Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
aus sicherheitsgründen ist ihr windows system blockiert

aus sicherheitsgründen ist ihr windows system blockiert


Plagegeister aller Art und deren Bekämpfung: aus sicherheitsgründen ist ihr windows system blockiert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.02.2012, 19:10   #1
asmarino
 
aus sicherheitsgründen ist ihr windows system blockiert - Standard

aus sicherheitsgründen ist ihr windows system blockiert


hallo zusammen,
ich habe mich bei den problemen andere durch gelesen die dasselbe problem mit mir teilen
bei mir kommt auch seit gestern die meldung(aus sicherheitsgründen ist ihr windows system blockiert) und ich kann danach nichts mehr tun ausser herunterfahren!
bitte um Hilfe
MfG,
Asmarino

Alt 14.02.2012, 19:20   #2
markusg
/// Malware-holic
 
aus sicherheitsgründen ist ihr windows system blockiert - Standard

aus sicherheitsgründen ist ihr windows system blockiert


hi,
neustart, f8 drücken abgesicherter modus mit netzwerk wählen.
im infiziertem konto anmelden.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________
Alt 14.02.2012, 21:12   #3
asmarino
 
aus sicherheitsgründen ist ihr windows system blockiert - Standard

aus sicherheitsgründen ist ihr windows system blockiert


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2012/02/14 08:50:11 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\****\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00001C09 | Country: Südafrika | Language: ENS | Date Format: yyyy/MM/dd
 
2.99 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 55.60% Memory free
6.21 Gb Paging File | 4.94 Gb Available in Paging File | 79.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.86 Gb Total Space | 168.08 Gb Free Space | 58.59% Space Free | Partition Type: NTFS
Drive Q: | 9.77 Gb Total Space | 3.13 Gb Free Space | 32.02% Space Free | Partition Type: NTFS
Drive S: | 1.46 Gb Total Space | 0.65 Gb Free Space | 44.48% Space Free | Partition Type: NTFS
 
Computer Name: ***** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/02/14 20:37:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jojo\Desktop\OTL.exe
PRC - [2011/12/15 15:00:00 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/12/15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011/12/15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/12/15 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/07/25 22:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\System Update\SUService.exe
PRC - [2010/12/10 17:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2010/12/10 17:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2009/08/18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 10:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/04/11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008/10/19 13:30:02 | 000,222,456 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2008/08/26 12:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) -- C:\Programme\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2008/08/08 11:13:12 | 000,053,325 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2008/08/07 12:23:34 | 000,558,368 | ---- | M] (Lenovo) -- C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2008/08/07 12:23:18 | 000,238,880 | ---- | M] (Lenovo) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2008/08/07 12:23:16 | 000,116,000 | ---- | M] (Lenovo) -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2008/08/06 11:46:38 | 000,069,632 | ---- | M] (Lenovo) -- C:\Programme\ThinkPad\ConnectUtilities\ACGadgetWrapper.exe
PRC - [2008/07/30 20:00:00 | 000,060,192 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\NPDIRECT\tpfnf7sp.exe
PRC - [2008/07/21 04:19:50 | 002,701,880 | ---- | M] (Conexant) -- C:\Programme\CONEXANT\SmartAudio\SmAudio.exe
PRC - [2008/05/24 16:17:54 | 000,520,192 | ---- | M] () -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2008/03/14 02:08:38 | 000,054,560 | ---- | M] (Lenovo.) -- C:\Programme\Lenovo\HOTKEY\FnF5svc.exe
PRC - [2008/03/11 05:33:02 | 000,054,560 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe
PRC - [2008/01/21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008/01/16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/10/12 17:08:28 | 000,034,352 | ---- | M] (Lenovo) -- C:\Programme\Lenovo\PM Driver\PMHandler.exe
PRC - [2007/09/26 17:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- c:\Programme\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) -- C:\Programme\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/04/26 18:10:00 | 000,120,368 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\LenovoCare\LPMGR.EXE
PRC - [2007/03/13 09:05:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Programme\Lenovo\Drag-to-Disc\DrgToDsc.exe
PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/05/24 13:33:32 | 000,057,344 | ---- | M] (Lenovo) -- C:\Programme\Lenovo\PM Driver\PMSveH.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2008/09/28 18:18:32 | 000,139,264 | ---- | M] () -- c:\Programme\Common Files\Lenovo\CDRecord.dll
MOD - [2007/06/18 16:28:44 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL
MOD - [2006/05/24 13:33:32 | 000,024,576 | ---- | M] () -- C:\Programme\Lenovo\PM Driver\PMHlerIO.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (SessionLauncher)
SRV - [2012/02/13 18:49:40 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2011/12/15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/12/15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/07/25 22:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008/10/19 13:30:02 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/08/26 12:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2008/08/08 11:13:12 | 000,053,325 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2008/08/07 12:23:18 | 000,238,880 | ---- | M] (Lenovo) [Auto | Running] -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2008/08/07 12:23:16 | 000,116,000 | ---- | M] (Lenovo) [Auto | Running] -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2008/05/24 16:17:54 | 000,520,192 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2008/05/24 15:28:20 | 000,253,952 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe -- (TVT_UpdateMonitor)
SRV - [2008/04/25 08:18:10 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2008/04/25 08:18:02 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2008/04/25 08:16:04 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008/04/25 08:15:58 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008/04/25 08:15:24 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008/03/14 02:08:38 | 000,054,560 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/09/26 17:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/08/22 22:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 22:35:00 | 000,243,064 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/21 09:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/05/24 13:33:32 | 000,057,344 | ---- | M] (Lenovo) [Auto | Running] -- C:\Programme\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012/02/13 18:55:54 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/12/15 15:00:00 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/12/15 15:00:00 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/12/15 15:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/01/29 05:38:41 | 000,030,144 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2008/08/20 15:55:34 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2008/08/07 10:01:44 | 000,097,536 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/07/25 09:31:00 | 007,547,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/30 19:26:46 | 000,974,336 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vm331avs.sys -- (vm331avs)
DRV - [2008/06/25 21:05:06 | 000,044,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/05/24 15:28:22 | 000,048,192 | ---- | M] (Lenovo) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon)
DRV - [2008/05/21 16:35:24 | 000,220,160 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/05/12 10:04:04 | 000,013,480 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2008/04/18 16:40:24 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008/03/14 14:23:12 | 000,169,008 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/02/22 15:54:40 | 000,037,312 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2008/01/21 03:23:26 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/10/18 08:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/08/19 10:00:00 | 000,865,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070820.048\NAVEX15.SYS -- (NAVEX15)
DRV - [2007/08/19 10:00:00 | 000,081,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070820.048\NAVENG.SYS -- (NAVENG)
DRV - [2007/08/16 23:23:00 | 000,446,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/08/12 22:50:00 | 000,188,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/08/12 22:50:00 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/08/09 02:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2007/08/09 02:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIM)
DRV - [2007/08/08 01:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/07/30 08:43:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/07/30 08:43:00 | 000,278,576 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/07/30 08:43:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/06/18 16:29:52 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2007/06/18 16:29:10 | 000,035,064 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/06/18 16:29:08 | 000,093,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/06/18 16:29:06 | 000,098,136 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/06/18 16:29:04 | 000,026,744 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/06/18 16:28:58 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/06/18 16:28:54 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/06/18 16:28:52 | 000,105,048 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/3000notebook [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2011.02.18
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?sourceid=navclient&hl=de&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011/06/23 14:22:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/12 12:58:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/02 19:43:46 | 000,000,000 | ---D | M]
 
