10Hardware" = X10 Hardware(TM)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Suche Schutzvorkehrung
"Yahoo! Software Update" = Yahoo! Software Update
"ZTE USB Driver" = ZTE USB Driver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.7.1
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 04.05.2011 13:17:00 | Computer Name = Susanne-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 04.05.2011 14:26:53 | Computer Name = Susanne-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 05.05.2011 06:47:01 | Computer Name = Susanne-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll". Fehler in Manifest- oder
Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 05.05.2011 09:29:53 | Computer Name = Susanne-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 06.05.2011 03:41:16 | Computer Name = Susanne-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 06.05.2011 07:43:06 | Computer Name = Susanne-PC | Source = RasClient | ID = 20227
Description =
Error - 07.05.2011 02:33:42 | Computer Name = Susanne-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 07.05.2011 04:40:39 | Computer Name = Susanne-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll". Fehler in Manifest- oder
Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 07.05.2011 06:03:34 | Computer Name = Susanne-PC | Source = VSS | ID = 8194
Description =
Error - 08.05.2011 14:39:52 | Computer Name = Susanne-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ Media Center Events ]
Error - 31.07.2011 09:04:07 | Computer Name = Susanne-PC | Source = MCUpdate | ID = 0
Description = 15:02:47 - Fehler beim Herstellen der Internetverbindung. 15:02:47
- Serververbindung konnte nicht hergestellt werden..
Error - 02.08.2011 05:01:42 | Computer Name = Susanne-PC | Source = MCUpdate | ID = 0
Description = 11:01:42 - Fehler beim Herstellen der Internetverbindung. 11:01:42
- Serververbindung konnte nicht hergestellt werden..
Error - 02.08.2011 05:01:53 | Computer Name = Susanne-PC | Source = MCUpdate | ID = 0
Description = 11:01:47 - Fehler beim Herstellen der Internetverbindung. 11:01:47
- Serververbindung konnte nicht hergestellt werden..
Error - 03.08.2011 05:45:22 | Computer Name = Susanne-PC | Source = MCUpdate | ID = 0
Description = 11:45:22 - Fehler beim Herstellen der Internetverbindung. 11:45:22
- Serververbindung konnte nicht hergestellt werden..
Error - 03.08.2011 05:45:47 | Computer Name = Susanne-PC | Source = MCUpdate | ID = 0
Description = 11:45:27 - Fehler beim Herstellen der Internetverbindung. 11:45:27
- Serververbindung konnte nicht hergestellt werden..
Error - 29.08.2011 05:11:10 | Computer Name = Susanne-PC | Source = MCUpdate | ID = 0
Description = 11:11:09 - Fehler beim Herstellen der Internetverbindung. 11:11:09
- Serververbindung konnte nicht hergestellt werden..
Error - 29.08.2011 05:11:32 | Computer Name = Susanne-PC | Source = MCUpdate | ID = 0
Description = 11:11:15 - Fehler beim Herstellen der Internetverbindung. 11:11:15
- Serververbindung konnte nicht hergestellt werden..
Error - 31.08.2011 06:11:42 | Computer Name = Susanne-PC | Source = MCUpdate | ID = 0
Description = 12:11:42 - Fehler beim Herstellen der Internetverbindung. 12:11:42
- Serververbindung konnte nicht hergestellt werden..
Error - 01.09.2011 05:41:38 | Computer Name = Susanne-PC | Source = MCUpdate | ID = 0
Description = 11:41:38 - Fehler beim Herstellen der Internetverbindung. 11:41:38
- Serververbindung konnte nicht hergestellt werden..
Error - 01.09.2011 05:41:55 | Computer Name = Susanne-PC | Source = MCUpdate | ID = 0
Description = 11:41:43 - Fehler beim Herstellen der Internetverbindung. 11:41:43
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 26.11.2011 15:30:01 | Computer Name = Susanne-PC | Source = DCOM | ID = 10016
Description =
Error - 26.11.2011 16:05:49 | Computer Name = Susanne-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "ESET Service" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 27.11.2011 04:41:07 | Computer Name = Susanne-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?27.?11.?2011 um 01:20:07 unerwartet heruntergefahren.
