Mein Pc ist langsamer geworden bitte um Hilfe:(

Turkoo · 07.06.2010, 10:30

Also Mein PC ist langsamer geworden ... Habe nach Viren gesucht und habe 3 Stück gefunden ... Die Viren sind Tr/Dropper.Gen und gleich 3 mal ich habe die in Quarantäne gesteckt und von da gelöscht ... Können mir die Viren noch Probleme machen?=( bitte um Hilfe mein PC ist sehr langsam geworden Kann ich von irgendwo sehen ob ich weitere Viren in meinem PC habe?

Turkoo · 07.06.2010, 10:33

Zitat:

Export in:
Bedrohungen, die kostenlos entfernt werden (0)
Bedrohungen (18)
Niedrige Gefährdungsstufe (18)
Cookie/Apmebf Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\windows\cookies\admin@apmebf[1].txt
2. c:\users\admin\appdata\roaming\microsoft\windows\cookies\low\admin@apmebf[2].txt
Cookie/Serving... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\wind...cookies\admin@bs.serving-sys[1].txt
2. c:\users\admin\appdata\roaming\microsoft\wind...ies\low\admin@bs.serving-sys[1].txt
Cookie/Mediapl... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\windows\cookies\admin@mediaplex[1].txt
2. c:\users\admin\appdata\roaming\microsoft\wind...\cookies\low\admin@mediaplex[1].txt
Cookie/Adtech Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\windows\cookies\low\admin@adtech[1].txt
2. c:\users\admin\appdata\roaming\microsoft\windows\cookies\admin@adtech[1].txt
Cookie/Smartad... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\wind...\cookies\admin@smartadserver[2].txt
Cookie/YieldMa... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\wind...ookies\admin@ad.yieldmanager[1].txt
2. c:\users\admin\appdata\roaming\microsoft\wind...es\low\admin@ad.yieldmanager[1].txt
Cookie/Serving... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\wind...ws\cookies\admin@serving-sys[2].txt
2. c:\users\admin\appdata\roaming\microsoft\wind...ookies\low\admin@serving-sys[2].txt
Cookie/Yadro Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\windows\cookies\low\admin@yadro[2].txt
Cookie/Questio... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\wind...cookies\admin@questionmarket[2].txt
Cookie/Weboram... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\windows\cookies\admin@weborama[1].txt
Cookie/Adviva Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\windows\cookies\low\admin@adviva[2].txt
Cookie/Tradedo... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\wind...okies\low\admin@tradedoubler[2].txt
2. c:\users\admin\appdata\roaming\microsoft\wind...s\cookies\admin@tradedoubler[2].txt
Cookie/Adverti... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\wind...ookies\low\admin@advertising[1].txt
2. c:\users\admin\appdata\roaming\microsoft\wind...ws\cookies\admin@advertising[2].txt
Cookie/FastCli... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\wind...\cookies\low\admin@fastclick[1].txt
2. c:\users\admin\appdata\roaming\microsoft\windows\cookies\admin@fastclick[1].txt
Cookie/Com.com Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\windows\cookies\admin@com[1].txt
Cookie/Atlas D... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\windows\cookies\low\admin@atdmt[1].txt
2. c:\users\admin\appdata\roaming\microsoft\windows\cookies\admin@atdmt[2].txt
Cookie/Doublec... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\wind...ws\cookies\admin@doubleclick[2].txt
2. c:\users\admin\appdata\roaming\microsoft\wind...ookies\low\admin@doubleclick[1].txt
Cookie/Bluestr... Tracking Cookie
Latent
Ausblenden + Info
1. c:\users\admin\appdata\roaming\microsoft\windows\cookies\admin@bluestreak[1].txt

Ich habe von einem Freund empfohlen bekommen das ich Panda active scan2.0 ausprobieren soll ich habe jetzt 18 Bedrohungen bekommen

was soll das heissen?

kann mir irgendjemand bitte helfen

cosinus · 07.06.2010, 10:47

Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

Turkoo · 07.06.2010, 11:10

ok@ cosinus das werde ich tun = )
Das Programm sucht grad nach viren = )

Turkoo · 07.06.2010, 12:40

Zitat:

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4174

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18904

07.06.2010 13:16:00
mbam-log-2010-06-07 (13-16-00).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 331649
Laufzeit: 1 Stunde(n), 7 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Admin\Downloads\Adobe_Photoshop_CS3_Extended_v10.0_Deutsch_Portable\Files\Msvcrt.dll (Malware.Packer.Gen) -> No action taken.
C:\Users\Admin\Downloads\Adobe_Photoshop_CS3_Extended_v10.0_Deutsch_Portable\Files\Shfolder.dll (Malware.Packer.Gen) -> No action taken.