[2009/07/27 21:42:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jojo\AppData\Roaming\mozilla\Extensions
[2009/07/23 14:15:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\extensions
[2009/07/23 14:15:02 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2012/02/14 20:12:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions
[2010/10/25 22:50:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/06 12:44:59 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/07/28 20:20:58 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/01/19 21:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/07/27 21:41:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/06/28 21:19:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/28 12:36:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/15 11:05:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/19 21:09:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/08/01 16:35:35 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/09/18 11:35:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/12/02 12:47:11 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/06/28 21:19:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/28 12:36:37 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/15 11:05:49 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/19 21:09:26 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/06/23 14:22:23 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/24 22:27:07 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/10/24 22:27:07 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010/10/24 22:27:07 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/10/24 22:27:07 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/10/24 22:27:07 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Reg Error: Value error.) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [isCfgWiz] C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe (Symantec Corporation)
O4 - HKLM..\Run: [LPManager] C:\Programme\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMHandler] C:\Programme\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE (Conexant)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jojo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jojo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F1FBBBE-916B-4F2A-8A59-B3A750DA6328}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jojo\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jojo\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk Q:\
O32 - Unable to obtain root file information for disk S:\
O33 - MountPoints2\{0ad29fa2-77a8-11de-a5d2-002269fa77dc}\Shell - "" = AutoRun
O33 - MountPoints2\{0ad29fa2-77a8-11de-a5d2-002269fa77dc}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{4df9f63f-c146-11de-878f-002269fa77dc}\Shell\AutoRun\command - "" = C:\Windows\System32\setupSNK.exe -- [2008/01/21 03:23:31 | 000,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{5f8020b6-edb9-11dd-946c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5f8020b6-edb9-11dd-946c-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2008/07/21 17:09:40 | 000,262,144 | -HS- | M] (Lenovo Group Limited)
O33 - MountPoints2\{7e13df0b-052f-11e0-9384-002269fa77dc}\Shell\AutoRun\command - "" = D:\Setup.exe
O33 - MountPoints2\{df9b7957-edfd-11dd-bf9c-001eec9b575b}\Shell - "" = AutoRun
O33 - MountPoints2\{df9b7957-edfd-11dd-bf9c-001eec9b575b}\Shell\AutoRun\command - "" = S:\LenovoSDrive.exe -- [2008/07/29 23:37:58 | 000,180,224 | -HS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/02/14 20:37:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Jojo\Desktop\OTL.exe
[2012/02/14 20:30:29 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\Systweak
[2012/02/14 20:30:26 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2012/02/14 20:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2012/02/14 20:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean Pro
[2012/02/13 19:07:38 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\Symantec
[2012/02/13 18:57:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012/02/13 18:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2012/02/13 18:44:34 | 000,123,952 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012/02/13 18:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/02/13 18:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/02/13 18:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/01/31 13:07:51 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\Avira
[2012/01/31 13:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/01/31 13:02:04 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012/01/31 13:02:03 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012/01/31 13:02:03 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/01/31 13:02:03 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012/01/31 13:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/01/31 13:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012/01/26 18:22:28 | 000,000,000 | ---D | C] -- C:\Users\Jojo\Desktop\fh-youssef
[2012/01/26 00:38:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/01/25 14:55:17 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/01/25 14:51:39 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/25 14:51:39 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/25 14:50:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/01/25 14:44:09 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/01/25 14:44:09 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/01/25 14:44:03 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/25 14:43:58 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/01/25 14:38:07 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/01/25 14:38:07 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012/01/25 14:38:07 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/01/25 14:38:07 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/01/25 14:38:07 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/01/25 14:38:07 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/01/25 14:38:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/01/25 14:37:38 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/25 14:37:37 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/25 14:30:00 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2009/01/29 05:12:28 | 000,131,072 | ---- | C] ( ) -- C:\Windows\vm331Rmv.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/02/14 21:00:26 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6FF9BD54-1422-4C31-9E6F-4FA3618527A5}.job
[2012/02/14 20:49:00 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/02/14 20:37:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jojo\Desktop\OTL.exe
[2012/02/14 20:31:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/14 20:30:39 | 000,000,262 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012/02/14 20:30:38 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012/02/14 20:30:25 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2012/02/14 19:57:09 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/14 19:56:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/14 19:56:48 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/14 19:56:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/14 19:56:21 | 3215,527,936 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/13 23:25:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/02/13 18:57:40 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/02/13 18:55:54 | 000,123,952 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012/02/13 18:55:54 | 000,010,652 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012/02/13 18:55:54 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012/02/13 18:36:49 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/02/10 11:37:02 | 000,017,280 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2012/02/08 15:30:14 | 000,000,553 | ---- | M] () -- C:\Users\Public\Documents\BluetoothLog.html
[2012/02/07 22:37:37 | 000,057,343 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 19.png
[2012/02/07 22:35:54 | 000,065,027 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 18.png
[2012/02/07 00:03:41 | 000,112,002 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 10.png
[2012/02/07 00:02:15 | 000,095,037 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 14.png
[2012/02/07 00:01:35 | 000,099,813 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 12.png
[2012/02/06 21:06:52 | 000,108,883 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 9.png
[2012/02/06 00:26:10 | 000,098,605 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 8.png
[2012/02/06 00:19:23 | 000,116,767 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 2.png
[2012/02/06 00:18:36 | 000,092,640 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 6.png
[2012/02/02 22:20:16 | 000,000,680 | ---- | M] () -- C:\Users\Jojo\AppData\Local\d3d9caps.dat
[2012/01/31 13:02:19 | 000,001,857 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/01/31 12:39:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/29 11:02:25 | 000,026,112 | ---- | M] () -- C:\Users\Jojo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/01/26 17:47:56 | 000,414,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/26 11:12:40 | 000,642,954 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/26 11:12:39 | 000,685,962 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/26 11:12:39 | 000,150,230 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/26 11:12:39 | 000,121,842 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/02/14 20:30:39 | 000,000,262 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012/02/14 20:30:38 | 000,000,270 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012/02/14 20:30:25 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2012/02/14 19:56:21 | 3215,527,936 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/13 18:57:40 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/02/13 18:44:34 | 000,010,652 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012/02/13 18:44:34 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012/02/07 22:37:27 | 000,057,343 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 19.png
[2012/02/07 22:35:43 | 000,065,027 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 18.png
[2012/02/07 00:02:05 | 000,095,037 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 14.png
[2012/02/07 00:01:26 | 000,099,813 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 12.png
[2012/02/06 21:06:37 | 000,108,883 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 9.png
[2012/02/06 21:06:23 | 000,112,002 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 10.png
[2012/02/06 00:26:00 | 000,098,605 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 8.png
[2012/02/06 00:19:10 | 000,116,767 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 2.png
[2012/02/06 00:18:23 | 000,092,640 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 6.png
[2012/01/31 13:02:19 | 000,001,857 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2010/04/19 21:54:26 | 000,000,680 | ---- | C] () -- C:\Users\Jojo\AppData\Local\d3d9caps.dat
[2009/11/08 14:01:13 | 000,026,112 | ---- | C] () -- C:\Users\Jojo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/11 11:06:09 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/11 11:06:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/28 10:45:21 | 000,540,672 | ---- | C] () -- C:\Windows\System32\Tx32.dll
[2009/08/28 10:45:20 | 000,000,478 | ---- | C] () -- C:\Windows\System32\ic32.ini
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/27 19:15:40 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/07/27 19:07:55 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/23 12:53:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/01/29 13:45:35 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/29 13:42:08 | 000,016,896 | ---- | C] () -- C:\Windows\Eventclr.exe
[2009/01/29 05:33:05 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2009/01/29 05:33:05 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2009/01/29 05:33:05 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2009/01/29 05:33:05 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2009/01/29 05:33:05 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2009/01/29 05:33:05 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2009/01/29 05:30:43 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2009/01/29 05:30:43 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2009/01/29 05:12:28 | 000,001,291 | ---- | C] () -- C:\Windows\vm331Rmv.ini
[2009/01/29 05:06:25 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/08/26 12:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll
[2008/04/16 14:44:40 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/04/16 14:44:38 | 000,685,962 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/04/16 14:44:38 | 000,150,230 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/04/16 14:44:38 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007/04/16 03:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,414,656 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,642,954 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,121,842 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2012/01/30 21:22:47 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Azureus
[2011/06/06 12:44:28 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\DVDVideoSoft
[2011/06/06 12:44:58 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/02/03 21:38:02 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\ICQ
[2009/11/11 16:06:55 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\InterVideo
[2009/08/28 10:45:15 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\M-HTOEFL
[2011/12/17 12:35:16 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Opera
[2011/06/25 22:26:27 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Swiss Academic Software
[2012/02/14 20:30:29 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Systweak
[2010/10/26 10:19:22 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\TP
[2012/02/14 15:27:47 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\TuneUpMedia
[2012/02/14 20:30:39 | 000,000,262 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job
[2012/02/14 20:30:38 | 000,000,270 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_UPDATES.job
[2012/02/13 23:25:50 | 000,032,706 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/14 21:00:26 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6FF9BD54-1422-4C31-9E6F-4FA3618527A5}.job
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---
__________________
Alt 14.02.2012, 21:17   #4
markusg
/// Malware-holic
 