Error - 27.11.2011 04:41:28 | Computer Name = Susanne-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-1073473535.
Error - 27.11.2011 04:41:28 | Computer Name = Susanne-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 27.11.2011 05:33:47 | Computer Name = Susanne-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst WSearch erreicht.
Error - 27.11.2011 06:57:12 | Computer Name = Susanne-PC | Source = DCOM | ID = 10016
Description =
Error - 27.11.2011 06:57:12 | Computer Name = Susanne-PC | Source = DCOM | ID = 10016
Description =
Error - 28.11.2011 05:50:08 | Computer Name = Susanne-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?27.?11.?2011 um 23:35:39 unerwartet heruntergefahren.
Error - 28.11.2011 08:19:43 | Computer Name = Susanne-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?28.?11.?2011 um 12:07:26 unerwartet heruntergefahren.
< End of report >
|
|
28.11.2011, 18:44
| #19 |
| | stimme die etwas von cookies und brownser erzählt OTL Logfile: Code:
ATTFilter OTL logfile created on: 28.11.2011 18:26:38 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Susanne\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,43 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 54,26% Memory free 6,85 Gb Paging File | 4,91 Gb Available in Paging File | 71,62% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 424,66 Gb Total Space | 374,87 Gb Free Space | 88,28% Space Free | Partition Type: NTFS Drive D: | 40,00 Gb Total Space | 20,49 Gb Free Space | 51,22% Space Free | Partition Type: NTFS Computer Name: SUSANNE-PC | User Name: Susanne | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Susanne\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe () PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe (BullGuard Ltd.) PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil11c_ActiveX.exe (Adobe Systems, Inc.) PRC - C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe (Badoo) PRC - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe (BullGuard Ltd.) PRC - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) PRC - C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (BullGuard Ltd.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\SndVol.exe (Microsoft Corporation) PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation) PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D) PRC - C:\Program Files\Launch Manager\WButton.exe (Wistron Corp.) PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files\Common Files\X10\Common\X10nets.exe (X10) PRC - C:\Program Files\Launch Manager\WisLMSvc.exe (Wistron Corp.) PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Windows\System32\StikyNot.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files\Yahoo!\Messenger\yui.dll () MOD - C:\Program Files\Yahoo!\Messenger\pcre.dll () MOD - C:\Program Files\BullGuard Ltd\BullGuard\SQLite.dll () MOD - C:\Program Files\BullGuard Ltd\BullGuard\zlib1.dll () MOD - C:\Program Files\BullGuard Ltd\BullGuard\libxml2.dll () MOD - C:\Program Files\BullGuard Ltd\BullGuard\libbz2.dll () MOD - C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpBackupRes.dll () MOD - C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpMainRes.dll () MOD - C:\Program Files\WinRAR\RarExt.dll () ========== Win32 Services (SafeList) ========== SRV - (vToolbarUpdater) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe () SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (BsFire) -- C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll (BullGuard Ltd.) SRV - (BsScanner) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe (BullGuard Ltd.) SRV - (BsFileScan) -- C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll (BullGuard Ltd.) SRV - (BsBhvScan) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe (BullGuard Ltd.) SRV - (BsMailProxy) -- C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll (BullGuard Ltd.) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (BgRaSvc) -- C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe (BullGuard Ltd.) SRV - (BsBrowser) -- C:\Program Files\BullGuard Ltd\BullGuard\BsBrowser.dll (BullGuard Ltd.) SRV - (BsMain) -- C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll (BullGuard Ltd.) SRV - (BsUpdate) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (BullGuard Ltd.) