Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
NIchts geht mehr: Downloads nicht möglich - 0 kB

NIchts geht mehr: Downloads nicht möglich - 0 kB


Plagegeister aller Art und deren Bekämpfung: NIchts geht mehr: Downloads nicht möglich - 0 kB

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.04.2013, 14:15   #1
sambiene
 
NIchts geht mehr: Downloads nicht möglich - 0 kB - Standard

NIchts geht mehr: Downloads nicht möglich - 0 kB


Seit einer Woche geht nichts mehr: Downloads beginnen bei 60 Kb/s und fahren runter auf 0. Firefox lädt Seiten ganz langsam oder gar nicht. Spybot und Malwarebytes melden keine Viren. Seit gestern habe ich mir auch von V06 auf dem Browser eingefangen. Dazu kommt, dass ich eigentlich überhaupt keine Ahnung habe, was da auf dem Computer überhaupt vor sich geht. In meiner Verzweiflung habe ich mir sogar TuneUp gekauft ... aber wieder entfernt.

Logfiles habe ich jetzt mal nach bestem Wissen und Gewissen über OTL erstellt. Ich weiß nicht, ob ich alles richtig gemacht habe. Defogger hat Finish gesagt und wartet jetzt auf die Eingabe Enabled.
Ich trau mich nicht, den Rechner runterzufahren oder vom Netz zu gehen.

Außerdem habe ich versucht Gmer.exe zu öffnen und erhalte die Meldung, dass die Version nicht kompatibel ist. Ich bin verweifelt und eigentlich in Panik. Wenn ich etwas nicht richtig gemacht habe, bitte sagt mir, was ich tun muss ....OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 21.04.2013 14:10:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\cf\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,61 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 56,10% Memory free
9,01 Gb Paging File | 6,79 Gb Available in Paging File | 75,32% Paging File free
Paging file location(s): c:\pagefile.sys 5536 5536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919,57 Gb Total Space | 853,92 Gb Free Space | 92,86% Space Free | Partition Type: NTFS
Drive D: | 11,84 Gb Total Space | 1,45 Gb Free Space | 12,23% Space Free | Partition Type: NTFS
Drive H: | 100,00 Mb Total Space | 70,22 Mb Free Space | 70,22% Space Free | Partition Type: NTFS
 