aus sicherheitsgründen ist ihr windows system blockiert - Standard

aus sicherheitsgründen ist ihr windows system blockiert


1.
ist das doch nen scan im normalen modus.
2. ist der scan vom infiziertem nutzer ausgeführt worden?
im abgesicherten modus hast du dann auch internet, mach es also dort.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.02.2012, 21:45   #5
asmarino
 
aus sicherheitsgründen ist ihr windows system blockiert - Standard

aus sicherheitsgründen ist ihr windows system blockiert


vielen dank für die schnelle antwort,

ich habe das ganze nochmal im sicheren modus gemacht


Alt 14.02.2012, 21:46   #6
asmarino
 
aus sicherheitsgründen ist ihr windows system blockiert - Standard

aus sicherheitsgründen ist ihr windows system blockiert


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2012/02/14 09:31:52 PM - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\****\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00001C09 | Country: Südafrika | Language: ENS | Date Format: yyyy/MM/dd
 
2.99 Gb Total Physical Memory | 2.55 Gb Available Physical Memory | 85.09% Memory free
6.19 Gb Paging File | 5.93 Gb Available in Paging File | 95.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.86 Gb Total Space | 171.19 Gb Free Space | 59.68% Space Free | Partition Type: NTFS
Drive Q: | 9.77 Gb Total Space | 3.13 Gb Free Space | 32.02% Space Free | Partition Type: NTFS
Drive S: | 1.46 Gb Total Space | 0.65 Gb Free Space | 44.48% Space Free | Partition Type: NTFS
 