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (TGCM_ImportWiFiSvc) -- C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D) SRV - (UNS) Intel(R) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (x10nets) -- C:\Program Files\Common Files\X10\Common\X10nets.exe (X10) SRV - (WisLMSvc) -- C:\Program Files\Launch Manager\WisLMSvc.exe (Wistron Corp.) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Driver Services (SafeList) ========== DRV - (SASKUTIL) -- File not found DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.) DRV - (NovaShieldFilterDriver) -- C:\Windows\System32\drivers\NSKernel.sys (NovaShield, Inc.) DRV - (NovaShieldTDIDriver) -- C:\Windows\System32\drivers\NSNetmon.sys (NovaShield, Inc.) DRV - (BdSpy) -- C:\Windows\System32\drivers\BdSpy.sys (BullGuard Ltd.) DRV - (Trufos) -- C:\Windows\System32\drivers\Trufos.sys (BitDefender S.R.L.) DRV - (afwcore) -- C:\Windows\System32\drivers\AfwCore.sys (Agnitum Ltd.) DRV - (AFW) -- C:\Windows\System32\drivers\Afw.sys (Agnitum Ltd.) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (Profos) -- C:\Program Files\BullGuard Ltd\BullGuard\Antirootkit\profos.sys (BitDefender S.R.L.) DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated) DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated) DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated) DRV - (Impcd) -- C:\Windows\system32\DRIVERS\Impcd.sys (Intel Corporation) DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation ) DRV - (IntcDAud) Intel(R) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation) DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated) DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.) DRV - (HECI) Intel(R) -- C:\Windows\system32\DRIVERS\HECI.sys (Intel Corporation) DRV - (RSUSBSTOR) -- C:\Windows\System32\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (XUIF) -- C:\Windows\System32\Drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (X10Hid) -- C:\Windows\System32\Drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (massfilter_hs) -- C:\Windows\System32\drivers\massfilter_hs.sys (ZTE Incorporated) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Windows Live Startseite IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Willkommen bei Facebook - anmelden, registrieren oder mehr erfahren [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Willkommen bei Facebook - anmelden, registrieren oder mehr erfahren IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7 FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Susanne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.7.1: C:\Users\Susanne\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll (Yahoo! Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.05.29 17:23:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\antiphishing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard\ [2011.08.22 07:13:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.06.08 21:10:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.06.08 21:11:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.05.29 17:23:33 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin [2010.08.15 19:24:26 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\TbSpamfilter [2011.01.24 17:20:14 | 000,000,000 | ---D | M] [2011.02.17 16:45:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Susanne\AppData\Roaming\mozilla\Extensions [2011.02.17 16:45:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Susanne\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011.02.17 16:57:54 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM ========== Chrome ========== CHR - default_search_provider: Search (Enabled) CHR - default_search_provider: search_url = hxxp://badoo.com/startpage/?source=bsb&q={searchTerms} CHR - default_search_provider: suggest_url = O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (eBay Toolbar Helper) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll (eBay Inc.) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll () O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Message Faces for Internet Explorer) - {E3758FC2-BB95-4B86-84BF-D91F4748EC75} - C:\Program Files\Message Faces for Internet Explorer\x86\messagefaces-ie.dll () O2 - BHO: (BGAntiphishingBHO Class) - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll (BullGuard Ltd.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (eBay Toolbar) - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll (eBay Inc.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.) O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.) O4 - HKCU..