| |
| |||||||
Log-Analyse und Auswertung: Komme immer auf die Seite von Click CompareWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.06.2013, 13:06
| #16 |
| /// the machine /// TB-Ausbilder    |  Komme immer auf die Seite von Click Compare Software vom Stick deinstallieren und neu installieren. Bitte OTL.txt posten, nicht die Extras. Einfach OTL öffnen, QuickScan machen, posten 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.06.2013, 13:16
| #17 |
 | Komme immer auf die Seite von Click Compare Sorry. Fehler meinerseits. Hier also die OTL
__________________Code:
ATTFilter OTL logfile created on: 08.06.2013 13:34:30 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pelka\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,90 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 55,31% Memory free 7,79 Gb Paging File | 5,83 Gb Available in Paging File | 74,77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 906,24 Gb Total Space | 717,01 Gb Free Space | 79,12% Space Free | Partition Type: NTFS Drive D: | 186,26 Gb Total Space | 125,31 Gb Free Space | 67,28% Space Free | Partition Type: FAT32 Computer Name: PELKA-PC | User Name: Pelka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Pelka\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe () PRC - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Nero AG) PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Windows\jmesoft\hotkey.exe (Lenovo) PRC - C:\Windows\SysWOW64\UMonit.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Windows\jmesoft\JME_LOAD.exe () PRC - C:\Windows\jmesoft\Service.exe () PRC - C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe () PRC - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe () PRC - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (CyberLink) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\346a7a67978cead8e2ff52c6d80bbeb7\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\500a8ae2a5d27132d87ccac9f97b0069\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Windows\SysWOW64\UMonit.exe () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\EPOEMDll.dll () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\EPWizRes.dll () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\Epwizard.DLL () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\Epfunct.DLL () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\Eputil.DLL () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\Imagutil.DLL () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaDRS.dll () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll () MOD - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll () MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll () MOD - C:\Windows\SysWOW64\LXEAsmr.dll () MOD - C:\Windows\SysWOW64\LXEAsm.dll () ========== Services (SafeList) ========== SRV:64bit: - (lxea_device) -- C:\Windows\SysNative\lxeacoms.exe ( ) SRV:64bit: - (lxeaCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxeaserv.exe () SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (HTCMonitorService) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Nero AG) SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (JME Keyboard) -- C:\Windows\jmesoft\Service.exe () SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (MSCamSvc) -- C:\Programme\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation) SRV - (lxeaCATSCustConnectService) -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe () SRV - (lxea_device) -- C:\Windows\SysWOW64\lxeacoms.exe ( ) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AVerAF35) -- C:\Windows\SysNative\drivers\AVerAF35.sys (AVerMedia TECHNOLOGIES, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (rusb3xhc) -- C:\Windows\SysNative\drivers\rusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (rusb3hub) -- C:\Windows\SysNative\drivers\rusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (GeneStor) -- C:\Windows\SysNative\drivers\GeneStor.sys (GenesysLogic) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (RTL2832UUSB) -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys (REALTEK SEMICONDUCTOR Corp.) DRV:64bit: - (RTL2832UBDA) -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys (REALTEK SEMICONDUCTOR Corp.) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (RTL2832U_IRHID) -- C:\Windows\SysNative\drivers\RTL2832U_IRHID.sys (Realtek) DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: %7Bdd3d7613-0246-469d-bc65-2a3cc1668adc%7D:0.7.1.1 FF - prefs.js..extensions.enabledAddons: fmconverter%40gmail.com:1.0.0 FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.5.9.20130411104515 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013.02.24 12:53:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.23 11:33:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.23 11:32:55 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.23 11:33:00 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.23 11:32:55 | 000,000,000 | ---D | M] [2012.12.08 18:29:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pelka\AppData\Roaming\Mozilla\Extensions [2013.06.06 10:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\extensions [2013.05.24 12:54:39 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012.12.09 19:34:15 | 000,000,000 | ---D | M] (Foxdie) -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\extensions\Foxdie@tanjihay.com [2013.05.26 22:57:43 | 000,548,052 | ---- | M] () (No name found) -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\extensions\{29852C08-1E91-4889-A6BF-C77F91D6A8F3}.xpi [2013.05.23 22:31:27 | 001,052,136 | ---- | M] () (No name found) -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\extensions\{aa26583b-4c35-4729-913e-156956078824}.xpi [2013.06.05 20:58:20 | 003,365,099 | ---- | M] () (No name found) -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi [2013.05.09 12:36:37 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.12.16 19:33:11 | 000,016,192 | ---- | M] () (No name