Computer Name: CF-PC | User Name: cf | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.04.21 13:58:51 | 000,050,477 | ---- | M] () -- C:\Users\cf\Downloads\Defogger.exe
PRC - [2013.04.20 22:25:22 | 000,969,280 | ---- | M] (eSafe Security Co., Ltd.) -- C:\ProgramData\eSafe\eGdpSvc.exe
PRC - [2013.04.20 02:16:40 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
PRC - [2013.04.12 02:47:01 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\MOZILLA FIREFOX\firefox.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.28 05:06:08 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.28 05:05:09 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.28 05:05:09 | 000,330,976 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
PRC - [2013.03.28 05:05:09 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012.11.13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012.11.13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012.11.13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012.11.13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012.10.05 22:57:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\cf\Downloads\OTL.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.21 13:58:51 | 000,050,477 | ---- | M] () -- C:\Users\cf\Downloads\Defogger.exe
MOD - [2013.04.20 02:16:39 | 016,032,648 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
MOD - [2013.04.12 02:47:01 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\MOZILLA FIREFOX\mozjs.dll
MOD - [2012.11.13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012.11.13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012.11.13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012.11.13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012.11.13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.12.19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.12.19 16:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012.06.01 07:36:12 | 000,350,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2010.11.20 15:25:18 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2010.11.20 15:24:57 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
SRV:64bit: - [2010.11.20 15:24:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009.07.14 03:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:64bit: - [2009.07.14 03:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:64bit: - [2009.07.14 03:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009.07.14 03:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - [2009.07.14 03:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009.07.14 03:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009.07.14 03:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2013.04.20 22:25:22 | 000,969,280 | ---- | M] (eSafe Security Co., Ltd.) [Auto | Running] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (eSafeSvc)
SRV - [2013.04.20 02:16:40 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.12 02:47:01 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.11 01:00:31 | 003,089,856 | ---- | M] (Emsisoft GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.28 05:06:08 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.28 05:05:09 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.11.20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.11.20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.11.20 14:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010.11.20 14:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.14 03:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.28 05:08:23 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.28 05:08:23 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.28 05:08:23 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.03.04 15:35:08 | 000,838,216 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.12.19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.07.29 02:37:16 | 000,051,712 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009.06.10 22:35:03 | 000,192,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\eFE5b32e.sys -- (E100B)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.04.11 10:42:40 | 000,011,434 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWow64\NULL -- (Null)
DRV - [2013.04.11 01:02:05 | 000,026,176 | ---- | M] (Emsisoft GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=wld&from=wld&uid=HitachiXHDS721010CLA632_JP2940J823EV1V23EV1VX&ts=1366489473
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=wld&from=wld&uid=HitachiXHDS721010CLA632_JP2940J823EV1V23EV1VX&ts=1366489473
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=wld&from=wld&uid=HitachiXHDS721010CLA632_JP2940J823EV1V23EV1VX&ts=0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=wld&from=wld&uid=HitachiXHDS721010CLA632_JP2940J823EV1V23EV1VX&ts=1366489473
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=wld&from=wld&uid=HitachiXHDS721010CLA632_JP2940J823EV1V23EV1VX&ts=1366489473
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=wld&from=wld&uid=HitachiXHDS721010CLA632_JP2940J823EV1V23EV1VX&ts=0
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=378850268&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=wld&from=wld&uid=HitachiXHDS721010CLA632_JP2940J823EV1V23EV1VX&ts=1366489473
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=wld&from=wld&uid=HitachiXHDS721010CLA632_JP2940J823EV1V23EV1VX&ts=1366489473
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DB C9 EF 4D 29 3B CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=wld&from=wld&uid=HitachiXHDS721010CLA632_JP2940J823EV1V23EV1VX&ts=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "qvo6"
FF - prefs.js..browser.search.order.1: "qvo6"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
FF - prefs.js..extensions.enabledAddons: anticontainer%40downthemall.net:1.2.3
FF - prefs.js..extensions.enabledAddons: %7Bc36177c0-224a-11da-8cd6-0800200c9a91%7D:3.9.81
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\components [2013.04.12 02:47:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\plugins [2013.04.12 02:46:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.04.03 11:35:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\components [2013.04.12 02:47:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\plugins [2013.04.12 02:46:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.04.03 11:35:35 | 000,000,000 | ---D | M]
 