Computer Name: **** | User Name: **** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/02/14 20:37:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jojo\Desktop\OTL.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2007/06/18 16:28:44 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (SessionLauncher)
SRV - [2012/02/13 18:49:40 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2011/12/15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/12/15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/07/25 22:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008/10/19 13:30:02 | 000,222,456 | ---- | M] () [Auto | Stopped] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/08/26 12:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Programme\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2008/08/08 11:13:12 | 000,053,325 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2008/08/07 12:23:18 | 000,238,880 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2008/08/07 12:23:16 | 000,116,000 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2008/05/24 16:17:54 | 000,520,192 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2008/05/24 15:28:20 | 000,253,952 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe -- (TVT_UpdateMonitor)
SRV - [2008/04/25 08:18:10 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2008/04/25 08:18:02 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2008/04/25 08:16:04 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008/04/25 08:15:58 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008/04/25 08:15:24 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008/03/14 02:08:38 | 000,054,560 | ---- | M] (Lenovo.) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/09/26 17:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/08/22 22:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 22:35:00 | 000,243,064 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/21 09:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/05/24 13:33:32 | 000,057,344 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012/02/13 18:55:54 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/12/15 15:00:00 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/12/15 15:00:00 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/12/15 15:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/01/29 05:38:41 | 000,030,144 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2008/08/20 15:55:34 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2008/08/07 10:01:44 | 000,097,536 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/07/25 09:31:00 | 007,547,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/30 19:26:46 | 000,974,336 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vm331avs.sys -- (vm331avs)
DRV - [2008/06/25 21:05:06 | 000,044,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/05/24 15:28:22 | 000,048,192 | ---- | M] (Lenovo) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon)
DRV - [2008/05/21 16:35:24 | 000,220,160 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/05/12 10:04:04 | 000,013,480 | ---- | M] (Lenovo Group Limited) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2008/04/18 16:40:24 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008/03/14 14:23:12 | 000,169,008 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/02/22 15:54:40 | 000,037,312 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2008/01/21 03:23:26 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/10/18 08:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/08/19 10:00:00 | 000,865,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070820.048\NAVEX15.SYS -- (NAVEX15)
DRV - [2007/08/19 10:00:00 | 000,081,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070820.048\NAVENG.SYS -- (NAVENG)
DRV - [2007/08/16 23:23:00 | 000,446,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/08/12 22:50:00 | 000,188,464 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/08/12 22:50:00 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/08/09 02:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2007/08/09 02:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIM)
DRV - [2007/08/08 01:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/07/30 08:43:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/07/30 08:43:00 | 000,278,576 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/07/30 08:43:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/06/18 16:29:52 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2007/06/18 16:29:10 | 000,035,064 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/06/18 16:29:08 | 000,093,752 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/06/18 16:29:06 | 000,098,136 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/06/18 16:29:04 | 000,026,744 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/06/18 16:28:58 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/06/18 16:28:54 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/06/18 16:28:52 | 000,105,048 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Lenovo | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Lenovo - Welcome - Country selection [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Bing
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2011.02.18
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?sourceid=navclient&hl=de&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011/06/23 14:22:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/12 12:58:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/02 19:43:46 | 000,000,000 | ---D | M]
 