found) -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi [2013.04.23 15:17:20 | 001,079,638 | ---- | M] () (No name found) -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}.xpi [2013.03.16 13:55:41 | 000,001,287 | ---- | M] () -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\searchplugins\ashampoo-de-customized-web-search-1.xml [2013.01.26 13:42:17 | 000,001,287 | ---- | M] () -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\searchplugins\ashampoo-de-customized-web-search.xml [2013.04.15 09:47:02 | 000,002,251 | ---- | M] () -- C:\Users\Pelka\AppData\Roaming\Mozilla\Firefox\Profiles\9xgn5dzn.default\searchplugins\gutscheinsuche.xml [2013.05.23 11:33:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.05.23 11:33:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.02.24 12:53:58 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX O1 HOSTS File: ([2013.06.08 10:49:03 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [lxeamon.exe] C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe () O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [UMonit] C:\Windows\SysWOW64\UMonit.exe () O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [jmekey] C:\Windows\jmesoft\hotkey.exe (Lenovo) O4 - HKLM..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe () O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.) O4 - HKLM..\Run: [LVT] C:\Program Files\Lenovo\LVT\LJYZ.exe (Lenovo) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - Startup: C:\Users\Pelka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Pelka\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube Download - C:\Users\Pelka\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5343DD81-9A83-4F98-8EB9-B1BAAB6306A4}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{808BEA1A-3238-4701-B701-4C2A77843536}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.08 12:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2013.06.08 12:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2013.06.08 10:59:13 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.06.08 10:49:04 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2013.06.08 10:40:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.06.08 10:40:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.06.08 10:40:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.06.08 10:35:30 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.06.08 10:35:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.06.08 10:32:14 | 005,078,746 | R--- | C] (Swearware) -- C:\Users\Pelka\Desktop\ComboFix.exe [2013.06.07 14:20:43 | 000,000,000 | ---D | C] -- C:\Users\Pelka\Desktop\SecurityCheck(1) [2013.06.07 10:26:55 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Pelka\Desktop\JRT(1).exe [2013.06.06 16:21:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pelka\Desktop\OTL.exe [2013.06.06 11:12:00 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.06.06 11:11:48 | 000,000,000 | ---D | C] -- C:\JRT [2013.06.02 20:11:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.06.02 18:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0 [2013.06.02 18:31:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2013.06.02 18:31:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2013.06.02 18:31:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch [2013.06.02 14:18:14 | 000,000,000 | ---D | C] -- C:\Users\Pelka\Desktop\SD Karte [2013.06.01 21:41:18 | 000,000,000 | ---D | C] -- C:\Windows\pss [2013.05.27 23:12:27 | 000,000,000 | ---D | C] -- C:\Users\Pelka\Desktop\Witzbilder [2013.05.27 10:07:47 | 000,000,000 | ---D | C] -- C:\PS_CS2_Gr_NonRet [2013.05.25 00:19:37 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.05.25 00:19:37 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.05.25 00:19:37 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.05.25 00:19:37 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.05.25 00:19:37 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.05.25 00:19:37 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.05.25 00:19:37 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.05.25 00:19:37 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.05.25 00:19:37 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.05.25 00:19:37 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.05.25 00:19:37 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.05.25 00:19:36 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.25 00:19:36 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.05.25 00:19:36 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.05.25 00:19:36 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.05.25 00:19:36 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.05.25 00:19:36 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.05.25 00:19:36 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.25 00:19:36 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.05.25 00:19:36 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.25 00:19:36 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.05.25 00:19:36 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.25 00:19:36 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.05.25 00:19:36 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.25 00:19:36 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.05.25 00:19:36 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.05.25 00:19:36 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.25 00:19:36 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.05.25 00:19:36 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.05.25 00:19:36 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.05.25 00:19:36 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.05.25 00:19:36 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.05.25 00:19:36 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.05.25 00:19:36 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.05.25 00:19:36 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.05.25 