[2013.04.09 22:09:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cf\AppData\Roaming\mozilla\Extensions
[2013.04.21 06:37:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cf\AppData\Roaming\mozilla\Firefox\Profiles\tovrfd6b.default-1366170249289\extensions
[2013.04.17 05:58:36 | 000,094,120 | ---- | M] () (No name found) -- C:\Users\cf\AppData\Roaming\mozilla\firefox\profiles\tovrfd6b.default-1366170249289\extensions\anticontainer@downthemall.net.xpi
[2013.04.20 07:36:04 | 000,177,357 | ---- | M] () (No name found) -- C:\Users\cf\AppData\Roaming\mozilla\firefox\profiles\tovrfd6b.default-1366170249289\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
[2013.04.17 05:58:36 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\cf\AppData\Roaming\mozilla\firefox\profiles\tovrfd6b.default-1366170249289\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013.04.12 02:46:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- C:\USERS\CF\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TOVRFD6B.DEFAULT-1366170249289\EXTENSIONS\SPARPILOT@SPARPILOT.COM
[2013.04.12 02:47:01 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2013.03.27 05:32:09 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.27 05:32:09 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.27 05:32:09 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.27 05:32:09 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.20 22:24:38 | 000,000,739 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
[2013.03.27 05:32:09 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.27 05:32:09 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\plugins\npdeployJava1.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\plugins\nppdf32.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\cf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\cf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\cf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\cf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\cf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.12.28 10:47:49 | 000,445,037 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.0scan.com
O1 - Hosts: 127.0.0.1    0scan.com
O1 - Hosts: 127.0.0.1    www.1000gratisproben.com
O1 - Hosts: 127.0.0.1    1000gratisproben.com
O1 - Hosts: 127.0.0.1    1001namen.com
O1 - Hosts: 127.0.0.1    www.1001namen.com
O1 - Hosts: 127.0.0.1    100888290cs.com
O1 - Hosts: 127.0.0.1    www.100888290cs.com
O1 - Hosts: 127.0.0.1    www.100sexlinks.com
O1 - Hosts: 127.0.0.1    100sexlinks.com
O1 - Hosts: 127.0.0.1    www.10sek.com
O1 - Hosts: 127.0.0.1    10sek.com
O1 - Hosts: 127.0.0.1    www.1-2005-search.com
O1 - Hosts: 127.0.0.1    1-2005-search.com
O1 - Hosts: 127.0.0.1    www.123fporn.info
O1 - Hosts: 15284 more lines...
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-5736-4205-0008-F7ED0776FB27} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DrvUpdater] C:\Users\cf\AppData\Roaming\DRPSu\DrvUpdater.exe ()
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [SpybotDeletingF2950] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [SpybotDeletingF6205] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [SpybotDeletingF8399] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{398E1D92-974B-400B-87B1-FF140C398197}: NameServer = 217.0.43.177 217.0.43.161
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.21 06:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.04.21 06:49:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.04.21 06:48:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.04.21 06:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.04.21 06:41:58 | 000,000,000 | ---D | C] -- C:\AMD
[2013.04.21 06:17:05 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Local\PC_Drivers_Headquarters
[2013.04.21 05:35:12 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2013.04.21 03:27:26 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Roaming\DRPSu
[2013.04.21 02:39:37 | 000,000,000 | ---D | C] -- C:\Users\cf\.aria2
[2013.04.21 02:38:20 | 000,000,000 | ---D | C] -- C:\DriverPack Solution
[2013.04.21 02:35:40 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Roaming\OpenCandy
[2013.04.21 02:28:51 | 000,838,216 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013.04.20 22:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.04.20 22:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\eSafe
[2013.04.20 22:23:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2013.04.20 22:17:10 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Local\Tempf4fc49743e3bd35de791560921ac2acf
[2013.04.20 22:17:09 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Roaming\eIntaller
[2013.04.20 22:02:33 | 000,000,000 | ---D | C] -- C:\Users\cf\Documents\Teledat_302_lan_dsl2-_update
[2013.04.20 22:00:50 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Local\WinZip
[2013.04.20 22:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2013.04.20 22:00:05 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2013.04.20 22:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2013.04.20 19:42:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.04.20 14:18:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2013.04.20 14:18:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\~0
[2013.04.20 07:12:54 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013.04.20 07:07:09 | 000,000,000 | ---D | C] -- C:\Users\cf\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
[2013.04.19 21:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013.04.19 14:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013.04.19 14:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.04.18 23:46:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.04.18 23:46:39 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013.04.18 23:46:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013.04.17 03:48:19 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Roaming\Malwarebytes
[2013.04.17 03:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.17 03:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.17 03:48:07 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.17 03:48:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.17 03:47:43 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Local\Programs
[2013.04.17 01:13:08 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Roaming\DriverTurbo
[2013.04.15 04:10:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Publish Data
[2013.04.15 04:10:21 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Local\Publish_Data
[2013.04.15 04:09:33 | 000,000,000 | ---D | C] -- C:\Windows\uninstall
[2013.04.15 03:11:10 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Local\Downloaded Installations
[2013.04.12 02:46:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MOZILLA FIREFOX
[2013.04.11 09:09:51 | 000,000,000 | ---D | C] -- C:\Downloads
[2013.04.10 22:02:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager
[2013.04.10 21:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweakMe!
[2013.04.10 20:49:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glarysoft