1:

2:

Und jetzt die Logfiles von OTL :

1.Logfile Extras.txt

Zitat:

Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{043D1F43-1556-42BB-AE64-20C47DD2887A}" = lport=139 | protocol=6 | dir=in | app=system |
"{09DC4E61-1096-4480-B8F7-25652E27F28D}" = rport=139 | protocol=6 | dir=out | app=system |
"{13794612-34ED-47BF-811E-C7B71AED38ED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1822E9C9-4189-4D29-944D-5352F398EF9B}" = rport=445 | protocol=6 | dir=out | app=system |
"{2A6452FE-2784-4E54-B7AF-7F27FC31F6F1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{410BF352-835F-4986-ADE1-72A183AD9596}" = lport=2869 | protocol=6 | dir=in | app=system |
"{514FA440-FD71-48C4-961B-55902C876567}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{55CC09A7-8F4E-4EF7-9CD8-397A63EBE09B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{598FC7C7-8156-42D5-ABAE-006E5E727FDC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{61A0DC41-619B-4CE3-BF57-C3DA3A2EC745}" = rport=137 | protocol=17 | dir=out | app=system |
"{694057E6-2435-4447-919E-D6701D98CDD2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{69837FB6-2891-4C53-A4B5-F027C3D672DA}" = lport=445 | protocol=6 | dir=in | app=system |
"{863E72A3-B6E4-4161-AF10-AB76B3B3E296}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AD97E78F-A324-48E5-8948-0EEF65A6DC93}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B5933FF1-0644-440D-ACE7-B7632A1A5ED5}" = lport=137 | protocol=17 | dir=in | app=system |
"{B6068931-119F-4E0B-96D6-83EB245FAE4E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B7650C40-AC0D-4995-8193-9B8BF8A28260}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C5F236DB-E98D-4F6D-8E72-D6A76B80AEA4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D055FC75-9A8A-4929-A467-0AFD2BC4AF07}" = rport=138 | protocol=17 | dir=out | app=system |
"{D604EF89-7DE7-4DEB-AF55-B2F5E5F222B9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DE28CD29-99CF-49C6-B255-8615B66DADCD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E912A49E-DBD2-4CEE-BCC5-C889567C7879}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0583D755-E967-404E-9522-1F7FA2C8D63B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1C39D89E-7469-47ED-BE75-2F4E92DD8C90}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{37B5348A-2DF9-4984-91C2-3E8E5A31B246}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4E9CDFB0-67C1-46FD-A774-8CD198B64E7C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{58EF52A1-9529-4DBF-80DD-8076DA4600CA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5BBA88DB-309C-4CCF-A31D-64938D31C746}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{6EB306B8-212A-4B12-A1EE-B9EC18F24B34}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{7EB77A50-48AF-40CE-9D3B-091B814F085B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8D3365F8-215D-45D6-AE13-BDC303BBA991}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{98DE3B20-E063-41D5-8A79-5A0E23059A9B}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{B7C4BB21-0E89-4DF6-B673-CCDD7053C49A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DF8711CD-D988-4B91-899D-573B95541ACD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F5027E8C-2013-4E46-A943-E6DDB30B49E2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{FFB598AD-97FA-4C2F-B50B-228B29BA0BC6}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"TCP Query User{EDDA270B-4CFD-4818-85FD-67F1F3B598D0}C:\users\admin\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe" = protocol=6 | dir=in | app=c:\users\admin\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe |
"UDP Query User{99888691-76D4-451B-8561-891BF6FB395D}C:\users\admin\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe" = protocol=17 | dir=in | app=c:\users\admin\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP260_series" = Canon MP260 series MP Drivers
"{20FD7CBD-26C5-410F-962F-E5ECA537ADF0}" = SymNet x64
"{2B8AD1EE-28D4-42FF-AE4B-856E5862D583}" = ccCommon64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90B5B05F-AFDA-4922-A153-45B14200BA77}" = SPBBC 64bit
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D75B1A1F-BBEC-4DF2-ACE4-9B166438A621}" = Symantec Real Time Storage Protection Component (x64)
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F303C668-7674-484A-8C04-579881C382F8}" = Norton Protection Center
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04440044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Enzyklopädie 2004
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216014F0}" = Java(TM) 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{288F9827-B2B7-4126-A3FB-9CF7BF29932C}" = HDX4 Player
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{4E5EE953-0D92-A385-E3A0-FBFCB2DE15AA}" = EA Download Manager UI
"{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}" = muvee autoProducer 6.1
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}" = Nokia Software Updater
"{DA9DAC64-C947-47BA-B411-8A1959B177CF}" = LightScribe System Software 1.14.25.1
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}" = HP Easy Setup - Frontend
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5F7CA463-F69E-414F-9532-86CC343BE46C_is1" = Registry CleanUP 4
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"AVMWLANCLI" = AVM FRITZ!WLAN
"Canon MP260 series Benutzerregistrierung" = Canon MP260 series Benutzerregistrierung
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"EA Download Manager" = EA Download Manager
"EasyBits Magic Desktop" = Magic Desktop
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"eBay Icon" = eBay Icon
"Fraps" = Fraps
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"PC-Doctor for Windows" = Hardware Diagnose Tools
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"Quest3D Viewers 3.0e_is1" = Quest3D Viewers 3.0e
"RouterControl" = RouterControl 2.0
"Shockwave" = Shockwave
"SUPER ©" = SUPER © Version 2010.bld.37 (Jan 2, 2010)
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204
"Uninstall_is1" = Uninstall 1.0.0.1
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 1.0.2
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"Works2004Setup" = Setup-Start von Microsoft Works 2004
"WT087878" = My Life Story
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Power Loader" = Power Challenge Game Plugin

