Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Polizei Virus Österreich

Polizei Virus Österreich


Log-Analyse und Auswertung: Polizei Virus Österreich

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 2 1 2
Alt 01.09.2012, 02:29   #16
t'john
/// Helfer-Team
 
Polizei Virus Österreich - Standard

Polizei Virus Österreich


Bitte mal ausfuehren:
http://www.trojaner-board.de/72874-s...eparieren.html

Danach:
- neustarten
nochmal versuchen
__________________
Mfg, t'john
Das TB unterstützen

Alt 01.09.2012, 11:32   #17
andyy1404
 
Polizei Virus Österreich - Standard

Polizei Virus Österreich


Der Windowsressourcenschutz hat keine Integritätsverletzungen gefunden.

danach Neustart und Versuch das SP1 zu installieren.

wieder nicht geklappt, der gleiche Fehler wie vorher.

Frage am Rande, kann ich in dem Zustand ein Datenbackup machen und welches Programm würdest du empfehlen?
__________________
Alt 01.09.2012, 17:43   #18
t'john
/// Helfer-Team
 
Polizei Virus Österreich - Standard

Polizei Virus Österreich


Zitat:
Frage am Rande, kann ich in dem Zustand ein Datenbackup machen und welches Programm würdest du empfehlen?
Windows Easy Transfer (bei Windows 7 an Board) kannst du verwenden.

Dann Neuaufsetzen und zurueckspielen
__________________
__________________
Alt 04.09.2012, 19:04   #19
andyy1404
 
Polizei Virus Österreich - Standard

Polizei Virus Österreich


*dingding* RUNDE 2

Ich hab den laptop auf die werkseinstellung zurückgesetzt, jetzt ist auch SP1 installiert.

Hier die aktuellen files.

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.09.04.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Andy :: GRUBDERS [Administrator]

Schutz: Aktiviert

04.09.2012 18:47:10
mbam-log-2012-09-04 (18-47-10).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 324241
Laufzeit: 1 Stunde(n), 1 Minute(n), 

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
ATTFilter
OTL logfile created on: 04.09.2012 19:50:34 - Run 1
OTL by OldTimer - Version 3.2.60.0     Folder = C:\Users\Andy\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,60 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 55,99% Memory free
5,21 Gb Paging File | 3,83 Gb Available in Paging File | 73,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 446,84 Gb Total Space | 415,49 Gb Free Space | 92,98% Space Free | Partition Type: NTFS
Drive D: | 18,62 Gb Total Space | 2,33 Gb Free Space | 12,49% Space Free | Partition Type: NTFS
 