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe (Badoo) O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation) O4 - HKCU..\RunOnce: [1128_1751241477095] "C:\Users\Susanne\AppData\Local\LOGMEI~1\LMIR0001.tmp_r.bat" File not found O4 - HKCU..\RunOnce: [1128_17545731477095] C:\Users\Susanne\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp_r.bat () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Suche - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll (eBay Inc.) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O9 - Extra Button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: resultado.de ([www] http in Trusted sites) O15 - HKCU\..Trusted Domains: resultado.de ([www] https in Trusted sites) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{064F9517-67E7-49FB-942F-80C3D3AD4FFE}: DhcpNameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{142F2D10-AFAC-4319-8B97-F2F9242E1639}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C656E6C-B02A-465C-9DE5-B0FAD9B5B6C3}: DhcpNameServer = 61.177.7.1 218.104.32.106 168.95.1.1 O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll () O20 - AppInit_DLLs: (BgGamingMonitor.dll) -C:\Windows\System32\BgGamingMonitor.dll (BullGuard Ltd.) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{688fdbc3-7c02-11e0-9710-1c4bd6669316}\Shell - "" = AutoRun O33 - MountPoints2\{688fdbc3-7c02-11e0-9710-1c4bd6669316}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{688fdbdf-7c02-11e0-9710-1c4bd6669316}\Shell - "" = AutoRun O33 - MountPoints2\{688fdbdf-7c02-11e0-9710-1c4bd6669316}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{688fdbeb-7c02-11e0-9710-1c4bd6669316}\Shell - "" = AutoRun O33 - MountPoints2\{688fdbeb-7c02-11e0-9710-1c4bd6669316}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {93E3ED2D-D21E-4F70-97FD-50142AC20F65} - Message Faces ActiveX: {A02582F5-E644-485B-B4EA-92AE0787A573} - Bing Bar ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{AFE5DE5B-DDD6-4FF3-A1E0-503C573EF398} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.11.28 18:19:06 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Susanne\Desktop\OTL.exe [2011.11.28 15:16:35 | 000,000,000 | ---D | C] -- C:\Users\Susanne\AppData\Local\LogMeIn Rescue Applet [2011.11.27 19:55:18 | 000,000,000 | ---D | C] -- C:\Users\Susanne\AppData\Roaming\Systweak [2011.11.27 19:55:17 | 000,017,280 | ---- | C] (Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free)) -- C:\Windows\System32\roboot.exe [2011.11.27 19:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro [2011.11.27 19:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean Pro [2011.11.27 10:23:07 | 000,000,000 | ---D | C] -- C:\Firefox [2011.11.27 10:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com [2011.11.27 10:22:58 | 000,000,000 | ---D | C] -- C:\Users\Susanne\AppData\Local\APN [2011.11.27 10:22:50 | 000,000,000 | ---D | C] -- C:\Users\Susanne\AppData\Roaming\SUPERAntiSpyware.com [2011.11.27 10:22:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.11.27 10:15:30 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2011.11.27 10:15:28 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2011.11.27 10:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012 [2011.11.27 10:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search [2011.11.27 10:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search [2011.11.27 10:15:17 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2011.11.27 10:14:47 | 000,000,000 | ---D | C] -- C:\Users\Susanne\AppData\Roaming\TuneUp Software [2011.11.27 10:14:39 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012 [2011.11.27 10:14:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2011.11.27 10:14:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2011.11.19 14:27:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.11.19 14:25:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011.11.13 10:42:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion [2011.11.13 10:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger [2011.11.11 23:48:24 | 000,082,776 | ---- | C] (BullGuard Ltd.) -- C:\Windows\System32\BGLsp.dll [2011.11.09 09:27:15 | 002,341,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.11.03 17:57:37 | 000,000,000 | ---D | C] -- C:\Users\Susanne\AppData\Roaming\Dropbox [2011.10.30 16:41:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.10.30 16:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010.08.25 18:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.11.28 18:19:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Susanne\Desktop\OTL.exe [2011.11.28 17:43:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.11.28 17:41:03 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3931819473-1015904090-4264431469-1001UA.job [2011.11.28 15:02:12 | 000,000,268 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job [2011.11.28 14:43:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.11.28 13:27:01 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.11.28 13:27:01 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.11.28 13:19:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.11.28 13:19:36 | 2760,847,360 | -HS- | M] () -- C:\hiberfil.sys [2011.11.27 23:10:54 | 000,003,560 | ---- | M] () -- C:\Users\Susanne\AppData\Roaming\wklnhst.dat [2011.11.27 20:41:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3931819473-1015904090-4264431469-1001Core.job [2011.11.27 20:10:51 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job [2011.11.27 19:55:16 | 000,000,976 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk [2011.11.27 10:15:25 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2011.11.27 10:15:25 | 000,002,103 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk [2011.11.26 20:59:56 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.11.25 09:42:50 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.11.25 09:42:50 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.11.25 09:42:50 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.11.25 09:42:50 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.11.19 16:45:00 | 000,022,849 | ---- | M] () -- C:\Users\Susanne\AppData\Roaming\UserTile.png [2011.11.19 14:27:36 | 000,001,717 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.11.18 14:13:54 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2011.11.18 14:13:54 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2011.11.18 12:27:43 | 000,019,919 | ---- | M] () -- C:\Users\Susanne\Documents\HermesPaketschein.pdf [2011.11.17 10:43:41 | 000,002,254 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011.11.13 10:42:11 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk [2011.11.12 11:59:12 | 000,013,503 | ---- | M] () -- C:\Users\Susanne\Documents\MY_AUDIO_092110_1.p2g [2011.11.11 23:48:21 | 000,082,776 | ---- | M] (BullGuard Ltd.) -- C:\Windows\System32\BGLsp.dll [2011.11.09 14:59:22 | 000,384,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.11.05 18:20:51 | 000,011,503 | ---- | M] () -- C:\Users\Susanne\Documents\dido.p2g [2011.11.05 13:39:54 | 000,014,947 | ---- | M] () -- C:\Users\Susanne\Documents\salon.jpg [2011.10.30 16:41:15 | 000,001,779 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.10.30 16:36:26 | 000,001,768 | ---- | M] () -- C:\Windows\System32\mapisvc.inf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.11.27 19:55:24 | 000,000,276 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job [2011.11.27 19:55:24 | 000,000,268 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job [2011.11.27 19:55:16 | 000,000,976 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk [2011.11.27 10:15:25 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2011.11.27 10:15:25 | 000,002,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk [2011.11.27 10:15:25 | 000,002,103 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk [2011.11.19 14:27:36 | 000,001,717 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.11.18 12:27:43 | 000,019,919 | ---- | C] () -- C:\Users\Susanne\Documents\HermesPaketschein.pdf [2011.11.13 10:42:11 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk [2011.11.12 10:46:43 | 000,014,947 | ---- | C] () -- C:\Users\Susanne\Documents\salon.jpg [2011.11.05 16:10:08 | 000,011,503 | ---- | C] () -- C:\Users\Susanne\Documents\dido.p2g [2011.10.30 16:41:15 | 000,001,779 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.09.13 13:56:17 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll [2011.05.07 13:30:47 | 000,022,849 | ---- | C] () -- C:\Users\Susanne\AppData\Roaming\UserTile.png [2011.01.08 10:40:18 | 000,349,696 | ---- | C] () -- C:\Windows\System32\mss32.dll [2011.01.08 10:39:53 | 000,005,120 | ---- | C] () -- C:\Windows\System32\HTWeb.dll [2011.01.08 10:39:48 | 000,073,728 | ---- | C] () -- C:\Windows\System32\HTSound.dll [2011.01.08 10:38:59 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HTDirect3D.dll [2011.01.08 10:38:58 | 000,491,520 | ---- | C] () -- C:\Windows\System32\HT3DHeaven.dll [2011.01.08 10:37:25 | 000,746,820 | ---- | C] () -- C:\Windows\System32\temp.dat [2011.01.08 10:37:25 | 000,000,042 | ---- | C] () -- C:\Windows\System32\tempversion.dat [2011.01.08 10:37:22 | 000,087,316 | ---- | C] () -- C:\Windows\System32\NotifyMsg.dat [2011.01.08 10:36:59 | 000,983,040 | ---- | C] () -- C:\Windows\System32\Update.exe [2011.01.08 10:36:59 | 000,000,013 | ---- | C] () -- C:\Windows\System32\Patcher.dat [2010.08.25 19:30:02 | 000,127,868 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin [2010.08.25 19:30:00 | 000,870,560 | ---- | C] () -- C:\Windows\System32\igkrng575.bin [2010.08.25 19:30:00 | 000,104,796 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin [2010.06.08 20:40:49 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010.06.07 16:58:41 | 000,003,560 | ---- | C] () -- C:\Users\Susanne\AppData\Roaming\wklnhst.dat [2010.05.29 17:20:01 | 000,023,688 | ---- | C] () -- C:\Windows\hpqins15.dat [2010.05.29 17:13:54 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp [2010.05.21 13:37:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.05.21 13:05:41 | 000,245,569 | ---- | C] () -- C:\Windows\hpoins19.dat [2010.05.21 13:05:41 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2010.03.13 16:21:11 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2010.03.02 08:30:57 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2010.03.02 08:30:00 | 000,072,017 | ---- | C] () -- C:\Windows\System32\Uninstall ALDI SÜD Mah Jong.exe [2010.03.02 06:40:12 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32_setup.exe [2010.03.02 06:40:12 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe [2010.03.02 06:39:10 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2010.03.02 05:59:45 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll [2010.03.02 05:59:44 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll [2010.03.02 05:59:42 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009.07.14 09:47:43 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 09:47:43 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 05:33:53 | 000,384,240 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 03:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 03:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat ========== LOP Check ========== [2010.07.03 23:28:11 | 000,000,000 | -HSD | M] -- C:\Users\Susanne\AppData\Roaming\.# [2010.07.01 09:44:17 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\ALDI_SUED_Mah_Jong [2010.08.14 09:29:31 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\Amazon [2011.11.23 23:21:12 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\BOM [2011.11.28 13:44:42 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\BullGuard [2011.11.05 11:25:15 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\Dropbox [2010.06.20 08:17:12 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\eBay [2010.12.29 13:43:32 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\Gutscheinmieze [2011.02.12 12:12:47 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\SF Software [2011.01.24 17:26:19 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\Software Inspection Library [2011.11.27 19:55:18 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\Systweak [2011.03.14 13:13:33 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\Telefónica [2010.06.07 16:58:58 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\Template [2011.02.17 16:45:29 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\TomTom [2011.11.27 10:14:47 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\TuneUp Software [2010.12.06 16:44:45 | 000,000,000 | ---D | M] -- C:\Users\Susanne\AppData\Roaming\Windows Live Writer [2011.11.27 20:41:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3931819473-1015904090-4264431469-1001Core.job [2011.11.28 17:41:03 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3931819473-1015904090-4264431469-1001UA.job [2011.11.28 15:02:12 | 000,000,268 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job [2011.11.27 20:10:51 | 000,000,276 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_UPDATES.job [2011.11.05 11:25:24 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2010.06.30 08:13:15 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2011.11.28 13:31:08 | 000,000,000 | -H-D | M] -- C:\Config.Msi [2010.05.21 