[2013.04.10 11:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\T-DSL SpeedManager
[2013.04.10 11:21:28 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Roaming\T-DSL SpeedManager
[2013.04.10 11:21:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\T-DSL SpeedManager
[2013.04.10 10:12:31 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2013.04.10 10:04:13 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Roaming\T-DSL Manager
[2013.04.10 10:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\T-DSL Manager
[2013.04.10 10:04:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\T-DSL Manager
[2013.04.09 22:09:04 | 000,000,000 | ---D | C] -- C:\Users\cf\AppData\Roaming\Mozilla
[2013.04.03 11:35:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.03.30 13:02:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ChatZum Toolbar
[2013.03.28 05:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.03.28 05:08:45 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.28 05:08:44 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.28 05:08:44 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[9 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[205 C:\Users\cf\Documents\*.tmp files -> C:\Users\cf\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.21 13:59:18 | 000,000,000 | ---- | M] () -- C:\Users\cf\defogger_reenable
[2013.04.21 13:52:22 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.21 13:41:01 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.21 13:36:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.21 06:49:22 | 001,809,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.21 06:49:22 | 000,775,892 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.21 06:49:22 | 000,715,770 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.21 06:49:22 | 000,175,328 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.21 06:49:22 | 000,142,764 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.20 22:28:27 | 000,002,257 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.04.20 22:24:38 | 000,001,393 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.20 22:00:22 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2013.04.20 19:37:05 | 000,015,824 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.20 19:37:05 | 000,015,824 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.20 19:29:02 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.04.20 19:28:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.20 17:52:44 | 000,427,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.20 07:12:54 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.04.18 23:46:50 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.04.17 03:48:12 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.15 02:46:11 | 000,000,000 | ---- | M] () -- C:\end
[2013.04.11 10:42:40 | 000,011,434 | ---- | M] () -- C:\Windows\SysWow64\NULL
[2013.04.05 10:40:33 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.04.05 07:46:19 | 000,000,898 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.03.28 05:51:46 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.03.28 05:08:23 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.28 05:08:23 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.28 05:08:23 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[9 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[205 C:\Users\cf\Documents\*.tmp files -> C:\Users\cf\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.21 13:59:18 | 000,000,000 | ---- | C] () -- C:\Users\cf\defogger_reenable
[2013.04.20 22:28:27 | 000,002,257 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.04.20 22:00:22 | 000,002,191 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2013.04.20 07:12:54 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.04.20 02:16:41 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.18 23:46:50 | 000,002,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.04.18 23:46:50 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.04.17 03:48:12 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.15 02:45:51 | 000,000,000 | ---- | C] () -- C:\end
[2013.04.11 02:30:03 | 000,001,393 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.11 02:30:02 | 000,001,405 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.04.10 12:34:24 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2013.03.30 13:01:52 | 000,000,898 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013.03.28 05:51:46 | 000,002,214 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.09.29 07:27:52 | 000,017,408 | ---- | C] () -- C:\Users\cf\AppData\Local\WebpageIcons.db
[2012.09.28 03:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.09.28 03:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.07.18 04:33:58 | 000,000,273 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.23 19:03:34 | 000,005,120 | ---- | C] () -- C:\Users\cf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.16 15:01:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.01.16 11:06:32 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.01.09 05:52:37 | 000,000,017 | ---- | C] () -- C:\Users\cf\AppData\Local\resmon.resmoncfg
[2012.01.09 03:14:40 | 001,808,052 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.04.30 11:57:50 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\Canon
[2012.08.06 03:03:46 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\driveridentifier
[2013.04.17 01:13:08 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\DriverTurbo
[2013.04.21 03:27:26 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\DRPSu
[2012.01.12 09:34:03 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\Easeware
[2013.04.20 22:17:09 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\eIntaller
[2013.04.05 10:42:22 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\inkscape
[2013.04.10 12:20:02 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\IrfanView
[2012.07.10 22:43:46 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\JonDo
[2012.02.11 16:32:02 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\LaunchPad
[2013.04.21 02:35:40 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\OpenCandy
[2012.01.09 14:08:41 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\OpenOffice.org
[2012.12.03 06:38:52 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\Opera
[2012.12.21 14:52:11 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\PDFConverterPackages
[2012.07.11 03:30:57 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\Steganos Internet Anonym 2006
[2013.03.20 05:18:46 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\Systweak
[2013.04.10 10:04:13 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\T-DSL Manager
[2013.04.10 11:21:28 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\T-DSL SpeedManager
[2012.01.09 03:56:14 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\T-Online
[2012.01.09 13:09:43 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\Thunderbird
[2013.04.11 08:23:20 | 000,000,000 | ---D | M] -- C:\Users\cf\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
< End of report >
--- --- ---