Computer Name: GRUBDERS | User Name: Andy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.04 18:52:17 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Andy\Desktop\OTL.exe
PRC - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe
PRC - [2012.07.30 18:00:58 | 003,408,288 | ---- | M] (Emsisoft GmbH) -- C:\Programme\Emsisoft Anti-Malware\a2guard.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.04.08 05:06:15 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 04:17:58 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 04:17:48 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.18 19:59:52 | 000,338,208 | -H-- | M] (DeviceVM, Inc.) -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010.11.12 11:18:12 | 001,040,952 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\PictureMover\Bin\PictureMover.exe
PRC - [2010.11.10 15:39:34 | 000,284,160 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2010.11.10 07:56:08 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.11.10 07:55:38 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010.10.25 16:45:32 | 003,511,888 | ---- | M] (Motorola, Inc.) -- C:\Programme\Motorola\Bluetooth\devmgrsrv.exe
PRC - [2010.10.14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.10.14 18:26:04 | 000,311,352 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Programme\Hewlett-Packard\Shared\hpCaslNotification.exe
PRC - [2010.09.29 15:10:00 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2010.09.29 15:10:00 | 000,254,034 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\stacsv.exe
PRC - [2010.09.21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 15:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.09.03 18:13:30 | 000,136,488 | ---- | M] (CyberLink) -- C:\Programme\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010.08.31 17:16:10 | 000,568,888 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2010.08.23 18:06:58 | 000,584,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.08.23 18:06:58 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010.08.05 20:50:56 | 000,210,488 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Client Services\HPClientServices.exe
PRC - [2010.07.27 14:46:08 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010.07.23 07:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
PRC - [2010.07.21 15:33:00 | 000,363,064 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
PRC - [2010.07.21 15:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
PRC - [2010.07.16 14:07:54 | 000,508,680 | ---- | M] (Motorola, Inc.) -- C:\Programme\Motorola\Bluetooth\obexsrv.exe
PRC - [2010.07.15 12:22:36 | 001,367,816 | ---- | M] (Motorola, Inc.) -- C:\Programme\Motorola\Bluetooth\btplayerctrl.exe
PRC - [2010.07.15 12:22:24 | 000,901,384 | ---- | M] (Motorola, Inc.) -- C:\Programme\Motorola\Bluetooth\audiosrv.exe
PRC - [2010.06.17 05:23:34 | 000,140,224 | ---- | M] (Advanced Micro Devices) -- C:\Programme\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
PRC - [2010.06.01 16:29:24 | 002,057,560 | ---- | M] (Symantec Corporation) -- C:\Programme\Symantec\Norton Online Backup\NOBuAgent.exe
PRC - [2010.04.23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezSharedSvcHost.exe
PRC - [2009.03.03 12:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Programme\IDT\WDM\AEstSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.03 02:01:26 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\30b1d86571495ea86b9a19b13498aad3\WindowsFormsIntegration.ni.dll
MOD - [2012.09.03 01:53:49 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\fbc05b5b05dc6366b02b8e2f77d080f1\System.Core.ni.dll
MOD - [2012.09.03 01:53:39 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\299d0b38053fd7cbd84bac2178c3703b\PresentationFramework.Aero.ni.dll
MOD - [2012.09.03 01:53:27 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bfaf8f86e69928fb2f67987c0203f603\PresentationFramework.ni.dll
MOD - [2012.09.03 01:52:51 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll
MOD - [2012.09.03 01:52:24 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2012.09.03 01:50:55 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2012.09.03 01:50:23 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2012.09.03 01:50:08 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll
MOD - [2012.09.03 01:49:53 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2012.09.03 01:45:24 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2012.09.03 01:45:14 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2012.09.03 01:45:11 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2012.09.03 01:44:50 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2010.12.15 22:23:51 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010.12.15 22:23:51 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_de_b77a5c561934e089\System.Core.resources.dll
MOD - [2010.12.15 22:23:25 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.12.15 22:23:20 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.12.15 15:22:54 | 000,236,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll
MOD - [2010.11.12 11:28:42 | 001,700,920 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\PictureMover\DE-AT\Presentation.dll
MOD - [2010.11.12 11:18:24 | 012,286,008 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\PictureMover\Bin\Core.dll
MOD - [2010.11.10 15:39:38 | 000,096,256 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2010.11.10 15:38:00 | 000,243,712 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.11.04 17:59:42 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.10.25 16:45:46 | 020,895,312 | ---- | M] () -- C:\Programme\Motorola\Bluetooth\btmshell.dll
MOD - [2010.08.31 17:16:10 | 000,568,888 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2010.08.26 16:51:44 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2010.07.21 15:33:02 | 000,052,280 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
MOD - [2010.07.21 15:33:00 | 000,267,832 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
MOD - [2010.07.21 15:33:00 | 000,030,264 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.09.03 00:20:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Programme\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.04.17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2011.04.08 05:06:15 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.20 04:17:58 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.18 19:59:52 | 000,338,208 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010.11.10 15:39:34 | 000,284,160 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2010.11.10 07:55:38 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.10.25 16:45:32 | 003,511,888 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Programme\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV - [2010.10.14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.09.29 15:10:00 | 000,254,034 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2010.09.21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.08.23 18:06:58 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.08.05 20:50:56 | 000,210,488 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV - [2010.07.27 14:46:08 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010.07.21 15:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010.07.16 14:07:54 | 000,508,680 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Programme\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010.07.15 12:22:24 | 000,901,384 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Programme\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV - [2010.06.19 03:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Programme\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010.06.17 05:23:34 | 000,140,224 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV - [2010.06.01 16:29:24 | 002,057,560 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.04.23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) [Auto | Running] -- C:\Windows\System32\ezSharedSvcHost.exe -- (ezSharedSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.03.03 12:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AEstSrv.exe -- (AESTFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012.09.04 19:01:09 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.04.30 18:45:28 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2011.05.19 14:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2011.03.31 05:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1206000.01D\srtspx.sys -- (SRTSPX)
DRV - [2011.03.15 04:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1206000.01D\symefa.sys -- (SymEFA)
DRV - [2011.01.27 08:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1206000.01D\symds.sys -- (SymDS)
DRV - [2011.01.27 07:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1206000.01D\ironx86.sys -- (SymIRON)
DRV - [2010.11.20 02:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.10 08:33:04 | 006,574,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010.11.10 07:18:34 | 000,229,888 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.10.26 18:59:36 | 000,402,432 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btmusb.sys -- (BTMUSB)
DRV - [2010.09.29 15:10:00 | 000,432,640 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2010.09.24 17:46:24 | 000,102,416 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010.09.03 18:13:32 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
DRV - [2010.08.13 11:00:00 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\NAVEX15.SYS -- (NAVEX15)
DRV - [2010.08.13 11:00:00 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\NAVENG.SYS -- (NAVENG)
DRV - [2010.08.12 16:24:26 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010.08.12 16:24:26 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2010.08.09 05:11:49 | 000,692,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010.07.29 04:54:36 | 000,489,008 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1201000.025\srtsp.sys -- (SRTSP)
DRV - [2010.07.21 03:43:16 | 000,194,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010.07.13 03:20:21 | 000,294,448 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1201000.025\symnets.sys -- (SymNetS)
DRV - [2010.06.30 12:02:08 | 000,041,344 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmcom.sys -- (BTMCOM)
DRV - [2010.06.27 06:05:05 | 000,344,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSVix86.sys -- (IDSVix86)
DRV - [2010.04.29 14:43:22 | 000,030,464 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010.02.18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.11.11 13:09:22 | 000,018,136 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\dvmio.sys -- (DVMIO)
DRV - [2009.07.14 00:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/1
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = hxxp://rover.ebay.com/rover/1/5221-111072-7833-0/4?satitle={searchTerms}&mfe=Notebooks
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-535257029-1864070408-591601880-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1