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 01.06.2010 09:24:31 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung hp6.exe, Version 1.0.0.1, Zeitstempel 0x496f4981,
fehlerhaftes Modul hp6.exe, Version 1.0.0.1, Zeitstempel 0x496f4981, Ausnahmecode
0xc0000005, Fehleroffset 0x000d18f8, Prozess-ID 0x2414, Anwendungsstartzeit 01cb018d990a55d8.

Error - 02.06.2010 07:53:17 | Computer Name = Admin-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 02.06.2010 08:01:46 | Computer Name = Admin-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 02.06.2010 08:08:32 | Computer Name = Admin-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 02.06.2010 09:13:23 | Computer Name = Admin-PC | Source = Application Hang | ID = 1002
Description = Programm TS3.exe, Version 0.0.0.11195 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1754 Anfangszeit: 01cb02553c076b50 Zeitpunkt der Beendigung:
47

Error - 02.06.2010 12:45:59 | Computer Name = Admin-PC | Source = Application Hang | ID = 1002
Description = Programm TS3.exe, Version 0.0.0.11195 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 2238 Anfangszeit: 01cb02557d83a3f0 Zeitpunkt der Beendigung:
706

Error - 02.06.2010 18:36:22 | Computer Name = Admin-PC | Source = Application Hang | ID = 1002
Description = Programm TS3.exe, Version 0.0.0.11195 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: c10 Anfangszeit: 01cb02a2d812cf60 Zeitpunkt der Beendigung:
109

Error - 04.06.2010 05:16:56 | Computer Name = Admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 04.06.2010 05:27:15 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ManyCam.exe, Version 2.4.0.55, Zeitstempel 0x49e81ca9,
fehlerhaftes Modul CrashRpt.dll, Version 3.0.2.2, Zeitstempel 0x49e81c60, Ausnahmecode
0xc0000005, Fehleroffset 0x000091dd, Prozess-ID 0x378, Anwendungsstartzeit 01cb03c7e4fb5638.

Error - 06.06.2010 13:46:32 | Computer Name = Admin-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 03.03.2010 09:43:39 | Computer Name = Admin-PC | Source = HTTP | ID = 15016
Description =

Error - 08.03.2010 15:02:11 | Computer Name = Admin-PC | Source = HTTP | ID = 15016
Description =

Error - 10.03.2010 16:25:36 | Computer Name = Admin-PC | Source = HTTP | ID = 15016
Description =

Error - 10.03.2010 22:01:22 | Computer Name = Admin-PC | Source = DCOM | ID = 10005
Description =

Error - 10.03.2010 22:01:22 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 10.03.2010 22:01:22 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10.03.2010 22:01:42 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 10.03.2010 22:01:42 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10.03.2010 22:21:28 | Computer Name = Admin-PC | Source = HTTP | ID = 15016
Description =