09:31:46 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.11.27 10:23:07 | 000,000,000 | ---D | M] -- C:\Firefox [2010.03.13 16:18:30 | 000,000,000 | ---D | M] -- C:\Intel [2010.03.02 06:45:42 | 000,000,000 | RH-D | M] -- C:\MSOCache [2011.11.28 18:09:52 | 000,000,000 | ---D | M] -- C:\Program Files [2011.11.27 10:22:50 | 000,000,000 | -H-D | M] -- C:\ProgramData [2010.05.21 09:31:46 | 000,000,000 | -HSD | M] -- C:\Programme [2010.05.21 09:31:46 | 000,000,000 | -HSD | M] -- C:\Recovery [2011.11.28 18:31:15 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2010.05.21 09:31:54 | 000,000,000 | R--D | M] -- C:\Users [2011.11.27 10:14:02 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: EXPLORER.EXE > [2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_f4050b883d2c3c08\regedit.exe < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-25 08:33:29 < > < End of report > |
|
28.11.2011, 21:14
| #20 |
| /// Selecta Jahrusso | stimme die etwas von cookies und brownser erzählt Willst du jetzt doch meine Hilfe ? Wirst auf Google auch umgeleitet ? Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Auf deinem Desktop wird eine MBR.dat erstellt. Bitte rechtsklick auf diese --> Senden an --> Zip komprimierten Ordner und hänge diese .zip Datei bitte hier an.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.11.2011, 21:48
| #21 |
| | stimme die etwas von cookies und brownser erzählt Starte die aswMBR.exe Vista und Win7 User mit Rechtsklick "als Admininstartor starten" Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Nein. Klicke auf Scan Warte bitte bis Scan finished successfully im DOS Fenster steht. Drücke auf Save Log und speichere diese auf dem nachdem ich mbr gestartet habe, erscheint das feld.......ohne frage ob ich eine virendefinion scannen will..... nachdem ich auf scan drücke, bekomme ich ein feld.......diese infos kann ich durch keinen mausklick auf dem desktop speichern.... wieder mal brett vor dem kopf |
|
28.11.2011, 22:18
| #22 |
| /// Selecta Jahrusso | stimme die etwas von cookies und brownser erzählt Ey, lesen solltest du schon auch Warte bitte bis Scan finished successfully im DOS Fenster steht. Drücke auf Save Log und speichere diese auf dem Desktop
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.11.2011, 22:21
| #23 |
| | stimme die etwas von cookies und brownser erzählt aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-28 22:18:52 ----------------------------- 22:18:52.005 OS Version: Windows 6.1.7601 Service Pack 1 22:18:52.005 Number of processors: 4 586 0x2502 22:18:52.008 ComputerName: SUSANNE-PC UserName: Susanne 22:18:53.502 Initialize success 22:18:57.823 AVAST engine defs: 11112802 22:20:32.666 The log file has been saved successfully to "C:\Users\Susanne\Desktop\aswMBR.txt" |
|
28.11.2011, 22:24
| #24 |
| | stimme die etwas von cookies und brownser erzählt das wird die .....unendliche geschichte..... wäre doch jetzt skype hier integriert...:-( |
|
28.11.2011, 22:42
| #25 |
| /// Selecta Jahrusso | stimme die etwas von cookies und brownser erzählt Starte aswMBR erneut, und folge meinen Anweisungen wie oben beschrieben. Ich gebe keinen Support über Messenger
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.11.2011, 22:48
| #26 |
| | stimme die etwas von cookies und brownser erzählt aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-28 22:18:52 ----------------------------- 22:18:52.005 OS Version: Windows 6.1.7601 Service Pack 1 22:18:52.005 Number of processors: 4 586 0x2502 22:18:52.008 ComputerName: SUSANNE-PC UserName: Susanne 22:18:53.502 Initialize success 22:18:57.823 AVAST engine defs: 11112802 22:20:32.666 The log file has been saved successfully to "C:\Users\Susanne\Desktop\aswMBR.txt" aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-28 22:25:46 ----------------------------- 22:25:46.900 OS Version: Windows 6.1.7601 Service Pack 1 22:25:46.901 Number of processors: 4 586 0x2502 22:25:46.904 ComputerName: SUSANNE-PC UserName: Susanne 22:25:48.015 Initialze error C000010E - driver not loaded 22:25:48.154 write error "aswCmnB.dll". Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. 22:25:48.263 AVAST engine defs: 11112802 22:26:05.774 The log file has been saved successfully to "C:\Users\Susanne\Desktop\aswMBR.txt" aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-28 22:32:52 ----------------------------- 22:32:52.753 OS Version: Windows 6.1.7601 Service Pack 1 22:32:52.754 Number of processors: 4 586 0x2502 22:32:52.756 ComputerName: SUSANNE-PC UserName: Susanne 22:32:54.349 Initialze error C000010E - driver not loaded 22:32:54.502 write error "aswCmnB.dll". Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. 22:32:54.620 AVAST engine defs: 11112802 22:33:13.554 The log file has been saved successfully to "C:\Users\Susanne\Desktop\aswMBR.txt" |