IE - HKU\S-1-5-21-535257029-1864070408-591601880-1002\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPCON/1
IE - HKU\S-1-5-21-535257029-1864070408-591601880-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\S-1-5-21-535257029-1864070408-591601880-1002\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKU\S-1-5-21-535257029-1864070408-591601880-1002\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKU\S-1-5-21-535257029-1864070408-591601880-1002\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKU\S-1-5-21-535257029-1864070408-591601880-1002\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-535257029-1864070408-591601880-1002\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = hxxp://rover.ebay.com/rover/1/5221-111072-7833-0/4?satitle={searchTerms}&mfe=Notebooks
IE - HKU\S-1-5-21-535257029-1864070408-591601880-1002\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-535257029-1864070408-591601880-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Andy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Andy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2012.09.02 22:48:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn\ [2011.04.08 05:20:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011.04.08 05:25:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.04.08 05:25:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.04.08 05:25:55 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.at/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.at/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Andy\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Andy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\18.1.0.37\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\18.1.0.37\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\18.1.0.37\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-535257029-1864070408-591601880-1002\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\18.1.0.37\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll ()
O4 - HKLM..\Run: [Easybits Recovery] C:\Programme\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Program Files\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [HP Quick Launch] C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Programme\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Programme\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Programme\Motorola\Bluetooth\btmiesend.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4D9764D8-6059-4C2B-BA5C-844A253711C9}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Programme\Stardock\Fences Pro\FencesMenu.dll (Stardock)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.04 18:52:14 | 000,599,040 | ---- | C] (OldTimer Tools) -- C:\Users\Andy\Desktop\OTL.exe
[2012.09.04 18:45:59 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Malwarebytes
[2012.09.04 18:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.04 18:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.04 18:45:43 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.04 18:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.09.03 06:23:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2012.09.03 06:23:11 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2012.09.03 06:23:11 | 000,000,000 | ---D | C] -- C:\Users\Andy\Documents\Anti-Malware
[2012.09.03 01:35:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012.09.03 01:01:26 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012.09.03 00:41:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012.09.03 00:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.09.03 00:21:02 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.09.03 00:20:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2012.09.03 00:19:58 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\Google
[2012.09.03 00:17:52 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\Deployment
[2012.09.03 00:17:52 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\Apps
[2012.09.03 00:17:29 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Adobe
[2012.09.02 23:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.09.02 23:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.09.02 22:58:37 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.09.02 22:58:36 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\AMD
[2012.09.02 22:58:31 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\PictureMover
[2012.09.02 22:58:28 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\ATI
[2012.09.02 22:58:28 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\ATI
[2012.09.02 22:54:46 | 000,000,000 | ---D | C] -- C:\Users\Andy\Documents\Meine empfangenen Dateien
[2012.09.02 22:54:45 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Stardock
[2012.09.02 22:54:40 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Synaptics
[2012.09.02 22:54:40 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\hpqLog
[2012.09.02 22:54:29 | 000,000,000 | R--D | C] -- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.09.02 22:54:29 | 000,000,000 | R--D | C] -- C:\Users\Andy\Searches
[2012.09.02 22:54:29 | 000,000,000 | R--D | C] -- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.09.02 22:54:23 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Identities
[2012.09.02 22:54:22 | 000,000,000 | R--D | C] -- C:\Users\Andy\Contacts
[2012.09.02 22:53:46 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\RemEngine
[2012.09.02 22:50:55 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Hewlett-Packard
[2012.09.02 22:50:50 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\Hewlett-Packard
[2012.09.02 22:50:25 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\Hewlett-Packard_Company
[2012.09.02 22:48:19 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\VirtualStore
[2012.09.02 22:48:07 | 000,000,000 | --SD | C] -- C:\Users\Andy\AppData\Roaming\Microsoft
[2012.09.02 22:48:07 | 000,000,000 | R--D | C] -- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.09.02 22:48:07 | 000,000,000 | R--D | C] -- C:\Users\Andy\Favorites
[2012.09.02 22:48:07 | 000,000,000 | R--D | C] -- C:\Users\Andy\Downloads
[2012.09.02 22:48:07 | 000,000,000 | R--D | C] -- C:\Users\Andy\Documents
[2012.09.02 22:48:07 | 000,000,000 | R--D | C] -- C:\Users\Andy\Desktop
[2012.09.02 22:48:07 | 000,000,000 | R--D | C] -- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Vorlagen
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\AppData\Local\Verlauf
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\AppData\Local\Temporary Internet Files
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Startmenü
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\SendTo
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Recent
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Netzwerkumgebung
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Lokale Einstellungen
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Documents\Eigene Videos
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Documents\Eigene Musik
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Eigene Dateien
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Documents\Eigene Bilder
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Druckumgebung
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Cookies
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\AppData\Local\Anwendungsdaten
[2012.09.02 22:48:07 | 000,000,000 | -HSD | C] -- C:\Users\Andy\Anwendungsdaten
[2012.09.02 22:48:07 | 000,000,000 | -H-D | C] -- C:\Users\Andy\AppData
[2012.09.02 22:48:07 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\Temp
[2012.09.02 22:48:07 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\Microsoft
[2012.09.02 22:48:07 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Media Center Programs
[2012.09.02 22:48:06 | 000,000,000 | R--D | C] -- C:\Users\Andy\Videos
[2012.09.02 22:48:06 | 000,000,000 | R--D | C] -- C:\Users\Andy\Saved Games
[2012.09.02 22:48:06 | 000,000,000 | R--D | C] -- C:\Users\Andy\Pictures
[2012.09.02 22:48:06 | 000,000,000 | R--D | C] -- C:\Users\Andy\Music
[2012.09.02 22:48:06 | 000,000,000 | R--D | C] -- C:\Users\Andy\Links
[2012.09.02 22:47:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.09.02 22:47:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.09.02 22:47:45 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.09.02 22:47:45 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.09.02 22:47:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.09.02 22:47:45 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.09.02 22:47:45 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.09.02 22:47:45 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.09.02 22:47:45 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.09.02 22:47:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.09.02 22:47:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.09.02 21:43:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\sda
[2012.09.02 21:43:21 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.04 19:51:15 | 000,023,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.04 19:51:15 | 000,023,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.04 19:25:04 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535257029-1864070408-591601880-1002UA.job
[2012.09.04 19:01:09 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012.09.04 19:01:09 | 000,007,468 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012.09.04 19:01:09 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012.09.04 18:52:17 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Andy\Desktop\OTL.exe
[2012.09.04 18:50:47 | 001,521,980 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1201000.025\Cat.DB
[2012.09.04 18:45:46 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.04 18:45:02 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.04 18:45:02 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.04 18:45:02 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.04 18:45:02 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.04 18:38:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.04 18:38:22 | 2096,549,888 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.03 06:29:00 | 000,277,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.09.03 06:23:55 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.09.03 00:24:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535257029-1864070408-591601880-1002Core.job
[2012.09.03 00:21:10 | 000,002,351 | ---- | M] () -- C:\Users\Andy\Desktop\Google Chrome.lnk
[2012.09.03 00:15:50 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2012.09.03 00:14:24 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGRUBDERS$.job
[2012.09.02 23:28:45 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.09.02 22:54:46 | 000,000,124 | ---- | M] () -- C:\Users\Andy\AppData\Local\mv_Photo.xml
[2012.09.02 22:54:46 | 000,000,115 | ---- | M] () -- C:\Users\Andy\AppData\Local\mv_music.xml
[2012.09.02 21:46:22 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2012.09.02 21:45:50 | 000,052,870 | ---- | M] () -- C:\Windows\System32\license.rtf
 