[2009/07/27 21:42:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jojo\AppData\Roaming\mozilla\Extensions
[2009/07/23 14:15:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\extensions
[2009/07/23 14:15:02 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2012/02/14 20:12:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions
[2010/10/25 22:50:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/06 12:44:59 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/07/28 20:20:58 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/01/19 21:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/07/27 21:41:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/06/28 21:19:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/28 12:36:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/15 11:05:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/19 21:09:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/08/01 16:35:35 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/09/18 11:35:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/12/02 12:47:11 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/06/28 21:19:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/28 12:36:37 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/15 11:05:49 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/19 21:09:26 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/06/23 14:22:23 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/24 22:27:07 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/10/24 22:27:07 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010/10/24 22:27:07 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/10/24 22:27:07 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/10/24 22:27:07 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Reg Error: Value error.) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [isCfgWiz] C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe (Symantec Corporation)
O4 - HKLM..\Run: [LPManager] C:\Programme\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMHandler] C:\Programme\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE (Conexant)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jojo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jojo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F1FBBBE-916B-4F2A-8A59-B3A750DA6328}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jojo\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jojo\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/06/10 17:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008/06/02 23:46:54 | 000,000,049 | -HS- | M] () - S:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{0ad29fa2-77a8-11de-a5d2-002269fa77dc}\Shell - "" = AutoRun
O33 - MountPoints2\{0ad29fa2-77a8-11de-a5d2-002269fa77dc}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{4df9f63f-c146-11de-878f-002269fa77dc}\Shell\AutoRun\command - "" = C:\Windows\System32\setupSNK.exe -- [2008/01/21 03:23:31 | 000,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{5f8020b6-edb9-11dd-946c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5f8020b6-edb9-11dd-946c-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2008/07/21 17:09:40 | 000,262,144 | -HS- | M] (Lenovo Group Limited)
O33 - MountPoints2\{7e13df0b-052f-11e0-9384-002269fa77dc}\Shell\AutoRun\command - "" = D:\Setup.exe
O33 - MountPoints2\{df9b7957-edfd-11dd-bf9c-001eec9b575b}\Shell - "" = AutoRun
O33 - MountPoints2\{df9b7957-edfd-11dd-bf9c-001eec9b575b}\Shell\AutoRun\command - "" = S:\LenovoSDrive.exe -- [2008/07/29 23:37:58 | 000,180,224 | -HS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/02/14 20:37:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Jojo\Desktop\OTL.exe
[2012/02/14 20:30:29 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\Systweak
[2012/02/14 20:30:26 | 000,017,280 | ---- | C] (Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free)) -- C:\Windows\System32\roboot.exe
[2012/02/14 20:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2012/02/14 20:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean Pro
[2012/02/13 19:07:38 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\Symantec
[2012/02/13 18:57:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012/02/13 18:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2012/02/13 18:44:34 | 000,123,952 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012/02/13 18:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/02/13 18:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/02/13 18:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/01/31 13:07:51 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\Avira
[2012/01/31 13:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/01/31 13:02:04 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012/01/31 13:02:03 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012/01/31 13:02:03 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/01/31 13:02:03 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012/01/31 13:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/01/31 13:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012/01/26 18:22:28 | 000,000,000 | ---D | C] -- C:\Users\Jojo\Desktop\fh-youssef
[2012/01/26 00:38:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/01/25 14:55:17 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/01/25 14:51:39 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/25 14:51:39 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/25 14:50:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/01/25 14:44:09 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/01/25 14:44:09 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/01/25 14:44:03 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/25 14:43:58 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/01/25 14:38:07 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/01/25 14:38:07 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012/01/25 14:38:07 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/01/25 14:38:07 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/01/25 14:38:07 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/01/25 14:38:07 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/01/25 14:38:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/01/25 14:37:38 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/25 14:37:37 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/25 14:30:00 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2009/01/29 05:12:28 | 000,131,072 | ---- | C] ( ) -- C:\Windows\vm331Rmv.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/02/14 21:28:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/14 21:26:31 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/14 21:26:30 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/14 21:26:30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/02/14 21:25:30 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6FF9BD54-1422-4C31-9E6F-4FA3618527A5}.job
[2012/02/14 20:49:00 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/02/14 20:37:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jojo\Desktop\OTL.exe
[2012/02/14 20:31:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/14 20:30:39 | 000,000,262 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012/02/14 20:30:38 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012/02/14 20:30:25 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2012/02/14 19:57:09 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/13 18:57:40 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/02/13 18:55:54 | 000,123,952 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012/02/13 18:55:54 | 000,010,652 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012/02/13 18:55:54 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012/02/13 18:36:49 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/02/10 11:37:02 | 000,017,280 | ---- | M] (Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free)) -- C:\Windows\System32\roboot.exe
[2012/02/08 15:30:14 | 000,000,553 | ---- | M] () -- C:\Users\Public\Documents\BluetoothLog.html
[2012/02/07 22:37:37 | 000,057,343 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 19.png
[2012/02/07 22:35:54 | 000,065,027 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 18.png
[2012/02/07 00:03:41 | 000,112,002 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 10.png
[2012/02/07 00:02:15 | 000,095,037 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 14.png
[2012/02/07 00:01:35 | 000,099,813 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 12.png
[2012/02/06 21:06:52 | 000,108,883 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 9.png
[2012/02/06 00:26:10 | 000,098,605 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 8.png
[2012/02/06 00:19:23 | 000,116,767 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 2.png
[2012/02/06 00:18:36 | 000,092,640 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 6.png
[2012/02/02 22:20:16 | 000,000,680 | ---- | M] () -- C:\Users\Jojo\AppData\Local\d3d9caps.dat
[2012/01/31 13:02:19 | 000,001,857 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/01/31 12:39:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/29 11:02:25 | 000,026,112 | ---- | M] () -- C:\Users\Jojo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/01/26 17:47:56 | 000,414,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/26 11:12:40 | 000,642,954 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/26 11:12:39 | 000,685,962 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/26 11:12:39 | 000,150,230 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/26 11:12:39 | 000,121,842 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/02/14 20:30:39 | 000,000,262 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012/02/14 20:30:38 | 000,000,270 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012/02/14 20:30:25 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2012/02/13 18:57:40 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/02/13 18:44:34 | 000,010,652 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012/02/13 18:44:34 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012/02/07 22:37:27 | 000,057,343 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 19.png
[2012/02/07 22:35:43 | 000,065,027 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 18.png
[2012/02/07 00:02:05 | 000,095,037 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 14.png
[2012/02/07 00:01:26 | 000,099,813 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 12.png
[2012/02/06 21:06:37 | 000,108,883 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 9.png
[2012/02/06 21:06:23 | 000,112,002 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 10.png
[2012/02/06 00:26:00 | 000,098,605 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 8.png
[2012/02/06 00:19:10 | 000,116,767 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 2.png
[2012/02/06 00:18:23 | 000,092,640 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 6.png
[2012/01/31 13:02:19 | 000,001,857 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2010/04/19 21:54:26 | 000,000,680 | ---- | C] () -- C:\Users\Jojo\AppData\Local\d3d9caps.dat
[2009/11/08 14:01:13 | 000,026,112 | ---- | C] () -- C:\Users\Jojo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/11 11:06:09 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/11 11:06:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/28 10:45:21 | 000,540,672 | ---- | C] () -- C:\Windows\System32\Tx32.dll
[2009/08/28 10:45:20 | 000,000,478 | ---- | C] () -- C:\Windows\System32\ic32.ini
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/27 19:15:40 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/07/27 19:07:55 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/23 12:53:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/01/29 13:45:35 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/29 13:42:08 | 000,016,896 | ---- | C] () -- C:\Windows\Eventclr.exe
[2009/01/29 05:33:05 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2009/01/29 05:33:05 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2009/01/29 05:33:05 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2009/01/29 05:33:05 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2009/01/29 05:33:05 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2009/01/29 05:33:05 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2009/01/29 05:30:43 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2009/01/29 05:30:43 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2009/01/29 05:12:28 | 000,001,291 | ---- | C] () -- C:\Windows\vm331Rmv.ini
[2009/01/29 05:06:25 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/08/26 12:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll
[2008/04/16 14:44:40 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/04/16 14:44:38 | 000,685,962 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/04/16 14:44:38 | 000,150,230 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/04/16 14:44:38 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007/04/16 03:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,414,656 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,642,954 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,121,842 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2012/01/30 21:22:47 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Azureus
[2011/06/06 12:44:28 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\DVDVideoSoft
[2011/06/06 12:44:58 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/02/03 21:38:02 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\ICQ
[2009/11/11 16:06:55 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\InterVideo
[2009/08/28 10:45:15 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\M-HTOEFL
[2011/12/17 12:35:16 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Opera
[2011/06/25 22:26:27 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Swiss Academic Software
[2012/02/14 20:30:29 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Systweak
[2010/10/26 10:19:22 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\TP
[2012/02/14 15:27:47 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\TuneUpMedia
[2012/02/14 20:30:39 | 000,000,262 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job
[2012/02/14 20:30:38 | 000,000,270 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_UPDATES.job
[2012/02/14 21:26:31 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/14 21:25:30 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6FF9BD54-1422-4C31-9E6F-4FA3618527A5}.job
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---
Alt 14.02.2012, 21:47   #7
asmarino
 