Error - 12.03.2010 13:43:35 | Computer Name = Admin-PC | Source = HTTP | ID = 15016
Description =

< End of report >

2.Log file OTL.txt

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 07.06.2010 13:25:28 - Run 1
OTL by OldTimer - Version 3.2.5.3     Folder = C:\Users\Admin\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 44,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581,81 Gb Total Space | 413,44 Gb Free Space | 71,06% Space Free | Partition Type: NTFS
Drive D: | 14,36 Gb Total Space | 1,99 Gb Free Space | 13,85% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 5,56 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 4,63 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ADMIN-PC
Current User Name: Admin
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Admin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Electronic Arts\EADM\EADownloadManager\EADownloadManager.exe ()
PRC - C:\Program Files (x86)\Electronic Arts\EADM\EACoreServer.exe (Electronic Arts)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe ()
PRC - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Admin\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\svchost.exe ()
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Symantec Core LC) -- C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe ()
SRV - (LiveUpdate Notice) -- c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (CLTNetCnService) -- c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr) -- c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (LiveUpdate) -- c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_64) -- C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (ezSharedSvc) -- C:\WINDOWS\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (comHost) -- c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
SRV - (MSDTC) -- C:\WINDOWS\SysWOW64\Msdtc [2006.11.02 15:34:14 | 000,000,000 | ---D | M]
SRV - (vds) -- C:\WINDOWS\SysWOW64\wbem\vds.mof ()
SRV - (VSS) -- C:\WINDOWS\SysWOW64\wbem\vss.mof ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys ()
DRV:64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys ()
DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\Drivers\SYMNDISV.SYS ()
DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\SYMTDI.SYS ()
DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\Drivers\SYMFW.SYS ()
DRV:64bit: - (SYMREDRV) -- C:\Windows\SysNative\Drivers\SYMREDRV.SYS ()
DRV:64bit: - (SYMDNS) -- C:\Windows\SysNative\Drivers\SYMDNS.SYS ()
DRV:64bit: - (COH_Mon) -- C:\Windows\SysNative\Drivers\COH_Mon.sys ()
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys ()
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\DRIVERS\ManyCam_x64.sys ()
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys ()
DRV:64bit: - (SRTSPL) -- C:\Windows\SysNative\Drivers\SRTSPL64.SYS ()
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\SRTSP64.SYS ()
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\Drivers\SRTSPX64.SYS ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (usbvideo) USB-Videogerät (WDM) -- C:\Windows\SysNative\Drivers\usbvideo.sys ()
DRV:64bit: - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\SysNative\drivers\usbaudio.sys ()
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\DRIVERS\fwlanusb.sys ()
DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys ()
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100128.048\EX64.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100128.048\ENG64.SYS (Symantec Corporation)
DRV - (IDSvia64) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20100125.001\IDSviA64.sys (Symantec Corporation)
DRV - (COH_Mon) -- C:\WINDOWS\SysWOW64\drivers\COH_Mon.inf ()
DRV - (Tcpip) -- C:\WINDOWS\SysWOW64\wbem\tcpip.mof ()
DRV - (mpsdrv) -- C:\WINDOWS\SysWOW64\wbem\mpsdrv.mof ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP AOL.de - Kostenlose Email, Nachrichten & Wetter, Sport, Shopping und Star-News
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP AOL.de - Kostenlose Email, Nachrichten & Wetter, Sport, Shopping und Star-News
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP AOL.de - Kostenlose Email, Nachrichten & Wetter, Sport, Shopping und Star-News
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP AOL.de - Kostenlose Email, Nachrichten & Wetter, Sport, Shopping und Star-News
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP AOL.de - Kostenlose Email, Nachrichten & Wetter, Sport, Shopping und Star-News
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.03 16:21:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.03 16:21:35 | 000,000,000 | ---D | M]
 