========== Files Created - No Company Name ==========
 
[2012.09.04 18:45:46 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.03 06:23:55 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.09.03 01:01:09 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012.09.03 01:00:50 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012.09.03 01:00:49 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012.09.03 00:21:08 | 000,002,351 | ---- | C] () -- C:\Users\Andy\Desktop\Google Chrome.lnk
[2012.09.03 00:20:01 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535257029-1864070408-591601880-1002UA.job
[2012.09.03 00:19:59 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535257029-1864070408-591601880-1002Core.job
[2012.09.03 00:15:50 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2012.09.02 23:28:45 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.09.02 22:57:31 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForGRUBDERS$.job
[2012.09.02 22:54:46 | 000,000,124 | ---- | C] () -- C:\Users\Andy\AppData\Local\mv_Photo.xml
[2012.09.02 22:54:46 | 000,000,115 | ---- | C] () -- C:\Users\Andy\AppData\Local\mv_music.xml
[2012.09.02 22:54:31 | 000,001,409 | ---- | C] () -- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.09.02 22:50:33 | 000,002,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish.lnk
[2012.09.02 22:50:32 | 000,002,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk
[2012.09.02 22:50:31 | 000,002,196 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.at.lnk
[2012.09.02 22:50:30 | 000,002,190 | ---- | C] () -- C:\Users\Public\Desktop\eBay.at.lnk
[2012.09.02 21:43:17 | 2096,549,888 | -HS- | C] () -- C:\hiberfil.sys
[2011.04.08 05:08:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.08 05:05:40 | 000,014,051 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2011.04.08 05:04:15 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.04.08 04:49:32 | 000,000,299 | ---- | C] () -- C:\Windows\System32\RStoneLog2.ini
[2011.04.08 04:49:32 | 000,000,240 | ---- | C] () -- C:\Windows\System32\RStoneLog.ini
[2011.04.08 04:46:16 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.12.15 22:25:33 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010.12.15 22:25:32 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010.12.15 22:25:32 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010.12.15 22:25:32 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.12.15 15:22:54 | 000,000,202 | ---- | C] () -- C:\Windows\System32\HPWA.ini
[2010.12.15 15:02:18 | 000,009,636 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2010.09.24 15:41:34 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2010.09.23 00:27:52 | 000,223,990 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.09.18 00:17:02 | 000,002,888 | ---- | C] () -- C:\Windows\System32\atipblag.dat
 
