| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Live Security Platinum komplett entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
30.08.2012, 00:09
| #1 |
| |  Live Security Platinum komplett entfernen Vor zwei tagen habe ich den virus "Live Security Platinum" eingefangen. Wie ich hier gelesen habe, bin ich in den abgesicherten modus gewechselt. hier konnte ich auch wieder porgramme starten die zuvor blockiert waren. dann habe ich mir Malwarebytes gedownloadet und eine suche gestartet. leider konnten nicht alle viren entfernt werden. zudem habe ich avira und norton mehrmals durchlaufen lassen. norton findet immer die selben viren kann diese aber nicht entfernen. hier steht immer : Trojan.Gen kann nicht aus einer nicht unterstützten datei entfernt werden. das selbe ebenfalls mit Trojan.Gen.2 und W32.Spybot.Worm zusätzlich habe ich es zweimal mit der systemwiederherstellung versucht, aber ohne erfolg. nun frage ich hier um hilfe mein betriebsystem ist windows vista hoffe ihr könnt mir weiter helfen Das ist der code von der OTL.txt: Code:
ATTFilter OTL logfile created on: 30.08.2012 21:10:03 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Dulson\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,79% Memory free 4,21 Gb Paging File | 2,62 Gb Available in Paging File | 62,37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 104,33 Gb Total Space | 17,73 Gb Free Space | 17,00% Space Free | Partition Type: NTFS Drive D: | 111,79 Gb Total Space | 29,41 Gb Free Space | 26,31% Space Free | Partition Type: NTFS Drive E: | 7,45 Gb Total Space | 0,62 Gb Free Space | 8,32% Space Free | Partition Type: NTFS Computer Name: DULSON-PC | User Name: Dulson | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Dulson\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe () PRC - C:\Programme\AVG Secure Search\vprot.exe () PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Programme\SlimDrivers\SlimDrivers.exe (SlimWare Utilities, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Sandboxie\SandboxieRpcSs.exe (SANDBOXIE L.T.D) PRC - C:\Programme\Sandboxie\SandboxieDcomLaunch.exe (SANDBOXIE L.T.D) PRC - C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D) PRC - C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D) PRC - C:\Programme\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - D:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) PRC - C:\WINDOWS\System32\drivers\WTSrv.exe (Tablet Driver) PRC - C:\Programme\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe () PRC - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation) PRC - C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation) PRC - C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvc.exe () PRC - C:\WINDOWS\System32\WTClient.exe (Tablet Driver) PRC - C:\WINDOWS\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - c:\Programme\Bioscrypt\VeriSoft\Bin\asghost.exe (Cognizance Corporation) PRC - C:\Programme\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) PRC - c:\Programme\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) PRC - c:\Programme\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation) PRC - C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) ========== Modules (No Company Name) ========== MOD - C:\Programme\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll () MOD - C:\Programme\AVG Secure Search\vprot.exe () MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\WINDOWS\System32\WinTab32.dll () MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLTinyDB.dll () MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLCapEngine.dll () MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLSchMgr.dll () MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll () MOD - c:\Programme\Norton Internet Security\Norton AntiVirus\NAVShExt.loc () MOD - C:\Programme\Motorola\SMSERIAL\sm56ita.dll () MOD - C:\Programme\Motorola\SMSERIAL\sm56esp.dll () MOD - C:\Programme\Motorola\SMSERIAL\sm56brz.dll () MOD - C:\Programme\Motorola\SMSERIAL\sm56kor.dll () MOD - C:\Programme\Motorola\SMSERIAL\sm56ger.dll () MOD - C:\Programme\Motorola\SMSERIAL\sm56fra.dll () MOD - C:\Programme\Motorola\SMSERIAL\sm56dnk.dll () MOD - C:\Programme\Motorola\SMSERIAL\sm56jpn.dll () MOD - C:\Programme\Motorola\SMSERIAL\sm56cht.dll () MOD - C:\Programme\Motorola\SMSERIAL\sm56chs.dll () ========== Win32 Services (SafeList) ========== SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found SRV - (SpyHunter 4 Service) -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.) SRV - (vToolbarUpdater11.2.0) -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe () SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (xsherlock) -- C:\WINDOWS\System32\xsherlock.xem (Wellbia.com Co., Ltd.) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D) SRV - (Autodesk Licensing Service) -- C:\Programme\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (WinTabService) -- C:\WINDOWS\System32\drivers\WTSrv.exe (Tablet Driver) SRV - (mi-raysat_3dsMax2009_32) -- C:\Programme\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe () SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation) SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation) SRV - (Symantec Core LC) -- C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation) SRV - (CLSched) -- C:\Programme\HP\QuickPlay\Kernel\TV\CLSched.exe () SRV - (CLCapSvc) -- C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvc.exe () SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (ASBroker) -- c:\Programme\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll (Cognizance Corporation) SRV - (usnjsvc) -- C:\Programme\MSN Messenger\usnsvc.exe (Microsoft Corporation) SRV - (ISPwdSvc) -- c:\Programme\Norton Internet Security\isPwdSvc.exe (Symantec Corporation) SRV - (comHost) -- c:\Programme\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation) SRV - (LiveUpdate Notice Ex) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (CLTNetCnService) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccSetMgr) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccEvtMgr) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (Com4Qlb) -- C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.) SRV - (SymAppCore) -- c:\Programme\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (ASChannel) -- c:\Programme\Bioscrypt\VeriSoft\Bin\ASChnl.dll (Cognizance Corporation) ========== Driver Services (SafeList) ========== DRV - (xhunter1) -- C:\Windows\xhunter1.sys File not found DRV - (vtany) -- C:\Windows\vtany.sys File not found DRV - (Tablet2k) -- C:\Windows\System32\Drivers\Tablet2k.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found DRV - (SWDUMon) -- C:\WINDOWS\System32\drivers\SWDUMon.sys () DRV - (MBAMProtector) -- C:\WINDOWS\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (avipbb) -- C:\WINDOWS\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120526.006\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120526.006\NAVENG.SYS (Symantec Corporation) DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D) DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (nvlddmkm) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20120524.001\IDSvix86.sys (Symantec Corporation) DRV - (avkmgr) -- C:\WINDOWS\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (esgiguard) -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys () DRV - (ssmdrv) -- C:\WINDOWS\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (UCTblHid) -- C:\WINDOWS\System32\drivers\UCTblHid.sys (Tablet Driver) DRV - (SymEvent) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (PTSimBus) -- C:\WINDOWS\System32\drivers\PTSimBus.sys (PenTablet Driver) DRV - (TClass2k) -- C:\WINDOWS\System32\drivers\TClass2k.sys (Tablet Driver) DRV - (PTSimHid) -- C:\WINDOWS\System32\drivers\PTSimHid.sys (PenTablet Driver) DRV - (ATSWPDRV) -- C:\WINDOWS\System32\drivers\atswpdrv.sys (AuthenTec, Inc.) DRV - (RTL8169) -- C:\WINDOWS\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (NETw4v32) -- C:\WINDOWS\System32\drivers\NETw4v32.sys (Intel Corporation) DRV - (rimmptsk) -- C:\WINDOWS\System32\drivers\rimmptsk.sys (REDC) DRV - (rismxdp) -- C:\WINDOWS\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\WINDOWS\System32\drivers\rimsptsk.sys (REDC) DRV - (SRTSPL) -- C:\WINDOWS\System32\drivers\srtspl.sys (Symantec Corporation) DRV - (SRTSPX) -- C:\WINDOWS\System32\drivers\srtspx.sys (Symantec Corporation) DRV - (SRTSP) -- C:\WINDOWS\System32\drivers\srtsp.sys (Symantec Corporation) DRV - (SYMTDI) -- C:\WINDOWS\System32\drivers\symtdi.sys (Symantec Corporation) DRV - (SYMFW) -- C:\WINDOWS\System32\drivers\symfw.sys (Symantec Corporation) DRV - (SYMIDS) -- C:\WINDOWS\System32\drivers\symids.sys (Symantec Corporation) DRV - (SYMNDISV) -- C:\WINDOWS\System32\drivers\symndisv.sys (Symantec Corporation) DRV - (SYMREDRV) -- C:\WINDOWS\System32\drivers\symredrv.sys (Symantec Corporation) DRV - (SYMDNS) -- C:\WINDOWS\System32\drivers\symdns.sys (Symantec Corporation) DRV - (SPBBCDrv) -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (eabfiltr) -- C:\WINDOWS\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (smserial) -- C:\WINDOWS\System32\drivers\smserial.sys (Motorola Inc.) DRV - (HBtnKey) -- C:\WINDOWS\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop IE - HKLM\..