[2009.10.22 22:42:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2010.06.05 01:06:24 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\y3c0rsnj.default\extensions
[2009.10.25 03:35:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\y3c0rsnj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.18 16:02:32 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\y3c0rsnj.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.02.24 20:14:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\y3c0rsnj.default\extensions\DTToolbar@toolbarnet.com
[2010.02.24 20:14:04 | 000,002,055 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\y3c0rsnj.default\searchplugins\daemon-search.xml
[2010.02.14 12:23:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2008.06.30 14:44:08 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\mozilla firefox\components\coFFPlgn.dll
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL ()
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [ccApp] c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [ManyCam] C:\Program Files (x86)\ManyCam 2.4\ManyCam.exe (ManyCam LLC)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RouterControl] C:\PROGRA~2\ROUTER~1\ROUTERCONTROL.EXE (Mirko Böer)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\WINDOWS\SysWOW64\ezShellStart.exe (EasyBits Software AS)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\WINDOWS\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.30 04:57:32 | 000,054,544 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.22 01:48:37 | 000,000,045 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010.04.20 22:37:17 | 000,054,544 | R--- | M] (Electronic Arts) - J:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.03.27 06:03:00 | 000,000,049 | R--- | M] () - J:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{38b59772-7193-11df-82c0-001c4af8d85f}\Shell - "" = AutoRun
O33 - MountPoints2\{38b59772-7193-11df-82c0-001c4af8d85f}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2009.04.30 04:57:32 | 000,054,544 | R--- | M] (Electronic Arts)
O33 - MountPoints2\{88617e42-bf51-11de-9526-00221581eae3}\Shell - "" = AutoRun
O33 - MountPoints2\{88617e42-bf51-11de-9526-00221581eae3}\Shell\AutoRun\command - "" = J:\pushinst.exe -- File not found
O33 - MountPoints2\{9974c36b-2170-11df-b458-001c4af8d85f}\Shell - "" = AutoRun
O33 - MountPoints2\{9974c36b-2170-11df-b458-001c4af8d85f}\Shell\AutoRun\command - "" = J:\Autorun.exe -- [2010.04.20 22:37:17 | 000,054,544 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.07 12:01:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2010.06.07 12:01:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.06.07 12:01:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.06.07 12:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.07 11:11:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2010.06.06 20:40:27 | 000,000,000 | ---D | C] -- C:\Fraps
[2010.06.02 23:59:27 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\My Videos
[2010.06.02 13:40:14 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Electronic Arts
[2010.06.02 13:35:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2010.06.01 15:23:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Electronic Arts
[2010.06.01 13:12:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\UseNeXT
[2010.06.01 13:12:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\UseNeXT
[2010.06.01 13:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UseNeXT
[2010.05.31 20:57:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.05.31 20:57:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.05.31 20:57:10 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.05.31 20:57:08 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.05.31 20:57:08 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.05.31 20:57:06 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.05.31 20:57:05 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.05.31 20:57:03 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.05.31 20:56:52 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.05.31 20:56:52 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.05.31 20:56:51 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.05.31 20:56:50 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.05.31 20:56:47 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.05.31 20:56:46 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.05.31 20:56:45 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010.05.24 13:20:07 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Ilahi
[2010.05.21 21:37:36 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\PokerStars.NET
[2010.05.21 21:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.NET
[2010.05.14 15:10:47 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Neuer Ordner
[2010.05.13 14:45:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Facebook
[2010.05.13 14:36:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Ich
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.07 13:25:43 | 004,194,304 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT
[2010.06.07 12:34:48 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.07 12:34:48 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.07 12:01:46 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.07 08:34:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.06 22:06:19 | 001,418,806 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.06.06 22:06:19 | 000,618,204 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.06.06 22:06:19 | 000,586,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.06.06 22:06:19 | 000,122,636 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.06.06 22:06:19 | 000,101,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.06.06 22:00:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.06 21:59:05 | 000,524,288 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{67015701-d3af-11de-ae49-001c4af8d85f}.TMContainer00000000000000000001.regtrans-ms
[2010.06.06 21:59:05 | 000,065,536 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT{67015701-d3af-11de-ae49-001c4af8d85f}.TM.blf
[2010.06.06 21:58:40 | 004,166,305 | -H-- | M] () -- C:\Users\Admin\AppData\Local\IconCache.db
[2010.06.06 21:38:02 | 000,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk
[2010.06.06 21:26:01 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\Die*Sims™*3.lnk
[2010.06.06 20:40:27 | 000,000,516 | ---- | M] () -- C:\Users\Admin\Desktop\Fraps.lnk
[2010.06.06 14:17:31 | 000,003,478 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\wklnhst.dat
[2010.06.06 14:17:24 | 000,028,160 | ---- | M] () -- C:\Users\Admin\Desktop\Emine+Okyay.doc
[2010.06.06 13:20:54 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{99585C59-78A1-4971-90C9-290307C590CF}.job
[2010.06.04 15:52:22 | 000,030,208 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.01 18:34:28 | 000,029,184 | ---- | M] () -- C:\Users\Admin\Desktop\Emine Okyay.doc
[2010.06.01 13:12:34 | 000,001,698 | ---- | M] () -- C:\Users\Admin\Desktop\UseNeXT.lnk
[2010.05.31 20:00:25 | 000,000,594 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Systemprüfung ausführen - Admin.job
[2010.05.23 13:04:54 | 000,031,019 | ---- | M] () -- C:\Users\Admin\Desktop\vegeta1.jpg
[2010.05.08 19:24:19 | 000,000,552 | ---- | M] () -- C:\Users\Admin\AppData\Local\d3d8caps.dat
 