========== LOP Check ==========
 
[2012.09.02 22:58:33 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\PictureMover
[2012.09.02 22:54:45 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Stardock
[2012.09.02 22:54:40 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Synaptics
[2009.07.14 06:53:46 | 000,005,156 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Code:
ATTFilter
OTL Extras logfile created on: 04.09.2012 19:50:34 - Run 1
OTL by OldTimer - Version 3.2.60.0     Folder = C:\Users\Andy\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,60 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 55,99% Memory free
5,21 Gb Paging File | 3,83 Gb Available in Paging File | 73,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 446,84 Gb Total Space | 415,49 Gb Free Space | 92,98% Space Free | Partition Type: NTFS
Drive D: | 18,62 Gb Total Space | 2,33 Gb Free Space | 12,49% Space Free | Partition Type: NTFS
 
Computer Name: GRUBDERS | User Name: Andy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1359BB26-D3D3-4423-8C50-49A3C09F50DB}" = rport=137 | protocol=17 | dir=out | app=system | 
"{1AF8F494-797E-423F-94DD-FEA16388ED14}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{26F71287-FB88-4F05-B40F-A507CB87A081}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{2EE8DDEC-1FB9-472F-8136-64727A372CC2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{461CCEDC-C695-4C24-8098-BD642CFA236D}" = lport=139 | protocol=6 | dir=in | app=system | 
"{48BBC61D-AA22-4447-83F0-9990228F7626}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{4DADA779-1196-45BA-BE43-CB3A3D83546E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4E619DEB-AD6B-4D29-9408-9A9E99DD89B4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{5630C602-C41F-49F9-A8E4-957D499300DA}" = rport=445 | protocol=6 | dir=out | app=system | 
"{5A8A436A-A0E6-4913-B276-A68329974063}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{5C0DE6B0-B36A-4CEC-9D1D-3D3E96647D0F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8AC7B7BD-3CF3-4F49-84D1-B6D43B82D352}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9D841936-2BA0-499C-B525-05C35E97230C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A96F49F7-2C95-4484-81AE-090C516D8997}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B2E34103-EA7B-4114-927B-4DC22F84538B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BAE1ABCC-10CF-4ED6-8FCE-2E97F627DAFF}" = rport=138 | protocol=17 | dir=out | app=system | 
"{C3102A08-712A-49E2-AA12-76FBA46E433A}" = lport=445 | protocol=6 | dir=in | app=system | 
"{D51FE85D-1990-4A15-A739-F4EC5BFB82BD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E0A510C8-985D-436D-9225-6AB3F094EE2D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E6AE84A1-6B68-4324-8CA9-607181125626}" = lport=137 | protocol=17 | dir=in | app=system | 
"{F291A60A-8E72-4477-B6FD-DBAEFB71CD75}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F8B75589-2435-45F9-B5BC-E141B9035836}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FBC4295C-1C37-4ED0-832A-E67B90CBDD2B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{115AC699-16E9-4342-92CA-86AE2F160AF2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{1CE04EB8-5E28-4E53-B972-02FA24B4BA51}" = protocol=6 | dir=in | app=c:\program files\easybits for kids\programs\my first browser\myfirstbrowser.exe | 
"{35C978FF-8E06-47E1-957A-5DCA41BF953A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{37DF1D61-7E1B-4C26-97F0-1271B067E398}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3A52A4C5-5F6B-4B0C-9655-8CA625A60641}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr8.exe | 
"{6666692E-5C2A-473F-9898-C50727CF4AAD}" = dir=in | app=c:\program files\hewlett-packard\hp clouddrive\zumodrive.exe | 
"{723373B7-5623-4549-B33E-2DD7FBA5512A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{752B8BC3-C9B9-4400-A204-C9F1FAB30CC6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{81B729C6-A1AC-4B4E-A02B-4FA7D41D8BF1}" = protocol=6 | dir=out | app=system | 
"{86DD7BE3-49A2-465F-A550-EE63B129D503}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8FBBD271-45AA-4591-8DC4-2ADC87A50921}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{94230FAF-BCA6-467F-A7FA-E5C2FC07779A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A7552B3E-C7AD-4883-8E5E-9E0AB292536F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{B356EA62-C026-478D-A6C2-419E0C7D09C3}" = dir=in | app=c:\program files\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe | 
"{B3C81820-05CE-4C13-8093-955E1A6D1C7C}" = dir=out | app=c:\program files\hewlett-packard\hp clouddrive\zumodrive.exe | 
"{C0A1E5B5-68A4-4500-A48A-1BB021979A17}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C5FD9D1D-437A-405C-AE29-B96DAD65E8BB}" = dir=in | app=c:\program files\hewlett-packard\mediasmart\photo\hpmediasmartphoto.exe | 
"{D0A3A979-70A8-40A3-B611-EA710CB5BEF3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D0B5AF0A-B189-4C8F-BD6B-D72E16B19696}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{DBFB7ACD-F0C6-4000-ABDE-A5EA97EA7A30}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E9547B5E-2AD5-4EA7-A4AC-A794955446F0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{F095A95D-D7EE-4222-98D6-EEA9FF58755F}" = protocol=17 | dir=in | app=c:\program files\easybits for kids\programs\my first browser\myfirstbrowser.exe | 
"{F5B34FB0-F523-4AF4-9956-5680CACBBA57}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe | 