aus sicherheitsgründen ist ihr windows system blockiert - Standard

aus sicherheitsgründen ist ihr windows system blockiert


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2012/02/14 09:31:52 PM - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\****\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00001C09 | Country: Südafrika | Language: ENS | Date Format: yyyy/MM/dd
 
2.99 Gb Total Physical Memory | 2.55 Gb Available Physical Memory | 85.09% Memory free
6.19 Gb Paging File | 5.93 Gb Available in Paging File | 95.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.86 Gb Total Space | 171.19 Gb Free Space | 59.68% Space Free | Partition Type: NTFS
Drive Q: | 9.77 Gb Total Space | 3.13 Gb Free Space | 32.02% Space Free | Partition Type: NTFS
Drive S: | 1.46 Gb Total Space | 0.65 Gb Free Space | 44.48% Space Free | Partition Type: NTFS
 
Computer Name: **** | User Name: **** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/02/14 20:37:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jojo\Desktop\OTL.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2007/06/18 16:28:44 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (SessionLauncher)
SRV - [2012/02/13 18:49:40 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2011/12/15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/12/15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/07/25 22:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008/10/19 13:30:02 | 000,222,456 | ---- | M] () [Auto | Stopped] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/08/26 12:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Programme\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2008/08/08 11:13:12 | 000,053,325 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2008/08/07 12:23:18 | 000,238,880 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2008/08/07 12:23:16 | 000,116,000 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2008/05/24 16:17:54 | 000,520,192 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2008/05/24 15:28:20 | 000,253,952 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe -- (TVT_UpdateMonitor)
SRV - [2008/04/25 08:18:10 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2008/04/25 08:18:02 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2008/04/25 08:16:04 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008/04/25 08:15:58 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008/04/25 08:15:24 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008/03/14 02:08:38 | 000,054,560 | ---- | M] (Lenovo.) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/09/26 17:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/08/24 07:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/08/22 22:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 22:35:00 | 000,243,064 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/21 09:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/05/24 13:33:32 | 000,057,344 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012/02/13 18:55:54 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/12/15 15:00:00 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/12/15 15:00:00 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/12/15 15:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/01/29 05:38:41 | 000,030,144 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2008/08/20 15:55:34 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2008/08/07 10:01:44 | 000,097,536 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/07/25 09:31:00 | 007,547,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/30 19:26:46 | 000,974,336 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vm331avs.sys -- (vm331avs)
DRV - [2008/06/25 21:05:06 | 000,044,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/05/24 15:28:22 | 000,048,192 | ---- | M] (Lenovo) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon)
DRV - [2008/05/21 16:35:24 | 000,220,160 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/05/12 10:04:04 | 000,013,480 | ---- | M] (Lenovo Group Limited) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2008/04/18 16:40:24 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008/03/14 14:23:12 | 000,169,008 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/02/22 15:54:40 | 000,037,312 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2008/01/21 03:23:26 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/10/18 08:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/08/19 10:00:00 | 000,865,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070820.048\NAVEX15.SYS -- (NAVEX15)
DRV - [2007/08/19 10:00:00 | 000,081,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070820.048\NAVENG.SYS -- (NAVENG)
DRV - [2007/08/16 23:23:00 | 000,446,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/08/12 22:50:00 | 000,188,464 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/08/12 22:50:00 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/08/09 02:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2007/08/09 02:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIM)
DRV - [2007/08/08 01:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/07/30 08:43:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/07/30 08:43:00 | 000,278,576 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/07/30 08:43:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/06/18 16:29:52 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2007/06/18 16:29:10 | 000,035,064 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/06/18 16:29:08 | 000,093,752 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/06/18 16:29:06 | 000,098,136 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/06/18 16:29:04 | 000,026,744 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/06/18 16:28:58 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/06/18 16:28:54 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/06/18 16:28:52 | 000,105,048 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Lenovo | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Lenovo - Welcome - Country selection [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Bing
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2011.02.18
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?sourceid=navclient&hl=de&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011/06/23 14:22:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/12 12:58:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/02 19:43:46 | 000,000,000 | ---D | M]
 