\SearchScopes,DefaultScope = {2589E5E2-D928-4CF1-8A19-59E4444FBF20} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{2589E5E2-D928-4CF1-8A19-59E4444FBF20}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-495965216-148509765-2783342387-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={1D838A22-1100-42F6-AF81-D44A404B9C12}&mid=5c96f628f00247d0a49dd15262a11473-3ea5398b54a110a43354fdb0adc46442460d94c6&lang=de&ds=ts024&pr=sa&d=2012-06-24 15:27:24&v=11.1.0.7&sap=hp IE - HKU\S-1-5-21-495965216-148509765-2783342387-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-495965216-148509765-2783342387-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-495965216-148509765-2783342387-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-495965216-148509765-2783342387-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch&babsrc=SP_ss&mntrId=4ac2e401000000000000001b77c06b8a IE - HKU\S-1-5-21-495965216-148509765-2783342387-1000\..\SearchScopes\{2589E5E2-D928-4CF1-8A19-59E4444FBF20}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06 IE - HKU\S-1-5-21-495965216-148509765-2783342387-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={1D838A22-1100-42F6-AF81-D44A404B9C12}&mid=5c96f628f00247d0a49dd15262a11473-3ea5398b54a110a43354fdb0adc46442460d94c6&lang=de&ds=ts024&pr=sa&d=2012-06-24 15:27:24&v=11.1.0.7&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-495965216-148509765-2783342387-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-495965216-148509765-2783342387-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop IE - HKU\S-1-5-21-495965216-148509765-2783342387-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7Bf69c0e76-227b-48e5-9d0f-a5073ed6e490%7D&mid=5c96f628f00247d0a49dd15262a11473-3ea5398b54a110a43354fdb0adc46442460d94c6&ds=ts024&v=11.1.0.7&lang=de&pr=sa&d=2012-06-24%2015%3A27%3A24&sap=ku&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Dulson\AppData\LocalLow\Sony Online Entertainment\npsoe.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dulson\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dulson\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012.07.09 23:23:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.18 21:38:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.30 16:33:24 | 000,000,000 | ---D | M] [2012.04.30 23:20:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dulson\AppData\Roaming\mozilla\Extensions [2012.08.14 16:49:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dulson\AppData\Roaming\mozilla\Firefox\Profiles\syei3nux.default\extensions [2012.08.14 16:49:17 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Dulson\AppData\Roaming\mozilla\Firefox\Profiles\syei3nux.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.04.30 23:19:20 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.07.18 21:38:11 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.06.19 14:22:28 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.07.09 23:22:26 | 000,003,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012.06.19 14:22:28 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.19 14:22:28 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.19 14:22:28 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.19 14:22:28 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.19 14:22:28 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://isearch.avg.com/?cid={1D838A22-1100-42F6-AF81-D44A404B9C12}&mid=5c96f628f00247d0a49dd15262a11473-3ea5398b54a110a43354fdb0adc46442460d94c6&lang=de&ds=ts024&pr=sa&d=2012-06-24 15:27:24&v=11.1.0.7&sap=hp CHR - default_search_provider: AVG Secure Search (Enabled) CHR - default_search_provider: search_url = hxxp://isearch.avg.com/search?cid={1D838A22-1100-42F6-AF81-D44A404B9C12}&mid=5c96f628f00247d0a49dd15262a11473-3ea5398b54a110a43354fdb0adc46442460d94c6&lang=de&ds=ts024&pr=sa&d=2012-06-24 15:27:24&v=11.1.0.12&sap=dsp&q={searchTerms} CHR - default_search_provider: suggest_url = hxxp://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} CHR - homepage: hxxp://isearch.avg.com/?cid={1D838A22-1100-42F6-AF81-D44A404B9C12}&mid=5c96f628f00247d0a49dd15262a11473-3ea5398b54a110a43354fdb0adc46442460d94c6&lang=de&ds=ts024&pr=sa&d=2012-06-24 15:27:24&v=11.1.0.7&sap=hp CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Dulson\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dulson\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dulson\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dulson\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Google Update (Enabled) = C:\Users\Dulson\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\Dulson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Dulson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Dulson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Reg Error: Value error.) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Programme\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll () O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (VeriSoft Access Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Programme\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll (Bioscrypt Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH) O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Programme\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll () O3 - HKU\S-1-5-21-495965216-148509765-2783342387-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [CognizanceTS] c:\Programme\Bioscrypt\VeriSoft\Bin\ASTSVCC.dll (Cognizance Corporation) O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files\AVG Secure Search\HF_G_Jul.exe () O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKLM..\Run: [WTClient] C:\Windows\System32\WTClient.exe (Tablet Driver) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-495965216-148509765-2783342387-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-495965216-148509765-2783342387-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-495965216-148509765-2783342387-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks) O4 - Startup: C:\Users\Dulson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dulson\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-495965216-148509765-2783342387-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-495965216-148509765-2783342387-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-495965216-148509765-2783342387-1000\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-495965216-148509765-2783342387-1000\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.5.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.182.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1DA28028-714F-4624-A4F3-3EF97FE4FAF9}: DhcpNameServer = 192.168.182.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll () O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (APSHook.dll) - C:\Windows\System32\APSHook.dll (Cognizance Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\HPRadiance.jpg O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\HPRadiance.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.03.30 20:54:35 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ] O33 - MountPoints2\{b5f5fff0-7030-11e1-9372-001b2445fd80}\Shell - "" = AutoRun O33 - MountPoints2\{b5f5fff0-7030-11e1-9372-001b2445fd80}\Shell\AutoRun\command - "" = G:\Startme.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.08.30 16:00:39 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Dulson\Desktop\OTL.exe [2012.08.28 14:26:04 | 000,000,000 | ---D | C] -- C:\Users\Dulson\AppData\Roaming\Malwarebytes [2012.08.28 14:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.08.28 14:25:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.08.28 14:25:51 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.08.28 14:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.08.28 01:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012.08.28 01:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.08.28 01:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012.08.27 21:57:05 | 000,000,000 | ---D | C] -- C:\Users\Dulson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter [2012.08.27 21:57:02 | 000,000,000 | ---D | C] -- C:\sh4ldr [2012.08.27 21:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2012.08.27 21:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2012.08.14 16:48:34 | 000,405,144 | ---- | C] (Newtonsoft) -- C:\Windows\System32\Newtonsoft.Json.Net20.dll [2012.08.01 00:49:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [6 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [12 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.08.30 20:38:51 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.30 20:38:51 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.30 20:25:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-495965216-148509765-2783342387-1000UA.job [2012.08.30 16:01:00 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Dulson\Desktop\OTL.exe [2012.08.30 15:44:18 | 000,000,148 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2012.08.30 15:42:34 