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\cf\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,61 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 56,10% Memory free
9,01 Gb Paging File | 6,79 Gb Available in Paging File | 75,32% Paging File free
Paging file location(s): c:\pagefile.sys 5536 5536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919,57 Gb Total Space | 853,92 Gb Free Space | 92,86% Space Free | Partition Type: NTFS
Drive D: | 11,84 Gb Total Space | 1,45 Gb Free Space | 12,23% Space Free | Partition Type: NTFS
Drive H: | 100,00 Mb Total Space | 70,22 Mb Free Space | 70,22% Space Free | Partition Type: NTFS

Computer Name: CF-PC | User Name: cf | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\MOZILLA FIREFOX\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008B1C63-5037-40F4-B6BC-6EC57DEF44AD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1AB12D67-9C1D-4FDA-9304-875457A84D93}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B9F17A2-03EE-4510-9A7A-A119E35093B6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3BA0ABD0-610A-41C1-906C-9F95CDBE7D1F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{54307578-116D-4E08-826A-C1F9195F69E7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{69A36ABE-BB10-4801-ABB8-229D6553A9DA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DE2E1F86-142F-4ED4-B10A-EAEE9E3C72C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E9290694-F1F6-4B93-ACCB-486993C0D05F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16F86E8F-3DEE-4126-B728-A315EEACC37C}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla thunderbird\thunderbird.exe |
"{742339EE-C124-4710-A28E-DCFCCA819597}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A0ED2F53-1E08-41E5-9AC9-8B545494D4A8}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla thunderbird\thunderbird.exe |
"{FA3494A1-BB48-46F9-B254-1286397ADFFE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"TCP Query User{3CB4E513-CF11-453D-A8B5-112CEC647275}C:\users\cf\appdata\local\temp\drpsu13\tools\aria2c.exe" = protocol=6 | dir=in | app=c:\users\cf\appdata\local\temp\drpsu13\tools\aria2c.exe |
"UDP Query User{0D1F1637-C2B5-416B-82F7-22CD988AF454}C:\users\cf\appdata\local\temp\drpsu13\tools\aria2c.exe" = protocol=17 | dir=in | app=c:\users\cf\appdata\local\temp\drpsu13\tools\aria2c.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008C42A1-FB22-7DB4-618F-08E2C5059C0C}" = ccc-utility64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series" = Canon MX870 series MP Drivers
"{1F266B69-F56D-7CD8-D90B-C47F2051A95A}" = AMD Fuel
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{338CE2A1-7BD6-AC18-0069-4A90F7C3D836}" = AMD Steady Video Plug-In
"{393D3B4C-1F95-CDD2-4F0A-395D99D5F553}" = AMD Accelerated Video Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{53A19094-2C04-A9B9-7309-3E92152D4845}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{C0FFB192-3484-9AA0-7505-3A5B6688752F}" = AMD Media Foundation Decoders
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}" = WinZip 17.0
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{00040407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{1050A3D4-BC3B-4443-BD60-68C2BAE65EF4}" = CCC Help English
"{1321BDD4-C5FC-BCFA-F281-7C66D5DE187F}" = CCC Help French
"{1D6DF721-54B7-6AA4-2050-7E286CCE13E8}" = AMD VISION Engine Control Center
"{1EF73F13-8A60-7910-A59D-8F62A8BCD47D}" = CCC Help Swedish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22E62B37-5D05-C5AD-F53E-691342495A45}" = CCC Help Spanish
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{23528772-43DB-1E20-E845-DB1CE00FBB10}" = CCC Help Danish
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{56364334-9530-11D2-BFFC-00C04FA329AA}" = Microsoft Works 2000
"{5F32FD5A-6F9D-50FD-1896-0AEC107DE5D0}" = CCC Help Portuguese
"{60AAE030-8621-5187-F7CF-41A241698407}" = CCC Help Dutch
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{619DC4E1-DA11-48A1-4587-4E3E3D02D103}" = Catalyst Control Center Graphics Previews Common
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D2EFF3B-B191-4B1F-8ABF-C4A8028DB8CF}" = Alcor Micro USB Card Reader
"{6F05E0AC-22D3-BE6E-05DD-623504F54FB2}" = CCC Help Chinese Standard
"{7668B02B-DDDA-A67C-F86B-9D1061DD08CD}" = CCC Help Hungarian
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BA420C3-3629-2AD6-19D0-0A6E27D6B782}" = CCC Help Thai
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.3.0
"{8EFA9357-75F9-EF3D-B7F9-BC913BA8DAC5}" = CCC Help Norwegian
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91DA5EBA-C240-289B-0AB4-6604CDE6A27F}" = CCC Help Czech
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9711CA3C-614D-5B3B-E10F-062FD292075E}" = CCC Help Italian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FCBD98D-F8B3-6ECC-5293-9C28817E3269}" = Catalyst Control Center InstallProxy
"{A0B1B905-88E8-CBBB-C936-0FFECD06BBDC}" = Catalyst Control Center Localization All
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF749638-8C8C-84E8-DA4A-37D014824E33}" = CCC Help German
"{B0B4575E-EB62-1BDC-994A-A42ED7E8FF46}" = CCC Help Greek
"{B1504E18-0D34-1554-20FB-2BF6459D4683}" = CCC Help Russian
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B90B9B89-2B62-B281-25C3-A59B189C249F}" = CCC Help Finnish
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5ED3F69-3A6D-EA6E-EE57-342C0274FE5F}" = CCC Help Japanese
"{DBD353DB-F37D-3CBB-65A7-0B3BA8634263}" = CCC Help Turkish
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE6EBBD2-C278-5F48-B021-C9314ABE7593}" = CCC Help Korean
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5C1211F-8F5E-B4BE-8046-3BB6B7944BA0}" = CCC Help Polish
"{FA115E3B-1A2D-F0F1-52CE-99D1BD346C08}" = CCC Help Chinese Traditional
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon MX870 series Benutzerregistrierung" = Canon MX870 series Benutzerregistrierung
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"enormasoft Kalender" = enormasoft Kalender
"eSafeSecControl" = eSafe Security Control 1.0.0.1982
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Google Chrome" = Google Chrome
"Inkscape" = Inkscape 0.48.2
"InstallShield_{6D2EFF3B-B191-4B1F-8ABF-C4A8028DB8CF}" = Alcor Micro USB Card Reader
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mozilla Thunderbird 17.0.5 (x86 de)" = Mozilla Thunderbird 17.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.1" = Canon MP Navigator EX 3.1
"Speed Dial Utility" = Canon Kurzwahlprogramm
"Winload Toolbar" = Winload Toolbar
"Zattoo4" = Zattoo4 4.0.5