[2009/07/27 21:42:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jojo\AppData\Roaming\mozilla\Extensions
[2009/07/23 14:15:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\extensions
[2009/07/23 14:15:02 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2012/02/14 20:12:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions
[2010/10/25 22:50:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/06 12:44:59 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/07/28 20:20:58 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\Jojo\AppData\Roaming\mozilla\Firefox\Profiles\j18wq504.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/01/19 21:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/07/27 21:41:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/06/28 21:19:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/28 12:36:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/15 11:05:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/19 21:09:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/08/01 16:35:35 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/09/18 11:35:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/12/02 12:47:11 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/06/28 21:19:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/28 12:36:37 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/15 11:05:49 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/19 21:09:26 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/06/23 14:22:23 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/24 22:27:07 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/10/24 22:27:07 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010/10/24 22:27:07 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/10/24 22:27:07 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/10/24 22:27:07 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Reg Error: Value error.) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [isCfgWiz] C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe (Symantec Corporation)
O4 - HKLM..\Run: [LPManager] C:\Programme\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMHandler] C:\Programme\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE (Conexant)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jojo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jojo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F1FBBBE-916B-4F2A-8A59-B3A750DA6328}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jojo\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jojo\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/06/10 17:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008/06/02 23:46:54 | 000,000,049 | -HS- | M] () - S:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{0ad29fa2-77a8-11de-a5d2-002269fa77dc}\Shell - "" = AutoRun
O33 - MountPoints2\{0ad29fa2-77a8-11de-a5d2-002269fa77dc}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{4df9f63f-c146-11de-878f-002269fa77dc}\Shell\AutoRun\command - "" = C:\Windows\System32\setupSNK.exe -- [2008/01/21 03:23:31 | 000,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{5f8020b6-edb9-11dd-946c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5f8020b6-edb9-11dd-946c-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2008/07/21 17:09:40 | 000,262,144 | -HS- | M] (Lenovo Group Limited)
O33 - MountPoints2\{7e13df0b-052f-11e0-9384-002269fa77dc}\Shell\AutoRun\command - "" = D:\Setup.exe
O33 - MountPoints2\{df9b7957-edfd-11dd-bf9c-001eec9b575b}\Shell - "" = AutoRun
O33 - MountPoints2\{df9b7957-edfd-11dd-bf9c-001eec9b575b}\Shell\AutoRun\command - "" = S:\LenovoSDrive.exe -- [2008/07/29 23:37:58 | 000,180,224 | -HS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/02/14 20:37:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Jojo\Desktop\OTL.exe
[2012/02/14 20:30:29 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\Systweak
[2012/02/14 20:30:26 | 000,017,280 | ---- | C] (Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free)) -- C:\Windows\System32\roboot.exe
[2012/02/14 20:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2012/02/14 20:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean Pro
[2012/02/13 19:07:38 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\Symantec
[2012/02/13 18:57:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012/02/13 18:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2012/02/13 18:44:34 | 000,123,952 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012/02/13 18:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/02/13 18:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/02/13 18:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/01/31 13:07:51 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\Avira
[2012/01/31 13:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/01/31 13:02:04 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012/01/31 13:02:03 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012/01/31 13:02:03 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/01/31 13:02:03 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012/01/31 13:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/01/31 13:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012/01/26 18:22:28 | 000,000,000 | ---D | C] -- C:\Users\Jojo\Desktop\fh-youssef
[2012/01/26 00:38:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/01/25 14:55:17 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/01/25 14:51:39 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/25 14:51:39 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/25 14:50:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/01/25 14:44:09 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/01/25 14:44:09 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/01/25 14:44:03 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/25 14:43:58 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/01/25 14:38:07 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/01/25 14:38:07 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012/01/25 14:38:07 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/01/25 14:38:07 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/01/25 14:38:07 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/01/25 14:38:07 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/01/25 14:38:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/01/25 14:37:38 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/25 14:37:37 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/25 14:30:00 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2009/01/29 05:12:28 | 000,131,072 | ---- | C] ( ) -- C:\Windows\vm331Rmv.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/02/14 21:28:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/14 21:26:31 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/14 21:26:30 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/14 21:26:30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/02/14 21:25:30 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6FF9BD54-1422-4C31-9E6F-4FA3618527A5}.job
[2012/02/14 20:49:00 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/02/14 20:37:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jojo\Desktop\OTL.exe
[2012/02/14 20:31:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/14 20:30:39 | 000,000,262 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012/02/14 20:30:38 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012/02/14 20:30:25 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2012/02/14 19:57:09 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/13 18:57:40 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/02/13 18:55:54 | 000,123,952 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012/02/13 18:55:54 | 000,010,652 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012/02/13 18:55:54 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012/02/13 18:36:49 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/02/10 11:37:02 | 000,017,280 | ---- | M] (Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free)) -- C:\Windows\System32\roboot.exe
[2012/02/08 15:30:14 | 000,000,553 | ---- | M] () -- C:\Users\Public\Documents\BluetoothLog.html
[2012/02/07 22:37:37 | 000,057,343 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 19.png
[2012/02/07 22:35:54 | 000,065,027 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 18.png
[2012/02/07 00:03:41 | 000,112,002 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 10.png
[2012/02/07 00:02:15 | 000,095,037 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 14.png
[2012/02/07 00:01:35 | 000,099,813 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 12.png
[2012/02/06 21:06:52 | 000,108,883 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 9.png
[2012/02/06 00:26:10 | 000,098,605 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 8.png
[2012/02/06 00:19:23 | 000,116,767 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 2.png
[2012/02/06 00:18:36 | 000,092,640 | ---- | M] () -- C:\Users\Jojo\Documents\Video call snapshot 6.png
[2012/02/02 22:20:16 | 000,000,680 | ---- | M] () -- C:\Users\Jojo\AppData\Local\d3d9caps.dat
[2012/01/31 13:02:19 | 000,001,857 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/01/31 12:39:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/29 11:02:25 | 000,026,112 | ---- | M] () -- C:\Users\Jojo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/01/26 17:47:56 | 000,414,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/26 11:12:40 | 000,642,954 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/26 11:12:39 | 000,685,962 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/26 11:12:39 | 000,150,230 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/26 11:12:39 | 000,121,842 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/02/14 20:30:39 | 000,000,262 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012/02/14 20:30:38 | 000,000,270 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012/02/14 20:30:25 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2012/02/13 18:57:40 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/02/13 18:44:34 | 000,010,652 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012/02/13 18:44:34 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012/02/07 22:37:27 | 000,057,343 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 19.png
[2012/02/07 22:35:43 | 000,065,027 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 18.png
[2012/02/07 00:02:05 | 000,095,037 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 14.png
[2012/02/07 00:01:26 | 000,099,813 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 12.png
[2012/02/06 21:06:37 | 000,108,883 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 9.png
[2012/02/06 21:06:23 | 000,112,002 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 10.png
[2012/02/06 00:26:00 | 000,098,605 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 8.png
[2012/02/06 00:19:10 | 000,116,767 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 2.png
[2012/02/06 00:18:23 | 000,092,640 | ---- | C] () -- C:\Users\Jojo\Documents\Video call snapshot 6.png
[2012/01/31 13:02:19 | 000,001,857 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2010/04/19 21:54:26 | 000,000,680 | ---- | C] () -- C:\Users\Jojo\AppData\Local\d3d9caps.dat
[2009/11/08 14:01:13 | 000,026,112 | ---- | C] () -- C:\Users\Jojo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/11 11:06:09 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/11 11:06:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/28 10:45:21 | 000,540,672 | ---- | C] () -- C:\Windows\System32\Tx32.dll
[2009/08/28 10:45:20 | 000,000,478 | ---- | C] () -- C:\Windows\System32\ic32.ini
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/27 19:15:40 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/07/27 19:07:55 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/23 12:53:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/01/29 13:45:35 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/29 13:42:08 | 000,016,896 | ---- | C] () -- C:\Windows\Eventclr.exe
[2009/01/29 05:33:05 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2009/01/29 05:33:05 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2009/01/29 05:33:05 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2009/01/29 05:33:05 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2009/01/29 05:33:05 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2009/01/29 05:33:05 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2009/01/29 05:30:43 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2009/01/29 05:30:43 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2009/01/29 05:12:28 | 000,001,291 | ---- | C] () -- C:\Windows\vm331Rmv.ini
[2009/01/29 05:06:25 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/08/26 12:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll
[2008/04/16 14:44:40 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/04/16 14:44:38 | 000,685,962 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/04/16 14:44:38 | 000,150,230 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/04/16 14:44:38 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007/04/16 03:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,414,656 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,642,954 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,121,842 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2012/01/30 21:22:47 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Azureus
[2011/06/06 12:44:28 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\DVDVideoSoft
[2011/06/06 12:44:58 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/02/03 21:38:02 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\ICQ
[2009/11/11 16:06:55 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\InterVideo
[2009/08/28 10:45:15 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\M-HTOEFL
[2011/12/17 12:35:16 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Opera
[2011/06/25 22:26:27 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Swiss Academic Software
[2012/02/14 20:30:29 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\Systweak
[2010/10/26 10:19:22 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\TP
[2012/02/14 15:27:47 | 000,000,000 | ---D | M] -- C:\Users\Jojo\AppData\Roaming\TuneUpMedia
[2012/02/14 20:30:39 | 000,000,262 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job
[2012/02/14 20:30:38 | 000,000,270 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_UPDATES.job
[2012/02/14 21:26:31 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/14 21:25:30 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6FF9BD54-1422-4C31-9E6F-4FA3618527A5}.job
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---
Alt 15.02.2012, 11:39   #8
markusg
/// Malware-holic
 