00:19:36 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.05.25 00:19:36 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.05.25 00:19:36 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.05.25 00:19:36 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.25 00:19:36 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.05.25 00:19:36 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.05.25 00:19:36 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.05.25 00:19:36 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.05.25 00:19:36 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.05.25 00:19:36 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.25 00:19:36 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.05.25 00:19:36 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.05.25 00:19:36 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.05.25 00:19:36 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.05.25 00:19:36 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.05.25 00:19:36 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.05.25 00:19:36 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.05.25 00:19:36 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.25 00:19:36 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.05.25 00:19:36 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.05.25 00:19:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.25 00:19:36 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.25 00:19:36 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.05.25 00:19:36 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.05.25 00:19:36 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.05.25 00:19:36 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.05.25 00:19:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.25 00:19:36 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.05.25 00:19:36 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.05.25 00:19:36 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.05.25 00:19:36 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.05.25 00:19:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.05.25 00:19:35 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.05.24 19:59:44 | 000,000,000 | ---D | C] -- C:\Users\Pelka\AppData\Roaming\Subversion [2013.05.24 19:58:47 | 000,000,000 | ---D | C] -- C:\Users\Pelka\AppData\Roaming\fltk.org [2013.05.24 19:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\fltk.org [2013.05.24 19:58:37 | 000,000,000 | ---D | C] -- C:\Users\Pelka\AppData\Roaming\flightgear.org [2013.05.24 19:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\flightgear.org [2013.05.24 13:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo! [2013.05.24 12:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! [2013.05.23 12:00:49 | 000,000,000 | ---D | C] -- C:\Users\Pelka\Desktop\Neuer Ordner [2013.05.23 11:32:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.05.22 14:23:35 | 000,000,000 | ---D | C] -- C:\Users\Pelka\Desktop\Fotoklau [2013.05.20 20:32:29 | 000,000,000 | ---D | C] -- C:\Users\Pelka\Desktop\Ostkapelle 2013 [2013.05.19 18:23:59 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.05.19 18:23:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.05.19 18:23:51 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.05.19 18:23:51 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.05.19 18:23:50 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.05.19 18:23:50 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013.05.19 18:23:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013.05.13 11:26:45 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.05.13 11:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.05.13 11:26:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.05.10 20:43:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage [2013.05.10 18:09:56 | 000,000,000 | ---D | C] -- C:\Users\Pelka\AppData\Roaming\.oit [2013.05.10 18:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kroll Ontrack [2013.05.10 18:03:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kroll Ontrack [2013.05.10 17:39:52 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unicows.dll [2013.05.10 17:36:23 | 000,232,680 | ---- | C] (REALTEK SEMICONDUCTOR Corp.) -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys [2013.05.10 17:36:23 | 000,039,528 | ---- | C] (REALTEK SEMICONDUCTOR Corp.) -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys [2013.05.10 13:46:07 | 000,044,320 | ---- | C] (Realtek) -- C:\Windows\SysNative\drivers\RTL2832U_IRHID.sys [2013.05.09 19:40:41 | 000,804,736 | ---- | C] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Windows\SysNative\drivers\AVerAF35.sys [1 C:\Users\Pelka\*.tmp files -> C:\Users\Pelka\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.08 13:00:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.08 12:58:05 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.08 12:51:24 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2013.06.08 12:27:09 | 000,031,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.08 12:27:09 | 000,031,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.08 12:24:10 | 001,777,080 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.08 12:24:10 | 000,763,398 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.08 12:24:10 | 000,706,712 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.08 12:24:10 | 000,170,534 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.08 12:24:10 | 000,138,800 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.08 12:20:04 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.08 12:19:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.08 12:19:29 | 3138,551,808 | -HS- | M] () -- C:\hiberfil.sys [2013.06.08 10:49:03 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.06.08 10:32:16 | 005,078,746 | R--- | M] (Swearware) -- C:\Users\Pelka\Desktop\ComboFix.exe [2013.06.07 10:26:56 