========== Files Created - No Company Name ==========
 
[2010.06.07 12:01:46 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.07 12:01:42 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010.06.07 11:13:28 | 000,033,800 | ---- | C] () -- C:\Windows\SysNative\drivers\pavboot64.sys
[2010.06.06 21:38:02 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk
[2010.06.06 21:26:01 | 000,001,913 | ---- | C] () -- C:\Users\Public\Desktop\Die*Sims™*3.lnk
[2010.06.06 20:40:27 | 000,000,516 | ---- | C] () -- C:\Users\Admin\Desktop\Fraps.lnk
[2010.06.06 14:17:24 | 000,028,160 | ---- | C] () -- C:\Users\Admin\Desktop\Emine+Okyay.doc
[2010.06.01 18:34:28 | 000,029,184 | ---- | C] () -- C:\Users\Admin\Desktop\Emine Okyay.doc
[2010.06.01 13:12:34 | 000,001,698 | ---- | C] () -- C:\Users\Admin\Desktop\UseNeXT.lnk
[2010.05.31 20:57:12 | 000,364,824 | ---- | C] () -- C:\Windows\SysNative\xactengine2_4.dll
[2010.05.31 20:57:12 | 000,017,688 | ---- | C] () -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.05.31 20:57:10 | 003,977,496 | ---- | C] () -- C:\Windows\SysNative\d3dx9_31.dll
[2010.05.31 20:57:08 | 000,363,288 | ---- | C] () -- C:\Windows\SysNative\xactengine2_3.dll
[2010.05.31 20:57:08 | 000,083,736 | ---- | C] () -- C:\Windows\SysNative\xinput1_2.dll
[2010.05.31 20:57:06 | 000,354,072 | ---- | C] () -- C:\Windows\SysNative\xactengine2_2.dll
[2010.05.31 20:57:05 | 000,083,664 | ---- | C] () -- C:\Windows\SysNative\xinput1_1.dll
[2010.05.31 20:57:03 | 000,352,464 | ---- | C] () -- C:\Windows\SysNative\xactengine2_1.dll
[2010.05.31 20:56:54 | 003,927,248 | ---- | C] () -- C:\Windows\SysNative\d3dx9_30.dll
[2010.05.31 20:56:52 | 000,355,536 | ---- | C] () -- C:\Windows\SysNative\xactengine2_0.dll
[2010.05.31 20:56:52 | 000,016,592 | ---- | C] () -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.05.31 20:56:51 | 003,830,992 | ---- | C] () -- C:\Windows\SysNative\d3dx9_29.dll
[2010.05.31 20:56:50 | 003,815,120 | ---- | C] () -- C:\Windows\SysNative\d3dx9_28.dll
[2010.05.31 20:56:49 | 003,807,440 | ---- | C] () -- C:\Windows\SysNative\d3dx9_27.dll
[2010.05.31 20:56:47 | 003,767,504 | ---- | C] () -- C:\Windows\SysNative\d3dx9_26.dll
[2010.05.31 20:56:46 | 003,823,312 | ---- | C] () -- C:\Windows\SysNative\d3dx9_25.dll
[2010.05.31 20:56:45 | 003,544,272 | ---- | C] () -- C:\Windows\SysNative\d3dx9_24.dll
[2010.05.26 17:24:53 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2010.05.23 13:04:54 | 000,031,019 | ---- | C] () -- C:\Users\Admin\Desktop\vegeta1.jpg
[2010.05.12 12:30:48 | 000,974,848 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2010.05.08 19:24:19 | 000,000,552 | ---- | C] () -- C:\Users\Admin\AppData\Local\d3d8caps.dat
[2010.03.31 10:03:46 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.03.31 10:03:45 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.02.04 03:53:21 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.01.19 19:21:52 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.12.12 14:34:25 | 000,000,143 | -H-- | C] () -- C:\Windows\SysWow64\CTLSW.INI
[2009.12.12 14:34:25 | 000,000,133 | ---- | C] () -- C:\Windows\SysWow64\swctl.dll
[2009.11.25 21:57:31 | 000,120,832 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2009.04.22 01:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2008.11.03 14:27:04 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008.11.03 14:27:04 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 04:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.01.17 18:08:58 | 004,714,496 | ---- | C] () -- C:\Windows\SysWow64\hdx4_dshow.dll
[2006.08.23 01:00:00 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll
[2006.08.23 01:00:00 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll
[2006.08.23 01:00:00 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2006.08.23 01:00:00 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\Admin\Desktop\rere rarar.mp4.MP3:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Admin\Desktop\Original marsi.mp4.MP3:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Admin\Desktop\cildrin.mp4.MP3:TOC.WMV
< End of report >