aus sicherheitsgründen ist ihr windows system blockiert - Standard

aus sicherheitsgründen ist ihr windows system blockiert


Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
    Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu aus sicherheitsgründen ist ihr windows system blockiert
andere, aus sicherheitsgründen, ausser, blockiert, dasselbe, gestern, hallo zusammen, herunterfahren, meldung, nichts, probleme, problemen, sicherheitsgründe, sicherheitsgründen, system, system blockiert, teile, windows, windows system, windows system blockiert, zusammen


« Ihr Windowssystem wurde aus Sicherheitsgründen blockiert | Achtung, Computer wurde gesperrt! »


Ähnliche Themen: aus sicherheitsgründen ist ihr windows system blockiert


  1. Ihr Windows-System wurde aus Sicherheitsgründen blockiert
    Plagegeister aller Art und deren Bekämpfung - 15.05.2012 (5)
  2. Aus Sicherheitsgründen wurde ihr Windows System blockiert
    Log-Analyse und Auswertung - 15.04.2012 (32)
  3. Windows System aus Sicherheitsgründen blockiert!
    Log-Analyse und Auswertung - 11.02.2012 (1)
  4. Windows System wurde aus Sicherheitsgründen Blockiert!
    Plagegeister aller Art und deren Bekämpfung - 08.02.2012 (1)
  5. Aus Sicherheitsgründen wurde ihr Windows System blockiert...
    Plagegeister aller Art und deren Bekämpfung - 30.01.2012 (5)
  6. Aus Sicherheitsgründen wurde ihr Windows System blockiert!
    Log-Analyse und Auswertung - 30.01.2012 (20)
  7. Ihr Windows System wurde aus Sicherheitsgründen blockiert!
    Log-Analyse und Auswertung - 23.01.2012 (17)
  8. Windows System aus Sicherheitsgründen blockiert...
    Log-Analyse und Auswertung - 17.01.2012 (25)
  9. Windows hat aus Sicherheitsgründen ihr System Blockiert trojaner
    Plagegeister aller Art und deren Bekämpfung - 09.01.2012 (8)
  10. Aus Sicherheitsgründen wurde ihr Windows-System blockiert
    Log-Analyse und Auswertung - 06.01.2012 (16)
  11. Pc wird blockiert: Aus Sicherheitsgründen wurde ihr Windows System blockiert.....
    Log-Analyse und Auswertung - 29.12.2011 (19)
  12. Aus Sicherheitsgründen wurde ihr Windows-System blockiert
    Plagegeister aller Art und deren Bekämpfung - 22.12.2011 (14)
  13. aus sicherheitsgründen wurde ihr windows system blockiert
    Plagegeister aller Art und deren Bekämpfung - 19.12.2011 (8)
  14. Aus Sicherheitsgründen wurde ihr Windows System blockiert
    Log-Analyse und Auswertung - 18.12.2011 (5)
  15. Aus Sicherheitsgründen wurde Ihr Windows System blockiert
    Log-Analyse und Auswertung - 17.12.2011 (1)
  16. Pc wird blockiert: Aus Sicherheitsgründen wurde ihr Windows System blockiert.....
    Plagegeister aller Art und deren Bekämpfung - 12.12.2011 (7)
  17. Aus Sicherheitsgründen wurde Ihr Windows System blockiert.
    Log-Analyse und Auswertung - 13.08.2011 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema aus sicherheitsgründen ist ihr windows system blockiert - hallo zusammen, ich habe mich bei den problemen andere durch gelesen die dasselbe problem mit mir teilen bei mir kommt auch seit gestern die meldung(aus sicherheitsgründen ist ihr windows system - aus sicherheitsgründen ist ihr windows system blockiert...
Archiv
Du betrachtest: aus sicherheitsgründen ist ihr windows system blockiert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55