|
28.11.2011, 22:51
| #27 |
| | stimme die etwas von cookies und brownser erzählt scheint nicht das zu sein, was du möchest..bzw. was ich dir senden kann.... |
|
28.11.2011, 23:05
| #28 |
| | stimme die etwas von cookies und brownser erzählt nochmal versucht.... aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-28 22:18:52 ----------------------------- 22:18:52.005 OS Version: Windows 6.1.7601 Service Pack 1 22:18:52.005 Number of processors: 4 586 0x2502 22:18:52.008 ComputerName: SUSANNE-PC UserName: Susanne 22:18:53.502 Initialize success 22:18:57.823 AVAST engine defs: 11112802 22:20:32.666 The log file has been saved successfully to "C:\Users\Susanne\Desktop\aswMBR.txt" aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-28 22:25:46 ----------------------------- 22:25:46.900 OS Version: Windows 6.1.7601 Service Pack 1 22:25:46.901 Number of processors: 4 586 0x2502 22:25:46.904 ComputerName: SUSANNE-PC UserName: Susanne 22:25:48.015 Initialze error C000010E - driver not loaded 22:25:48.154 write error "aswCmnB.dll". Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. 22:25:48.263 AVAST engine defs: 11112802 22:26:05.774 The log file has been saved successfully to "C:\Users\Susanne\Desktop\aswMBR.txt" aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-28 22:32:52 ----------------------------- 22:32:52.753 OS Version: Windows 6.1.7601 Service Pack 1 22:32:52.754 Number of processors: 4 586 0x2502 22:32:52.756 ComputerName: SUSANNE-PC UserName: Susanne 22:32:54.349 Initialze error C000010E - driver not loaded 22:32:54.502 write error "aswCmnB.dll". Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. 22:32:54.620 AVAST engine defs: 11112802 22:33:13.554 The log file has been saved successfully to "C:\Users\Susanne\Desktop\aswMBR.txt" aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-28 22:57:58 ----------------------------- 22:57:58.740 OS Version: Windows 6.1.7601 Service Pack 1 22:57:58.740 Number of processors: 4 586 0x2502 22:57:58.742 ComputerName: SUSANNE-PC UserName: Susanne 22:57:59.675 Initialize success 22:57:59.814 write error "aswCmnB.dll". Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. 22:58:03.545 AVAST engine defs: 11112802 22:58:17.264 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 22:58:17.267 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3 22:58:17.308 Disk 0 MBR read successfully 22:58:17.312 Disk 0 MBR scan 22:58:17.405 Disk 0 Windows 7 default MBR code 22:58:17.436 Disk 0 scanning sectors +976771072 22:58:17.550 Disk 0 scanning C:\Windows\system32\drivers 22:58:39.492 Service scanning 22:58:40.596 Modules scanning 22:59:01.039 Disk 0 trace - called modules: 22:59:01.063 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 22:59:01.070 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8815b740] 22:59:01.404 3 CLASSPNP.SYS[8c99759e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x861eb028] 22:59:02.375 AVAST engine scan C:\Windows 22:59:10.802 AVAST engine scan C:\Windows\system32 23:02:44.429 AVAST engine scan C:\Windows\system32\drivers 23:03:06.471 AVAST engine scan C:\Users\Susanne 23:04:20.478 Disk 0 MBR has been saved successfully to "C:\Users\Susanne\Desktop\MBR.dat" 23:04:20.587 The log file has been saved successfully to "C:\Users\Susanne\Desktop\aswMBR.txt" |
|
28.11.2011, 23:05
| #29 |
| /// Selecta Jahrusso | stimme die etwas von cookies und brownser erzählt Hast du die aswMBR.exe mit Rechtsklick "als admin ausführen" gestartet ?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.11.2011, 23:09
| #30 |
| | stimme die etwas von cookies und brownser erzählt ja....habe die datei paar mal geladen..und immer wieder... es kam nur das heraus.... mit rechtsklick adm. oder 2 mal angeklickt ...war das gleiche.... |
|
| Themen zu stimme die etwas von cookies und brownser erzählt |
| anderes, automatisch, computer, cookies, einiger, entfernt, ertönt, gefangen, gen, gescannt, gestern, heute, installiert, link, neu, rojaner gefunden, scan, seite, sprache, superantispyware, troja, trojaner, trojaner gefunden, tune up, verschickt, virenscan, virus |
Linear-Darstellung