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19.04.2013 21:00:11 | Computer Name = cf-PC | Source = VSS | ID = 8193
Description =

Error - 19.04.2013 21:00:11 | Computer Name = cf-PC | Source = System Restore | ID = 8193
Description =

Error - 20.04.2013 07:33:39 | Computer Name = cf-PC | Source = RasClient | ID = 20227
Description =

Error - 20.04.2013 08:45:50 | Computer Name = cf-PC | Source = RasClient | ID = 20227
Description =

Error - 20.04.2013 08:46:28 | Computer Name = cf-PC | Source = RasClient | ID = 20227
Description =

Error - 20.04.2013 12:53:52 | Computer Name = cf-PC | Source = RasClient | ID = 20227
Description =

Error - 20.04.2013 13:20:53 | Computer Name = cf-PC | Source = RasClient | ID = 20227
Description =

Error - 20.04.2013 13:21:06 | Computer Name = cf-PC | Source = RasClient | ID = 20227
Description =

Error - 20.04.2013 17:01:02 | Computer Name = cf-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\WinZip\adxloader.dll.Manifest".
Fehler in Manifest- oder Richtliniendatei "C:\Program Files\WinZip\adxloader.dll.Manifest"
in Zeile 2. Das Stammelement der Manifestdatei muss assembliert sein.

Error - 20.04.2013 23:36:09 | Computer Name = cf-PC | Source = RasClient | ID = 20227
Description =

Error - 20.04.2013 23:36:45 | Computer Name = cf-PC | Source = RasClient | ID = 20227
Description =

Error - 21.04.2013 00:14:29 | Computer Name = cf-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Windows-Explorer" konnte nicht heruntergefahren
werden.

[ Spybot - Search and Destroy Events ]
Error - 18.04.2013 18:54:08 | Computer Name = cf-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 21.04.2013 06:12:34 | Computer Name = cf-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

[ System Events ]
Error - 20.04.2013 07:36:31 | Computer Name = cf-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 20.04.2013 08:47:48 | Computer Name = cf-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 20.04.2013 08:47:54 | Computer Name = cf-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 20.04.2013 08:47:55 | Computer Name = cf-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 20.04.2013 11:52:40 | Computer Name = cf-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Emsisoft Anti-Malware 6.6 - Service erreicht.