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Pelka\Desktop\JRT(1).exe [2013.06.07 10:18:14 | 000,640,135 | ---- | M] () -- C:\Users\Pelka\Desktop\adwcleaner(1).exe [2013.06.06 16:21:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pelka\Desktop\OTL.exe [2013.06.03 12:12:05 | 000,000,017 | ---- | M] () -- C:\Users\Pelka\AppData\Local\resmon.resmoncfg [2013.06.02 20:11:28 | 316,112,775 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.05.28 08:33:07 | 005,021,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.27 10:26:02 | 000,002,045 | ---- | M] () -- C:\Users\Pelka\Desktop\Adobe Photoshop CS2.lnk [2013.05.25 00:19:37 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.05.25 00:19:37 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.05.25 00:19:37 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.05.25 00:19:37 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.05.25 00:19:37 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.05.25 00:19:37 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.05.25 00:19:37 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.05.25 00:19:37 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.05.25 00:19:37 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.05.25 00:19:37 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.05.25 00:19:37 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.05.25 00:19:36 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.25 00:19:36 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.05.25 00:19:36 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.05.25 00:19:36 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.05.25 00:19:36 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.05.25 00:19:36 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.05.25 00:19:36 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.25 00:19:36 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.05.25 00:19:36 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.25 00:19:36 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.05.25 00:19:36 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.25 00:19:36 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.05.25 00:19:36 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.25 00:19:36 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.05.25 00:19:36 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.05.25 00:19:36 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.25 00:19:36 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.05.25 00:19:36 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.05.25 00:19:36 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.05.25 00:19:36 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.05.25 00:19:36 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.05.25 00:19:36 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.05.25 00:19:36 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.05.25 00:19:36 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.05.25 00:19:36 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.05.25 00:19:36 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.05.25 00:19:36 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.05.25 00:19:36 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.25 00:19:36 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.05.25 00:19:36 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.05.25 00:19:36 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.05.25 00:19:36 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.05.25 00:19:36 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.05.25 00:19:36 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.25 00:19:36 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.05.25 00:19:36 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.05.25 00:19:36 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.05.25 00:19:36 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.05.25 00:19:36 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.05.25 00:19:36 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.05.25 00:19:36 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.05.25 00:19:36 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.25 00:19:36 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.05.25 00:19:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.05.25 00:19:36 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.25 00:19:36 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.25 00:19:36 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.05.25 00:19:36 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.05.25 00:19:36 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.05.25 00:19:36 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.05.25 00:19:36 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.25 00:19:36 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.05.25 00:19:36 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.05.25 00:19:36 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.05.25 00:19:36 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.05.25 00:19:36 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.05.25 00:19:36 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.05.25 00:19:36 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.05.25 00:19:35 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.05.23 11:56:59 | 000,038,408 | ---- | M] () -- C:\Users\Pelka\AppData\Roaming\Microsoft Excel.ADR [2013.05.20 11:18:20 | 000,002,697 | ---- | M] () -- C:\Users\Pelka\AppData\Local\recently-used.xbel [2013.05.19 20:00:15 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.19 20:00:15 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [1 C:\Users\Pelka\*.tmp files -> C:\Users\Pelka\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.08 12:51:24 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif [2013.06.08 12:51:15 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2013.06.08 