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job [2012.08.30 15:41:36 | 000,011,232 | ---- | M] () -- C:\Windows\System32\drivers\SWDUMon.sys [2012.08.30 15:38:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.08.30 15:38:15 | 000,385,376 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.08.30 15:37:54 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys [2012.08.28 21:28:35 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.08.28 21:28:35 | 000,608,702 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.08.28 21:28:35 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.08.28 21:28:35 | 000,102,484 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.08.28 14:25:55 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.28 14:00:01 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012.08.28 14:00:01 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012.08.28 04:12:02 | 000,000,224 | ---- | M] () -- C:\Windows\WinInit.ini [2012.08.28 01:23:29 | 000,001,057 | ---- | M] () -- C:\Users\Dulson\Desktop\Spybot - Search & Destroy.lnk [2012.08.27 21:57:06 | 000,002,081 | ---- | M] () -- C:\Users\Dulson\Desktop\SpyHunter.lnk [2012.08.27 20:00:21 | 000,000,584 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Systemprüfung ausführen - Dulson.job [2012.08.27 13:25:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-495965216-148509765-2783342387-1000Core.job [2012.08.26 00:35:38 | 000,068,392 | ---- | M] () -- C:\Users\Dulson\Desktop\original.jpg [2012.08.23 20:33:48 | 000,038,392 | ---- | M] () -- C:\Users\Dulson\Desktop\Obj_CastleIN_Gate02_01.jpg [2012.08.23 20:33:48 | 000,035,713 | ---- | M] () -- C:\Users\Dulson\AppData\Local\recently-used.xbel [2012.08.22 01:18:04 | 000,002,049 | ---- | M] () -- C:\Users\Dulson\Desktop\Google Chrome.lnk [2012.08.14 16:59:40 | 002,852,941 | ---- | M] () -- C:\Users\Dulson\Desktop\Silla - Jeder Tag (prod. by RAF Camora) _ 16bars.de Videopremiere.m4a [2012.08.14 16:56:51 | 004,019,234 | ---- | M] () -- C:\Users\Dulson\Desktop\Silla - Wiederbelebt.m4a [2012.08.14 16:48:39 | 000,001,193 | ---- | M] () -- C:\Users\Dulson\Desktop\Free YouTube to MP3 Converter.lnk [2012.08.14 16:48:39 | 000,001,034 | ---- | M] () -- C:\Users\Dulson\Desktop\DVDVideoSoft Free Studio.lnk [2012.08.14 16:39:23 | 003,076,168 | ---- | M] () -- C:\Users\Dulson\Desktop\SILLA - Grauenhaft Verzerrt (HD).mp3 [2012.08.01 00:49:29 | 265,693,269 | ---- | M] () -- C:\Windows\MEMORY.DMP [6 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [12 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.08.28 14:25:55 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.28 14:00:01 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012.08.28 14:00:01 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012.08.28 01:23:29 | 000,001,057 | ---- | C] () -- C:\Users\Dulson\Desktop\Spybot - Search & Destroy.lnk [2012.08.27 21:57:06 | 000,002,081 | ---- | C] () -- C:\Users\Dulson\Desktop\SpyHunter.lnk [2012.08.26 00:35:17 | 000,068,392 | ---- | C] () -- C:\Users\Dulson\Desktop\original.jpg [2012.08.23 20:33:48 | 000,035,713 | ---- | C] () -- C:\Users\Dulson\AppData\Local\recently-used.xbel [2012.08.23 20:32:05 | 000,038,392 | ---- | C] () -- C:\Users\Dulson\Desktop\Obj_CastleIN_Gate02_01.jpg [2012.08.14 16:59:38 | 002,852,941 | ---- | C] () -- C:\Users\Dulson\Desktop\Silla - Jeder Tag (prod. by RAF Camora) _ 16bars.de Videopremiere.m4a [2012.08.14 16:56:46 | 004,019,234 | ---- | C] () -- C:\Users\Dulson\Desktop\Silla - Wiederbelebt.m4a [2012.08.14 16:38:17 | 003,076,168 | ---- | C] () -- C:\Users\Dulson\Desktop\SILLA - Grauenhaft Verzerrt (HD).mp3 [2012.08.01 00:49:01 | 265,693,269 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.07.02 00:15:02 | 000,000,045 | ---- | C] () -- C:\Users\Dulson\.gtk-bookmarks [2012.06.24 17:27:36 | 000,003,584 | ---- | C] () -- C:\Windows\Tablet10000x6250.ini [2012.06.24 15:25:54 | 000,011,232 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys [2012.06.24 15:00:39 | 000,184,320 | ---- | C] () -- C:\Windows\System32\WinTab32.dll [2012.06.24 15:00:39 | 000,047,104 | ---- | C] () -- C:\Windows\System32\UCMfg.exe [2012.06.24 15:00:39 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lhtool.exe [2012.05.07 15:22:39 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini [2012.04.13 20:02:36 | 000,001,808 | ---- | C] () -- C:\Windows\Sandboxie.ini [2012.04.07 15:34:16 | 000,003,500 | ---- | C] () -- C:\Windows\Tablet5500x4000.ini [2012.04.04 21:49:51 | 000,000,164 | ---- | C] () -- C:\ProgramData\{5CAFA1B7-9EEF-4cc7-B9F7-9DDB3DAA679E} [2012.04.04 21:49:51 | 000,000,092 | ---- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51} [2012.04.04 14:00:56 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012.04.04 14:00:56 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2012.03.22 15:34:17 | 000,005,571 | ---- | C] () -- C:\Windows\Tablet10000x6250M.ini [2012.03.21 14:51:41 | 000,003,342 | ---- | C] () -- C:\Windows\Tablet5500x4000M.ini [2012.03.18 17:35:20 | 000,010,563 | R--- | C] () -- C:\Windows\hpwscr19.dat [2012.03.18 17:29:14 | 000,202,627 | ---- | C] () -- C:\Windows\hpwins19.dat [2012.03.18 17:29:14 | 000,000,997 | R--- | C] () -- C:\Windows\hpwmdl19.dat [2012.03.14 22:54:35 | 000,020,992 | ---- | C] () -- C:\Users\Dulson\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.03.14 22:18:26 | 000,000,224 | ---- | C] () -- C:\Windows\WinInit.ini [2012.03.14 20:08:53 | 000,111,104 | ---- | C] () -- C:\Windows\System32\uharc.exe ========== LOP Check ========== [2012.04.24 14:19:25 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\Artisteer [2012.03.21 14:48:18 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\Artweaver [2012.06.02 00:57:11 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\Audacity [2012.07.28 01:32:20 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\Autodesk [2012.06.15 22:25:05 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\BitTorrent [2012.04.04 21:48:10 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\Degener [2012.08.14 16:50:12 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\DVDVideoSoft [2012.03.22 22:25:00 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\DVDVideoSoftIEHelpers [2012.04.28 16:56:51 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\FileZilla [2012.06.22 20:02:16 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\gtk-2.0 [2012.08.30 16:29:34 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\ICQ [2012.05.15 21:10:51 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\MAXON [2012.03.14 21:25:00 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\MilkShape 3D 1.x.x [2012.08.14 16:49:22 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\OpenCandy [2012.03.23 15:57:40 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\OpenOffice.org [2012.03.17 20:55:34 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\PhotoScape [2012.04.22 14:05:25 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\Publish Providers [2012.04.22 14:05:15 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\Sony [2012.06.24 15:48:03 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\SYSTEMAX Software Development [2012.03.19 16:40:50 | 000,000,000 | ---D | M] -- C:\Users\Dulson\AppData\Roaming\TeamViewer [2012.08.30 02:09:23 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.08.30 15:42:34 | 000,000,388 | ---- | M] () -- C:\Windows\Tasks\SlimDrivers Startup.job ========== Purity Check ========== ========== Files - Unicode (All) ========== [2012.07.18 15:29:20 | 000,000,000 | ---D | M](C:\Users\Dulson\Desktop\Grischa ?) -- C:\Users\Dulson\Desktop\Grischa ♥ [2012.07.18 15:17:10 | 000,000,000 | ---D | C](C:\Users\Dulson\Desktop\Grischa ?) -- C:\Users\Dulson\Desktop\Grischa ♥ [2012.07.05 14:46:47 | 005,419,404 | ---- | M] ()(C:\Users\Dulson\Desktop\????????? ?? ?????????.mp2) -- C:\Users\Dulson\Desktop\Помолимся за Родителей.mp2 [2012.07.05 14:46:46 | 004,396,284 | ---- | M] ()(C:\Users\Dulson\Desktop\???????? ??????? – ????.mp2) -- C:\Users\Dulson\Desktop\Владимир Рыкунов – ПИШУ.mp2 [2012.07.05 14:46:45 | 004,683,384 | ---- | M] ()(C:\Users\Dulson\Desktop\???????? ??????? – ?????.mp2) -- C:\Users\Dulson\Desktop\Владимир Рыкунов – ВИШНЯ.mp2 [2012.07.05 14:46:45 | 004,126,932 | ---- | M] ()(C:\Users\Dulson\Desktop\???????? ??????? – ??????????.mp2) -- C:\Users\Dulson\Desktop\Владимир Рыкунов – ПОСВЯЩЕНИЕ.mp2 [2012.06.02 00:56:46 | 005,419,404 | ---- | C] ()(C:\Users\Dulson\Desktop\????????? ?? ?????????.mp2) -- C:\Users\Dulson\Desktop\Помолимся за Родителей.mp2 [2012.06.02 00:46:45 | 004,396,284 | ---- | C] ()(C:\Users\Dulson\Desktop\???????? ??????? – ????.mp2) -- C:\Users\Dulson\Desktop\Владимир Рыкунов – ПИШУ.mp2 [2012.06.02 00:39:49 | 004,683,384 | ---- | C] ()(C:\Users\Dulson\Desktop\???????? ??????? – ?????.mp2) -- C:\Users\Dulson\Desktop\Владимир Рыкунов – ВИШНЯ.mp2 [2012.06.02 00:32:50 | 004,126,932 | ---- | C] ()(C:\Users\Dulson\Desktop\???????? ??????? – ??????????.mp2) -- C:\Users\Dulson\Desktop\Владимир Рыкунов – ПОСВЯЩЕНИЕ.mp2 < End of report > Und das von Extras.txt: Code:
ATTFilter OTL Extras logfile created on: 30.08.2012 21:10:03 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Dulson\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,79% Memory free