Error - 20.04.2013 11:52:40 | Computer Name = cf-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Emsisoft Anti-Malware 6.6 - Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053

Error - 20.04.2013 11:53:05 | Computer Name = cf-PC | Source = SNMP | ID = 16713180
Description = Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration
ist ein Fehler aufgetreten.

Error - 20.04.2013 13:28:58 | Computer Name = cf-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Emsisoft Anti-Malware 6.6 - Service erreicht.

Error - 20.04.2013 13:28:58 | Computer Name = cf-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Emsisoft Anti-Malware 6.6 - Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053

Error - 20.04.2013 13:29:29 | Computer Name = cf-PC | Source = SNMP | ID = 16713180
Description = Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration
ist ein Fehler aufgetreten.


< End of report >

Ich probiere es jetzt seit Stunden GMER runterzuladen. Wenn es denn mal gelingt, die Datei vollständig runterzuholen (für die paar KB braucht meine Kiste ewig), dann krieg ich ständig die Meldung, dass das keine gültige Win-32-Anwendung ist.

Hilfe, was mach ich falsch ???

Alt 21.04.2013, 23:28   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
NIchts geht mehr: Downloads nicht möglich - 0 kB - Standard

NIchts geht mehr: Downloads nicht möglich - 0 kB


Hallo und

Die Ursache kann auch eine andere sein als Schädlingsbefall

Ich würde erstmal versuchen rauszufinden, ob das nur unter Windows so ist, oder auch mit anderen Betriebssystemen.

So kann man sehen ob sich da ein Hardwareproblem abzeichnet oder der Fehler eher in der Konfig in Windows und/oder im Dateisystem ist.

Lad dir mal sowas wie Knoppix oder Xubuntu herunter, brenn die iso Datei per Imagebrennfunktion auf eine CD und boote den Rechner davon.
Teste dann mal ausgiebig die Internetverbindung unter Linux und berichte ob die Verbindung und das System dort normal schnell oder auch langsam ist.
__________________

__________________
Alt 22.04.2013, 08:05   #3
sambiene
 
NIchts geht mehr: Downloads nicht möglich - 0 kB - Standard

NIchts geht mehr: Downloads nicht möglich - 0 kB


WOW !!!!
Vielen, vielen herzlichen Dank, Cosinus ... das ist es !!
Mein Rechner ist gerade mal ein Jahr alt, deshalb wäre ich niemals auf die Idee gekommen, dass es sich um ein Hardwareproblem handeln könnte.
Habe gleich mal meinen alten Rechner angeschlossen und siehe da ... es funzt wie nix !
Jetzt muss ich nur noch dahinterkommen, was es sein könnte .. Geräte-Manager zeigt nix an!

Gibt es ne Idee, wie man dieses verflixte Qov6-Dingensbumens wieder los wird? Habe firefox schon zurückgesetzt, in der Chronik "diese web-site vergessen lassen", Startseiten-Änderung nützt nix, Erweiterung löschen -> nix, Suchmaschinen verwalten -> nix. Kein Virenscanner (Spybot, Malwarebyter, AntiVir) zeigt was an. Das Ding ist lästig wie ein Hautausschlag.
__________________
Alt 22.04.2013, 11:24   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
NIchts geht mehr: Downloads nicht möglich - 0 kB - Standard

NIchts geht mehr: Downloads nicht möglich - 0 kB


Warum setzt du nicht meinen Vorschlag um?
Du solltest den Problemrechner mit einem Live-Linux testen. Nur so kannst du sehen ob der Problemrechner ein zerlegtest Windows hat oder defekte Hardware oder so. Das kannst du doch nicht feststellen indem du mit einem anderen Rechner deine Internetleitung testest
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 22.04.2013, 20:16   #5
sambiene
 