"{F609D8B9-28D6-4EB9-B6F7-498E9ED409A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F9F24A2F-C515-44E6-8EA9-4ADAFC41540A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{FD0588CE-CD8D-4D66-940C-03F8DC437A56}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B674336-6374-B29B-C5AF-C89E3CAB64A7}" = CCC Help Thai
"{0BFF1302-ADE5-9EFB-C0B7-D5D31837C8EC}" = CCC Help Spanish
"{0D9ADF08-1BAC-AD8D-BA31-BF575E7F1008}" = CCC Help Japanese
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences Pro
"{14213933-B31D-0433-E903-963E06FE577E}" = AMD Fuel
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1C8BEECD-87F4-44A6-B7F4-C738922B0C2E}" = HP Software Framework
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{214A5B65-5432-F3C2-BFF2-EA793713C463}" = CCC Help Hungarian
"{21BA06AB-7619-F86C-3DCD-904860A8F57A}" = CCC Help Italian
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26DC39B4-88B0-52AE-7FD7-9B50011F2DED}" = ATI Catalyst Install Manager
"{28375E61-16A8-48E0-9BF5-07B313A001B8}" = HP Documentation
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{28C6DBD4-3B0A-0B96-6AC4-92B61D901DA7}" = Catalyst Control Center Localization All
"{2B4C6DE8-AE91-743A-103D-22C0B183057B}" = CCC Help Czech
"{2E076B90-57E0-97A8-0B58-436935683B15}" = CCC Help Russian
"{301AFE5D-74CB-DD97-CA3E-8CFA4B30D2F7}" = WMV9/VC-1 Video Playback
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{394FA67A-FF0A-4356-BB77-D85E5A300BDE}" = HP QuickWeb Installer
"{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}" = Adobe Shockwave Player 11.5
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D92520A-CA63-4CC8-BB4F-DE5E09E50E01}" = HP MediaSmart SmartMenu
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{467A5C10-8152-6FBA-03F5-2BE95B8A1B73}" = CCC Help Danish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50324109-3BD7-B267-E00E-7FD01CB88D43}" = CCC Help Portuguese
"{52DE3AF0-1C26-4258-9A04-9AEBF3E145F7}" = Catalyst Control Center - Branding
"{53469506-A37E-4314-A9D9-38724EC23A75}" = HP Setup
"{54415FFC-4AB0-B66F-CC2A-C0A3CE1D002E}" = CCC Help Norwegian
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{626B5918-B395-4B69-A06B-14C3EB1C3942}" = HP Quick Launch
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77C4850C-3592-4A2F-B652-ACB77A1EF77C}" = Bing Bar Platform
"{79AB1DC0-89B1-5125-8374-404AC780F32B}" = CCC Help English
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7C9B9A96-BF31-A19C-B517-1618A1E62A56}" = ccc-utility
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{9EA86AD9-FB32-4B9E-BD56-3068F9B8031F}" = HP Wireless Assistant
"{A15FCAAF-6FA9-331F-BEBE-C4F49A2EAFED}" = CCC Help Dutch
"{A3CDC601-4840-C0FE-702A-C898DF56B3CA}" = CCC Help French
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83540E9-9A19-434B-51FB-BD301000086F}" = Catalyst Control Center InstallProxy
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.3 MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AF306BD8-F9D1-4627-89B9-246E59074A05}" = HP Power Manager
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{BB253F06-91BA-34C4-5D40-6FA7F01CAEEC}" = CCC Help Korean
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BDCCD186-DE1F-F443-62C2-C888AE111D74}" = CCC Help German
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{CA6EDFBB-B76A-4785-A606-B1B64685869E}" = HP 3D DriveGuard
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CE4A6D41-0094-C56C-26A3-AF8A16C6D459}" = Catalyst Control Center Profiles Mobile
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEB8DD3E-546A-77FE-AF2A-79F9088DE458}" = CCC Help Finnish
"{CEE8C1C1-2C92-9CB3-8636-2080865E0BB2}" = CCC Help Greek
"{D046F248-D151-CEB4-095D-CD10F66D1F56}" = CCC Help Swedish
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D782F0AC-8036-E194-1A97-3C3261378466}" = Catalyst Control Center Graphics Previews Common
"{DF7141BA-7CAB-5488-CB92-986822210200}" = CCC Help Polish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EA96FE3A-2D81-4AEE-6D74-A47BDA29C060}" = CCC Help Chinese Traditional
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF5B2C16-D640-8E94-DA95-B48A07F7C4D5}" = CCC Help Chinese Standard
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FCD89426-8409-2394-06EA-679DB494C68F}" = ccc-core-static
"1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1" = Ralink Motorola BC8 Bluetooth 3.0+HS Adapter
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"EasyBits Magic Desktop" = Magic Desktop
"Fences Pro" = Fences Pro
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"My HP Game Console" = HP Game Console
"NIS" = Norton Internet Security
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087330" = Bounce Symphony
"WT087361" = FATE
"WT087380" = John Deere Drive Green
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087480" = Insaniquarium Deluxe
"WT087485" = Jewel Quest II
"WT087490" = Jewel Quest Solitaire
"WT087501" = Plants vs. Zombies
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087519" = Wedding Dash
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089303" = Build-a-Lot - The Elizabethan Era
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"ZumoDrive" = HP CloudDrive
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-535257029-1864070408-591601880-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 03.09.2012 00:21:25 | Computer Name = Grubders | Source = ESENT | ID = 215
Description = WinMail (4552) WindowsMail0: Die Sicherung wurde abgebrochen, weil
 sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
 wurde.
 