--- --- ---

cosinus · 07.06.2010, 12:48

Zitat:

Infizierte Dateien:
C:\Users\Admin\Downloads\Adobe_Photoshop_CS3_Extended_v10.0_Deutsch_Portable\Files\Msvcrt.dll (Malware.Packer.Gen) -> No action taken.
C:\Users\Admin\Downloads\Adobe_Photoshop_CS3_Extended_v10.0_Deutsch_Portable\Files\Shfolder.dll (Malware.Packer.Gen) -> No action taken.

Woher hast Du dieses CS3?

Turkoo · 07.06.2010, 12:51

Hatte ich gedownloadet mit so einem Programm wieso

?? ist es der grund?

cosinus · 07.06.2010, 12:52

Was heißt mit so einem Programm?? Das Programm hat einen Namen!

Turkoo · 07.06.2010, 12:53

Das war Usenext... = )

Turkoo · 07.06.2010, 12:57

Bitte um Hilfee

ich habe echt keinen Plan mehr was ich machen soll
Jetzt spinnt auch das Internet obwohl ich 16000er leitung habe

cosinus · 07.06.2010, 13:24

Zitat:

Zitat von Turkoo

Das war Usenext... = )

Also ne gecrackte Version, deswegen findet Malwarebytes da auch Schädlinge...

Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr.

Für Dich geht es hier weiter => Neuaufsetzen des Systems
Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken.

Danach nie wieder sowas anrühren!

Turkoo · 07.06.2010, 13:34

ist dieser Virus gefährlich kann man den nichtbeheben?

oder muss ich jetzt wieder das System neu aufsetzen?

Turkoo · 07.06.2010, 13:46

Zitat:

Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr.

Das was du da sagst stimmt nicht ganz habe nur das Programm runtergeladen ..weiss nicht mal was du mit Crack meinst aber die Serial habe ich mir Legal gekauft

cosinus · 07.06.2010, 14:03

Sry, aber ein legal erworbenes Programm aus einer unseriösen Quelle herunterzuladen und auszuführen ist einfach nur

und völlig unglaubwürdig.
Wenn Du tatsächlich CS3 legal erworben hast, gibt es definitiv keinen Grund, das Programm selbst aus einer bekannten Warez-Szene zu laden.

Bonn34 · 24.06.2010, 17:18

Um das Einnisten von Viren und das Neuaufsetzen des Systems zu vermeiden, kannst du also besser ein gutes Antiviren Programm erwerben. Ich habe die Antiviren Software BRONZE von Mysecuritycenter auf meinem Computer und Laptop installiert.

07.06.2010, 12:52	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Mein Pc ist langsamer geworden bitte um Hilfe:( Was heißt mit so einem Programm?? Das Programm hat einen Namen! __________________ Logfiles bitte immer in CODE-Tags posten

07.06.2010, 14:03	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Mein Pc ist langsamer geworden bitte um Hilfe:( Sry, aber ein legal erworbenes Programm aus einer unseriösen Quelle herunterzuladen und auszuführen ist einfach nur und völlig unglaubwürdig. Wenn Du tatsächlich CS3 legal erworben hast, gibt es definitiv keinen Grund, das Programm selbst aus einer bekannten Warez-Szene zu laden. __________________ Logfiles bitte immer in CODE-Tags posten

Mein Pc ist langsamer geworden bitte um Hilfe:(

Antiviren-, Firewall- und andere Schutzprogramme: Mein Pc ist langsamer geworden bitte um Hilfe:(