10:40:10 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.06.08 10:40:10 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.06.08 10:40:10 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.06.08 10:40:10 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.06.08 10:40:10 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.06.07 10:18:12 | 000,640,135 | ---- | C] () -- C:\Users\Pelka\Desktop\adwcleaner(1).exe [2013.06.03 12:12:05 | 000,000,017 | ---- | C] () -- C:\Users\Pelka\AppData\Local\resmon.resmoncfg [2013.06.02 20:11:28 | 316,112,775 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.05.27 10:26:02 | 000,002,045 | ---- | C] () -- C:\Users\Pelka\Desktop\Adobe Photoshop CS2.lnk [2013.05.27 10:11:34 | 000,002,042 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk [2013.05.27 10:11:33 | 000,002,045 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk [2013.05.25 00:19:36 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.05.25 00:19:36 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.05.23 11:56:59 | 000,038,408 | ---- | C] () -- C:\Users\Pelka\AppData\Roaming\Microsoft Excel.ADR [2013.05.20 11:18:20 | 000,002,697 | ---- | C] () -- C:\Users\Pelka\AppData\Local\recently-used.xbel [2013.05.04 12:43:20 | 008,677,490 | ---- | C] () -- C:\Program Files\kompozer-0.8b1-win32.zip [2013.04.06 16:44:22 | 000,000,132 | ---- | C] () -- C:\Users\Pelka\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2013.03.28 13:07:02 | 001,796,434 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.02.24 12:42:07 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2013.01.30 14:27:23 | 001,456,640 | ---- | C] () -- C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi [2013.01.26 12:17:50 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll [2013.01.20 13:57:04 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012.12.30 15:03:41 | 000,038,423 | ---- | C] () -- C:\Users\Pelka\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2012.12.29 07:03:41 | 000,005,120 | ---- | C] () -- C:\Users\Pelka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.12.18 23:09:24 | 000,310,031 | ---- | C] () -- C:\Users\Pelka\.TransferManager.db [2012.12.16 17:47:23 | 000,000,064 | ---- | C] () -- C:\Windows\AVerText.ini [2012.12.11 12:22:21 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaserv.dll [2012.12.11 12:22:21 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeausb1.dll [2012.12.11 12:22:21 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacomc.dll [2012.12.11 12:22:21 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeahbn3.dll [2012.12.11 12:22:21 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeapmui.dll [2012.12.11 12:22:21 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacoms.exe [2012.12.11 12:22:21 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxealmpm.dll [2012.12.11 12:22:21 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacfg.exe [2012.12.11 12:22:21 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacomm.dll [2012.12.11 12:22:21 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeainpa.dll [2012.12.11 12:22:21 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeacomx.dll [2012.12.11 12:22:21 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaiesc.dll [2012.12.11 12:22:21 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\LXEAinst.dll [2012.12.11 12:22:21 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaih.exe [2012.12.11 12:22:21 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxeains.dll [2012.12.11 12:22:21 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxeainsb.dll [2012.12.11 12:22:21 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeacu.dll [2012.12.11 12:22:21 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\lxeainsr.dll [2012.12.11 12:22:21 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeacub.dll [2012.12.11 12:22:21 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxeajswr.dll [2012.12.11 12:22:21 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeacur.dll [2012.12.11 12:21:55 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEAsm.dll [2012.12.11 12:21:55 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\LXEAsmr.dll [2012.12.08 18:14:05 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2012.12.08 18:04:58 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat [2012.11.21 20:33:42 | 000,321,288 | ---- | C] () -- C:\Program Files (x86)\Common Files\Sanpya.ttf [2012.05.19 17:42:49 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\ustor.dll [2012.05.19 17:42:49 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\UMonit.exe [2012.05.19 17:42:47 | 000,172,097 | ---- | C] () -- C:\Windows\SysWow64\NoMSGuninstall.exe [2012.05.19 17:42:47 | 000,000,840 | ---- | C] () -- C:\Windows\SysWow64\ProductName.ini [2012.05.19 17:42:47 | 000,000,187 | ---- | C] () -- C:\Windows\SysWow64\IconCfg0.ini [2011.12.23 08:52:36 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.12.23 08:52:29 | 000,261,196 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.12.23 08:52:21 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.12.23 08:52:16 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.12.23 08:52:08 | 013,168,640 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011.12.08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2013.06.08 10:35:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{2fed2b32-2840-d15e-5ae1-dbcef8de8bb8}\L [2013.06.08 10:35:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{2fed2b32-2840-d15e-5ae1-dbcef8de8bb8}\U [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
08.06.2013, 16:17
| #18 |
| /// the machine /// TB-Ausbilder | Komme immer auf die Seite von Click CompareFixen mit OTL
Code:
ATTFilter :OTL
[2013.06.08 10:35:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{2fed2b32-2840-d15e-5ae1-dbcef8de8bb8}\L
[2013.06.08 10:35:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{2fed2b32-2840-d15e-5ae1-dbcef8de8bb8}\U
Noch probleme?