4,21 Gb Paging File | 2,62 Gb Available in Paging File | 62,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104,33 Gb Total Space | 17,73 Gb Free Space | 17,00% Space Free | Partition Type: NTFS
Drive D: | 111,79 Gb Total Space | 29,41 Gb Free Space | 26,31% Space Free | Partition Type: NTFS
Drive E: | 7,45 Gb Total Space | 0,62 Gb Free Space | 8,32% Space Free | Partition Type: NTFS
Computer Name: DULSON-PC | User Name: Dulson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-495965216-148509765-2783342387-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
"{0ABA40AF-288D-41F1-B735-C5155692CD7D}" = VeriSoft Access Manager
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{194C14D5-3CB0-4977-8886-A79DFC00E820}" = MSCU for Microsoft Vista
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2222706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 SDK
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A1E9CF-BFC1-4309-80CD-C182D80922DB}_is1" = Artweaver 0.5
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{290B83AA-093A-45BF-A917-D1C4A1E8D917}" = HP Active Support Library
"{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{32A3A4F4-B792-11D6-A78A-00B0D0170050}" = Java SE Development Kit 7 Update 5
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{398E8625-6F3A-4C54-B54C-28F0ABB89774}" = BPD_HPSU
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{56415658-366E-4E28-A6BD-68EC63E560E0}" = Vegas Pro 9.0
"{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5AB56552-6938-4686-9F87-DB0ED8D1E06B}" = HP User Guides 0056
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7041B037-D75B-48D9-856F-D065CFCED069}" = SlimDrivers
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{7968EB30-5580-4955-8925-4A17CD625118}" = ESU for Microsoft Vista
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{9061CEF2-51F5-42C9-8A70-9ED351C6597A}" = HP Help and Support
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1031-7B44-A80000000002}" = Adobe Reader 8 - Deutsch
"{ADAFC0B4-FC15-45D9-BAB3-BC7A8829D0C4}" = SpyHunter
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B61B6668-A674-4A06-8405-51944D5CCDDD}" = AuthenTec Fingerprint Sensor Minimum Install
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD0773D5-C18E-495c-B39B-21A96415EDD5}" = HP Officejet J4500 Series
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E8815668-95B0-443D-AC92-2BFD7DD8F16A}" = Adobe Flash Catalyst CS5
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F92AB933-9FE7-4335-92BD-D1C3BA27613C}" = 3ds max 7
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"{FDD8070F-E3B9-0409-822C-CCFE5E82C14D}" = Autodesk 3ds Max 2009 32-bit
"{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 2.0
"Audiograbber" = Audiograbber 1.83 SE
"AVG Secure Search" = AVG Security Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitTorrent" = BitTorrent
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CLICK & LEARN DiDi 360° Component Install_is1" = CLICK & LEARN DiDi 360° Component Install
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ContentaConverter-PREMIUM" = Contenta Converter PREMIUM
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"FBX Plugin 2009.0 for Max 2009" = FBX Plugin 2009.0 for Max 2009
"FileZilla Client" = FileZilla Client 3.5.3
"Free Screen Video Recorder_is1" = Free Screen Video Recorder version 2.5.24.706
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.26.706
"GIMP-2_is1" = GIMP 2.8.0
"GlobalDK" = Dekaron
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Sandboxie" = Sandboxie 3.68 (32-bit)
"Shop for HP Supplies" = Shop for HP Supplies
"Skype_is1" = Skype 2.5
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TabletDriver" = Trust Tablet Driver
"VLC media player" = VLC media player 2.0.1
"WinX Free AVI to MP4 Converter_is1" = WinX Free AVI to MP4 Converter 4.0.6
"Xvid_is1" = Xvid MPEG-4 Video Codec
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-495965216-148509765-2783342387-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SOE-DC Universe Online Live" = DC Universe Online Live
"SOE-DC Universe Online Live (2)" = DC Universe Online Live (2)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.08.2012 05:23:27 | Computer Name = Dulson-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Beast.exe, Version 1.0.0.0, Zeitstempel 0x4bbe874f,
fehlerhaftes Modul Beast.exe, Version 1.0.0.0, Zeitstempel 0x4bbe874f, Ausnahmecode
0xc0000005, Fehleroffset 0x000016eb, Prozess-ID 0x1744, Anwendungsstartzeit 01cd7c59b204b4d4.