[ HP Wireless Assistant Events ]
Error - 02.09.2012 16:49:52 | Computer Name = Grubders | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 System.Management.ManagementBaseObject.get_Item(String propertyName)     bei HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 02.09.2012 16:50:00 | Computer Name = Grubders | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 System.Management.ManagementBaseObject.get_Item(String propertyName)     bei HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 02.09.2012 16:51:08 | Computer Name = Grubders | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 System.Management.ManagementBaseObject.get_Item(String propertyName)     bei HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 02.09.2012 16:51:16 | Computer Name = Grubders | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 System.Management.ManagementBaseObject.get_Item(String propertyName)     bei HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 02.09.2012 16:52:23 | Computer Name = Grubders | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 System.Management.ManagementBaseObject.get_Item(String propertyName)     bei HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 02.09.2012 16:52:31 | Computer Name = Grubders | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 System.Management.ManagementBaseObject.get_Item(String propertyName)     bei HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 02.09.2012 16:53:39 | Computer Name = Grubders | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 System.Management.ManagementBaseObject.get_Item(String propertyName)     bei HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 02.09.2012 16:53:46 | Computer Name = Grubders | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 System.Management.ManagementBaseObject.get_Item(String propertyName)     bei HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 02.09.2012 16:54:54 | Computer Name = Grubders | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 System.Management.ManagementBaseObject.get_Item(String propertyName)     bei HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 02.09.2012 16:55:02 | Computer Name = Grubders | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 System.Management.ManagementBaseObject.get_Item(String propertyName)     bei HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
[ System Events ]
Error - 02.09.2012 16:55:02 | Computer Name = Grubders | Source = DCOM | ID = 10009
Description = 
 
Error - 02.09.2012 18:10:35 | Computer Name = Grubders | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler 
beendet:   %%32
 
Error - 02.09.2012 18:15:21 | Computer Name = Grubders | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler 
beendet:   %%16405
 
Error - 02.09.2012 18:18:42 | Computer Name = Grubders | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für
 Internet Explorer*8 für Windows*7 (KB2598845)
 
Error - 02.09.2012 18:18:43 | Computer Name = Grubders | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Update für Windows 7 (KB2703157)
 
Error - 02.09.2012 18:18:43 | Computer Name = Grubders | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Internet Explorer 8 unter
 Windows 7 (KB2544521)
 
Error - 02.09.2012 19:44:29 | Computer Name = Grubders | Source = WMPNetworkSvc | ID = 866321
Description = 
 
Error - 02.09.2012 19:44:29 | Computer Name = Grubders | Source = WMPNetworkSvc | ID = 866317
Description = 
 
Error - 02.09.2012 19:44:29 | Computer Name = Grubders | Source = WMPNetworkSvc | ID = 866321
Description = 
 
Error - 02.09.2012 19:44:29 | Computer Name = Grubders | Source = WMPNetworkSvc | ID = 866317
Description = 
 
 
< End of report >
wie gehts weiter?

frage am rande: ich habe das backup mit dem easy transfer gemacht und danach waren die viren auf der externen festplatte zu finden, habe diese dann mehrfach formatiert, aber drauf sind sie immer noch.
danach habe ich die daten einzeln rüberkopiert. (ordner für ordner)
wenn ich sie wieder auf den laptop kopiere, sind die dann auch wieder da? sind ja eigentlich nur daten und keine systemdateien...
Geändert von andyy1404 (04.09.2012 um 19:41 Uhr)

Alt 04.09.2012, 20:18   #20
t'john
/// Helfer-Team
 
Polizei Virus Österreich - Standard

Polizei Virus Österreich


sieht gut aus

Java aktualisieren

Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 7 ) herunter laden.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Hacken gesetzt ist und klicke OK.
  • Klicke erneut OK.


Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html

Danach poste (kopieren und einfuegen) mir, was du hier angezeigt bekommst: PluginCheck



Java deaktivieren

Aufgrund derezeitigen Sicherheitsluecke:

http://www.trojaner-board.de/122961-...ktivieren.html

Danach poste mir (kopieren und einfuegen), was du hier angezeigt bekommst: PluginCheck



Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html
PC wird immer langsamer - was tun?