NIchts geht mehr: Downloads nicht möglich - 0 kB - Standard

NIchts geht mehr: Downloads nicht möglich - 0 kB


Klar, hast recht ! ABER: Ich habe nebenbei einen totsterbenskranken Hund hier, den ich ständig versorgen muss und noch so ein paar "Kleinigkeiten".
Durch Deinen Tipp bin ich überhaupt erst darauf gekommen, dass ich meinen Uralt-XP aus dem Keller holen könnte. Und wie gesagt: Erstmal funzt es! Um meinen Win7-Rechner kümmere ich mich später, wenn ich etwas Luft habe und dann führe ich selbstverständlich Deinen Vorschlag aus. Bis dahin bin ich aber erstmal gottfroh und Dir sehr dankbar. Kannste sicher verstehen, denn auf dieses Linux-Test-Dings muss ich mich konzentrieren ....
? Ich melde mich sicher zeitnah nochmals dazu !


Antwort

Themen zu NIchts geht mehr: Downloads nicht möglich - 0 kB
adobe reader xi, antivir, autorun, avira, bho, browser, computer, desktop, dsl, emsisoft, error, fehler, firefox, flash player, free download, home, iexplore.exe, install.exe, installation, langsam, mozilla, nicht möglich, plug-in, realtek, registry, registry cleaner, richtlinie, rundll, safer networking, scan, security, software, svchost.exe, windows, windows-explorer, winload toolbar


« Tastaturen-Wahnsinn | AppData // Roaming Virus.exe? »


Ähnliche Themen: NIchts geht mehr: Downloads nicht möglich - 0 kB


  1. Virusbefall: Browser schmiert ständig ab - Keine Downloads mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 04.11.2014 (5)
  2. Keine Downloads mehr möglich und überall Werbung
    Log-Analyse und Auswertung - 21.10.2014 (28)
  3. Keine Verbindungen / Downloads mehr möglich - DNS Problem?
    Plagegeister aller Art und deren Bekämpfung - 28.07.2014 (5)
  4. keine downloads aus dem internet mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 02.05.2014 (20)
  5. Keine Downloads mehr möglich! Was tun?
    Plagegeister aller Art und deren Bekämpfung - 23.01.2014 (3)
  6. keine Downloads mehr möglich Win7 (angeblich Viren enthalten)
    Plagegeister aller Art und deren Bekämpfung - 03.01.2014 (9)
  7. Kein Speichern von Downloads mehr möglich (Windows 7)
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (16)
  8. Keine Downloads mehr möglich unter Windows 7
    Plagegeister aller Art und deren Bekämpfung - 22.09.2013 (19)
  9. TR/Kazy.795 - Downloads sind nicht mehr möglich
    Log-Analyse und Auswertung - 17.09.2013 (14)
  10. Keinerlei Downloads mehr möglich mit allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 22.04.2013 (61)
  11. Verschlüsselungs Trojaner, oder doch nicht? Nichts geht mehr II
    Plagegeister aller Art und deren Bekämpfung - 07.06.2012 (7)
  12. Internet sehr langsam, kaum ein Download mehr möglich / Log file speichern geht nicht
    Log-Analyse und Auswertung - 30.05.2010 (0)
  13. Virusbefall? Im normalen Modus nichts mehr möglich; Antivir sagt nichts
    Plagegeister aller Art und deren Bekämpfung - 30.11.2009 (0)
  14. System Security / keine Downloads mehr möglich
    Mülltonne - 06.01.2009 (1)
  15. windows-update geht nicht und kein downloads auf microsoft-site möglich
    Plagegeister aller Art und deren Bekämpfung - 28.11.2008 (3)
  16. 0xc0000001 isass.exe (bootet nicht mit xp cd, abg. Modus nichts mehr geht) HILFE!!
    Plagegeister aller Art und deren Bekämpfung - 17.04.2007 (4)
  17. Internet wird immer langsamer, Downloads nicht mehr möglich!
    Log-Analyse und Auswertung - 20.07.2006 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema NIchts geht mehr: Downloads nicht möglich - 0 kB - Seit einer Woche geht nichts mehr: Downloads beginnen bei 60 Kb/s und fahren runter auf 0. Firefox lädt Seiten ganz langsam oder gar nicht. Spybot und Malwarebytes melden keine Viren. - NIchts geht mehr: Downloads nicht möglich - 0 kB...
Archiv
Du betrachtest: NIchts geht mehr: Downloads nicht möglich - 0 kB auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131