Error - 18.08.2012 15:48:48 | Computer Name = Dulson-PC | Source = Application Hang | ID = 1002
Description = Programm CINEMA 4D.exe, Version 10.1.0.0 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1c30 Anfangszeit: 01cd7d7a5fdbe0e0 Zeitpunkt der Beendigung:
61
Error - 22.08.2012 11:34:35 | Computer Name = Dulson-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
das Problem zu suchen. Prozess-ID: ef0 Anfangszeit: 01cd807aca959ec2 Zeitpunkt der
Beendigung: 31
Error - 24.08.2012 20:46:46 | Computer Name = Dulson-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SndVol.exe, Version 6.0.6000.16386, Zeitstempel
0x4549b458, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc0000008, Fehleroffset 0x000768b0, Prozess-ID 0x1d38, Anwendungsstartzeit
01cd825954d77900.
Error - 26.08.2012 07:57:33 | Computer Name = Dulson-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
das Problem zu suchen. Prozess-ID: 1360 Anfangszeit: 01cd83817860fec0 Zeitpunkt der
Beendigung: 72
Error - 27.08.2012 15:05:56 | Computer Name = Dulson-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung regsvr32.exe, Version 6.0.6000.16386, Zeitstempel
0x4549b3c7, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc0000005, Fehleroffset 0x0003c419, Prozess-ID 0xdf4, Anwendungsstartzeit
01cd8486fae66660.
Error - 27.08.2012 15:06:16 | Computer Name = Dulson-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul kernel32.dll, Version 6.0.6000.16820, Zeitstempel
0x49952034, Ausnahmecode 0x0eedfade, Fehleroffset 0x0001b09e, Prozess-ID 0x908,
Anwendungsstartzeit 01cd8486ffa59c20.
Error - 27.08.2012 22:05:38 | Computer Name = Dulson-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
das Problem zu suchen. Prozess-ID: 15cc Anfangszeit: 01cd84a98aa535cd Zeitpunkt der
Beendigung: 314
Error - 28.08.2012 08:57:12 | Computer Name = Dulson-PC | Source = VSS | ID = 12289
Description =
Error - 28.08.2012 09:17:58 | Computer Name = Dulson-PC | Source = System Restore | ID = 8209
Description =
Error - 28.08.2012 09:42:13 | Computer Name = Dulson-PC | Source = System Restore | ID = 8209
Description =
[ System Events ]
Error - 22.03.2012 14:55:46 | Computer Name = Dulson-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 24.03.2012 19:18:18 | Computer Name = Dulson-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 24.03.2012 um 20:52:44 unerwartet heruntergefahren.
Error - 24.03.2012 19:19:22 | Computer Name = Dulson-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.03.2012 19:20:58 | Computer Name = Dulson-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 25.03.2012 13:54:44 | Computer Name = Dulson-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.03.2012 um 19:52:08 unerwartet heruntergefahren.
Error - 25.03.2012 16:36:52 | Computer Name = Dulson-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.03.2012 um 22:34:00 unerwartet heruntergefahren.
Error - 26.03.2012 05:12:31 | Computer Name = Dulson-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 26.03.2012 um 03:34:55 unerwartet heruntergefahren.
Error - 27.03.2012 06:07:21 | Computer Name = Dulson-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 27.03.2012 um 11:10:41 unerwartet heruntergefahren.
Error - 27.03.2012 06:08:51 | Computer Name = Dulson-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.03.2012 06:09:55 | Computer Name = Dulson-PC | Source = Service Control Manager | ID = 7022
Description =
< End of report >
|
| Themen zu Live Security Platinum komplett entfernen |
| 32 bit, abgesicherten, audiograbber, avg secure search, avg security toolbar, avira, betriebsystem, blockiert, cleaner pro, datei, ebenfalls, enigma, entfernen, entfernt, frage, install.exe, komplett, komplett entfernen, konnte, live, live security platinum, malwarebytes, modus, norton, ntdll.dll, nvidia update, officejet, platinum, plug-in, safer networking, secure search, security, starte, starten, suche, systemwiederherstellung, tablet, versucht, viren, virus, vtoolbarupdater, windows |
Baum-Darstellung