__________________
Mfg, t'john
Das TB unterstützen

Alt 04.09.2012, 21:32   #21
andyy1404
 
Polizei Virus Österreich - Standard

Polizei Virus Österreich


PluginCheck 1

Der PluginCheck hilft die größten Sicherheitslücken beim Surfen im Internet zu schliessen.
Überprüft wird: Browser, Flash, Java und Adobe Reader Version.
Chrome 21.0.1180.89 ist aktuell
Flash 11,3,31,232 ist veraltet!
Aktualisieren Sie bitte auf die neueste Version!

Java (1,7,0,7) ist aktuell.
undefined

PluginCheck2

Der PluginCheck hilft die größten Sicherheitslücken beim Surfen im Internet zu schliessen.
Überprüft wird: Browser, Flash, Java und Adobe Reader Version.
Chrome 21.0.1180.89 ist aktuell
Flash 11,3,31,232 ist veraltet!
Aktualisieren Sie bitte auf die neueste Version!

Java ist nicht Installiert oder nicht aktiviert.
undefined

Alt 05.09.2012, 14:04   #22
t'john
/// Helfer-Team
 
Polizei Virus Österreich - Standard

Polizei Virus Österreich


Sehr gut!

damit bist Du sauber und entlassen!

adwCleaner entfernen

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Uninstall.
  • Bestätige mit Ja.




Tool-Bereinigung mit OTL


Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
  • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
  • Speichere es auf Deinem Desktop.
  • Doppelklick auf OTL.exe um das Programm auszuführen.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Klicke auf den Button "Bereinigung"
  • OTL fragt eventuell nach einem Neustart.
    Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.


Zurücksetzen der Sicherheitszonen

Lasse die Sicherheitszonen wieder zurücksetzen, da diese manipuliert wurden um den Browser für weitere Angriffe zu öffnen.
Gehe dabei so vor: http://www.trojaner-board.de/111805-...ecksetzen.html


Systemwiederherstellungen leeren

Damit der Rechner nicht mit einer infizierten Systemwiederherstellung erneut infiziert werden kann, muessen wir diese leeren. Dazu schalten wir sie einmal aus und dann wieder ein:
Systemwiederherstellung deaktivieren Tutorial fuer Windows XP, Windows Vista, Windows 7
Danach wieder aktivieren.


Aufräumen mit CCleaner

Lasse mit CCleaner (Download) (Anleitung) Fehler in der

  • Registry beheben (mehrmals, solange bis keine Fehler mehr gefunden werden) und
  • temporäre Dateien löschen.




Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html
PC wird immer langsamer - was tun?
__________________
Mfg, t'john
Das TB unterstützen

Alt 07.09.2012, 06:42   #23
andyy1404
 
Polizei Virus Österreich - Standard

Polizei Virus Österreich




Herzlichen Dank für deine Hilfe!
Antwort
Seite 2 von 2 1 2

Themen zu Polizei Virus Österreich
aktiviere, antivirenprogramm, avira, bedingt, benutzer, checkliste, cleaner, entfern, gefunde, gelöscht, gmer, inter, interne, internet, malwarebyte, menge, nicht mehr, polizei, polizei virus, programm, starte, startet, virus, woche, Österreich


« VLC.de - Startfenster und möglicher Trojaner? | GVU Trojaner "Ihr Compuer wurde aus einem oder mehreren der unten aufgeführtenGründe gesperrt" 100€ Zahlungsaufforderung »


Ähnliche Themen: Polizei Virus Österreich


  1. Polizei Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 09.09.2013 (2)
  2. Polizei Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 24.04.2013 (24)
  3. Polizei Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 26.10.2012 (4)
  4. Polizei Virus Österreich vom 23.10.12
    Log-Analyse und Auswertung - 25.10.2012 (1)
  5. Polizei Virus Österreich
    Log-Analyse und Auswertung - 13.10.2012 (2)
  6. Österreich Polizei Virus
    Log-Analyse und Auswertung - 05.10.2012 (4)
  7. polizei virus österreich
    Log-Analyse und Auswertung - 22.09.2012 (1)
  8. Polizei Virus Österreich
    Log-Analyse und Auswertung - 16.09.2012 (32)
  9. Polizei Virus Österreich
    Log-Analyse und Auswertung - 14.09.2012 (13)
  10. Polizei Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 03.09.2012 (3)
  11. Polizei Virus - 100 EUR Österreich
    Log-Analyse und Auswertung - 25.08.2012 (5)
  12. Polizei Virus Österreich
    Log-Analyse und Auswertung - 19.08.2012 (4)
  13. Polizei Virus Österreich
    Log-Analyse und Auswertung - 14.08.2012 (13)
  14. Polizei-Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (26)
  15. Polizei 5.2 Virus Österreich
    Log-Analyse und Auswertung - 26.07.2012 (2)
  16. Polizei Virus Österreich
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (3)
  17. Polizei Österreich Virus
    Log-Analyse und Auswertung - 04.07.2012 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Polizei Virus Österreich - Bitte mal ausfuehren: http://www.trojaner-board.de/72874-s...eparieren.html Danach: - neustarten nochmal versuchen - Polizei Virus Österreich...
Archiv
Du betrachtest: Polizei Virus Österreich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55