__________________ |
|
08.06.2013, 21:44
| #19 |
| | Komme immer auf die Seite von Click Compare So, das hab ich, obwohl mit das mit dem Fix wirklich ein wenig schnell ging und der Rechner auch keinen Neustart haben wollte. Ich hoffe, ich habe alles richtig gemacht. Gruß Barbara Code:
ATTFilter ========== OTL ==========
C:\Windows\Installer\{2fed2b32-2840-d15e-5ae1-dbcef8de8bb8}\L folder moved successfully.
C:\Windows\Installer\{2fed2b32-2840-d15e-5ae1-dbcef8de8bb8}\U folder moved successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 06082013_223850
|
|
09.06.2013, 06:43
| #20 |
| /// the machine /// TB-Ausbilder | Komme immer auf die Seite von Click Compare Jap alles perfekt. Noch Probleme mit dem Rechner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.06.2013, 12:18
| #21 |
| | Komme immer auf die Seite von Click Compare Jawohl, alles super. Vielen herzlichen Dank für deine Hilfe. Ich finde es großartig, wie ihr das macht und werde es auch gerne honorieren. Allerdings habe ich noch weitere Probleme. Ich habe ein Microsoft-Surface RT und da sind auch Worte verlinkt. Habe noch nicht draugeklickt aber es sieht genauso aus wie der Mist von Click-Compare. Das Tablet hatte nie direkten Kontakt zum Rechner, habe nur einmal Fotos per Kartenleser und SD-Karte übertragen. Ansonsten benutzt das Tablet nur das heimische W-LAN und hat den Internet-Explorer drauf. (Auf dem normalen Rechner läuft Firefox 21). Ist vielleicht der W-LAN Router verseucht? Und: Noch immer kann ich die Reste von AVerTV nicht deinstallieren. Hier erscheint immer die Fehlermeldung: "1628: Skript-basierte Installation kann nicht abgeschlossen werden." Ich denke mal, das ist auch der Grund dafür, das ich die ARC-Soft Software nicht installieren kann. Weiterhin lassen nicht deinstallieren: -Open Office -Tune up Utilities Muss ich für diese Probleme jeweils neue Themen erstellen oder können wir hier weitermachen? Erstmal wieder ganz lieben Dank. LG Barbara |
|
09.06.2013, 12:27
| #22 |
| /// the machine /// TB-Ausbilder | Komme immer auf die Seite von Click Compare Das machen wir alles hier Revo Uninstaller Pro - Uninstall Software, Remove Programs easily, Forced Uninstall, Leftovers Uninstaller Lad dir von da die Trial-Version von Revo, versuch damit zu deinstallieren, mit dem Button Uninstall. danach dann mit "Average" nach Überresten suchen lassen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.06.2013, 14:51
| #23 |
| | Komme immer auf die Seite von Click Compare WOW Dieses REVO ist ja ein super Programm. Ich bin begeistert aber auch ziemlich geschockt gewesen, in wieviel Dateien sich dieses Tuneup eingeschlichen hat. Aber es ging wirklich sehr gut. Nun bin ich leider blond und weiß mit AVERAGE nichts anzufangen. Ist das bei REVO dabei oder muss ich das woanders runterladen? Meine Hoffnung hat sich leider nicht bestätigt. Der Total Media Stick geht leider immer noch nicht. Aber alles der Reihe nach. Jedenfalls bin ich froh, das die Programme schonmal weg sind. Vielen Dank dafür. LG Barbara |
|
09.06.2013, 15:27
| #24 |
| /// the machine /// TB-Ausbilder | Komme immer auf die Seite von Click Compare Konntest Du die Software vom Stick nun deinstallieren? Average ist eine Funktion in Revo: Du wählst ein Programm klickst Uninstall Revo startet den programm-eigenen Uninstaller dann bietet dir Revo an nach Überresten zu suchen Leicht - Moderat - average (erweitert) Nutz die starke Funktion und lösch alle angegebenen Überreste.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.06.2013, 15:49
| #25 |
| | Komme immer auf die Seite von Click Compare OK, den Average Modus habe ich auch genommen. Dann ist doch da alles in Ordnung. Wie ich allerdings die Software vom Stick bekomme ist mir nicht klar. Die ist doch auf der CD, oder? Wenn ich den Stick einstecke, wird er mir ja nicht angezeigt. Was muss ich denn da machen? Oder stell ich mich da wirklich ein wenig "blond" an?  |
|
09.06.2013, 16:16
| #26 | |
| /// the machine /// TB-Ausbilder | Komme immer auf die Seite von Click CompareZitat:
Konntest Du diese nun deinstallieren? Kein Scriptfehler mehr wie die ganze Zeit?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.06.2013, 16:30
| #27 |
| | Komme immer auf die Seite von Click Compare Alles klar, ich habe verstanden. Die Software habe ich deinstalliert und nach den Programmen von dir noch einmal installiert. Allerdings bekomme ich da auch immer eine Fehlermeldung. (siehe Anhang) Da muss doch irgendwas im Hintergrund laufen, oder? Leider gibt es bei Trekstor bzw. ARCsoft keine Software zum Download. Ich habe aber schon eine Mail an den Support geschickt. Vielleicht ist ja irgendwas bei der Software nicht in Ordnung. LG Barbara |
|
09.06.2013, 16:33
| #28 |
| /// the machine /// TB-Ausbilder | Komme immer auf die Seite von Click Compare Gib mir mal bitte Marke/Modell von dem Stick. Ist der Stick bzw die Software das einzige Problem welches noch vorhanden ist?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.06.2013, 16:47
| #29 |
| | Komme immer auf die Seite von Click Compare Ok. Also bis auf das Surface ist es das einzige Problem, was noch da ist. Aber ihr seid ja für Trojaner zuständig und ich will euch auch nicht auf die Nerven gehen. Also: Es handelt sich um ein Trekstor DVBT Stick Terres 2.0 (DVBT | DAB+ | FM) ArcSoft Total Media Seriennummer: xx Brauchst du noch weitere Angaben? |
|
09.06.2013, 16:48
| #30 |
| /// the machine /// TB-Ausbilder | Komme immer auf die Seite von Click Compare Ich hab mal die Seriennummer editiert die gehört hier nicht hin  Was genau meinste mit Surface?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Komme immer auf die Seite von Click Compare |
| administratorkonto, berechtigung, click, click compare, compare, ebenfalls, ergebnisse, garnicht, gesuch, gesuchte, google, häufig, immer wieder, link, mehrer, meldung, plötzlich, problem, schei, seite, seiten, sobald, stelle, symbolleiste, verweise, verweisen |
Textbox. 
Linear-Darstellung
