Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Virus autorun.inf auf Festplatte, externer Festplatte und USB

Virus autorun.inf auf Festplatte, externer Festplatte und USB


Plagegeister aller Art und deren Bekämpfung: Virus autorun.inf auf Festplatte, externer Festplatte und USB

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.02.2011, 16:02   #5
Debs
 
Virus autorun.inf auf Festplatte, externer Festplatte und USB - Standard

Virus autorun.inf auf Festplatte, externer Festplatte und USB


Ok, ich hab alles so gemacht wie vorgeschlagen. Hier die beiden Outputs:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.02.2011 15:56:55 - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\Deborah\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,47 Gb Total Space | 126,39 Gb Free Space | 44,28% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,01 Gb Free Space | 50,05% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive G: | 7,52 Gb Total Space | 6,66 Gb Free Space | 88,65% Space Free | Partition Type: FAT32
 
Computer Name: DEBORAH-PC | User Name: Deborah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Deborah\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Hotspot Shield\bin\openvpntray.exe ()
PRC - C:\Programme\Hotspot Shield\bin\openvpnas.exe ()
PRC - C:\Programme\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Programme\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Programme\IObit\IObit Security 360\is360srv.exe (IObit)
PRC - C:\Programme\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE (Software 2000 Limited)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Programme\Protector Suite QL\upeksvr.exe (UPEK Inc.)
PRC - C:\Programme\Protector Suite QL\psqltray.exe (UPEK Inc.)
PRC - C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
PRC - C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Windows\System32\PSIService.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Deborah\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) --  File not found
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (HssTrayService) -- C:\Programme\Hotspot Shield\bin\HssTrayService.exe ()
SRV - (HotspotShieldService) -- C:\Programme\Hotspot Shield\bin\openvpnas.exe ()
SRV - (HssWd) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
SRV - (HssSrv) -- C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (SftService) -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (IS360service) -- C:\Programme\IObit\IObit Security 360\is360srv.exe (IObit)
SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (RegSrvc) Intel(R) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (PCDSRVC{E9D79540-57D5953E-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (HssDrv) -- C:\Windows\System32\drivers\HssDrv.sys (AnchorFree Inc.)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (truecrypt) -- C:\Windows\System32\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV - (WSDScan) -- C:\Windows\System32\drivers\WSDScan.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (TcUsb) -- C:\Windows\System32\drivers\tcusb.sys (UPEK Inc.)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (OEM02Vfx) -- C:\Windows\System32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (OEM02Dev) -- C:\Windows\System32\drivers\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.arcor.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.scroogle.org/scrapde8.html [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ixquick.com/deu/#
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.ixquick.com/deu/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: passwordbank@upek.com:5.8.2.6158.3.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: afurladvisor@anchorfree.com:1.0
FF - prefs.js..extensions.enabledItems: firefox@ghostery.com:2.4.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..keyword.URL: "hxxp://uk.search.yahoo.com/search?fr=greentree_ff1&fl=1&ei=utf-8&vl=lang_tr&type=382950&p="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.13 18:27:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.13 18:27:46 | 000,000,000 | ---D | M]
 
[2010.04.18 15:14:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deborah\AppData\Roaming\mozilla\Extensions
[2011.02.11 16:17:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deborah\AppData\Roaming\mozilla\Firefox\Profiles\0rshmfc5.default\extensions
[2010.06.11 12:32:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Deborah\AppData\Roaming\mozilla\Firefox\Profiles\0rshmfc5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.31 20:38:20 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Deborah\AppData\Roaming\mozilla\Firefox\Profiles\0rshmfc5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.01.04 17:58:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Deborah\AppData\Roaming\mozilla\Firefox\Profiles\0rshmfc5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.18 23:40:45 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Deborah\AppData\Roaming\mozilla\Firefox\Profiles\0rshmfc5.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.05.31 20:38:20 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Deborah\AppData\Roaming\mozilla\Firefox\Profiles\0rshmfc5.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2011.01.04 13:14:56 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Deborah\AppData\Roaming\mozilla\Firefox\Profiles\0rshmfc5.default\extensions\firefox@ghostery.com
[2010.05.31 21:11:34 | 000,000,000 | ---D | M] (Password Bank) -- C:\Users\Deborah\AppData\Roaming\mozilla\Firefox\Profiles\0rshmfc5.default\extensions\passwordbank@upek.com
[2010.04.28 10:11:51 | 000,002,433 | ---- | M] () -- C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\0rshmfc5.default\searchplugins\ixquickde-https.xml
[2011.01.07 18:36:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.06.26 19:02:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.14 21:57:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.20 17:22:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.19 23:44:50 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
[2010.06.26 19:02:29 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.14 21:57:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.20 17:22:50 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.19 23:44:50 | 000,000,000 | ---D | M] (afurladvisor) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\AFURLADVISOR@ANCHORFREE.COM
[2010.09.15 02:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.04.01 17:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 17:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 17:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 17:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 17:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Programme\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Deborah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 124
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Deborah\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} hxxp://support.microsoft.com/mats/DiagWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Users\Deborah\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Deborah\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.05.02 12:17:50 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O33 - MountPoints2\{5c5476de-59d9-11de-9cee-00059a3c7800}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe NAME-2EC8DAE0A9.vbs
O33 - MountPoints2\{5c5476e8-59d9-11de-9cee-00059a3c7800}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe NAME-2EC8DAE0A9.vbs
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.12 15:53:16 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Deborah\Desktop\OTL.exe
[2011.02.09 22:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Autorun Eater
[2011.02.09 21:54:35 | 000,000,000 | ---D | C] -- C:\Users\Deborah\AppData\Roaming\Malwarebytes
[2011.02.09 21:54:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.02.09 21:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.09 21:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.09 21:54:27 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.02.09 21:54:27 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.02.08 12:49:18 | 000,000,000 | ---D | C] -- C:\Users\Deborah\Desktop\Wohnungsfotos
[2010.11.20 16:20:21 | 001,740,104 | ---- | C] (Dell Inc) -- C:\Programme\aulauncher.exe
[2009.05.22 11:14:54 | 003,176,168 | ---- | C] (TrueCrypt Foundation) -- C:\Programme\TrueCrypt Setup 6.2.exe
[2009.01.25 11:17:40 | 009,717,767 | ---- | C] (g10 Code GmbH) -- C:\ProgramData\gpg4win-1.1.3.exe
[2009.01.15 17:33:32 | 021,252,470 | ---- | C] (Igor Pavlov) -- C:\ProgramData\tor-im-browser-1.1.7_en-US.exe
[2008.12.22 00:29:05 | 001,305,600 | ---- | C] (Irfan Skiljan) -- C:\ProgramData\iview420_setup.exe
[2008.09.03 14:30:24 | 001,513,984 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\EMPIRESX.EXE
[2008.09.03 14:30:22 | 002,404,352 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\SETUPEXP.DLL
[2008.09.03 14:30:22 | 000,282,682 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\Uninstx.Exe
[2008.09.03 14:30:21 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\ProgramData\languagex.dll
[2008.07.07 18:20:26 | 002,919,360 | ---- | C] (Piriform Ltd) -- C:\ProgramData\ccsetup209.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.12 15:57:47 | 000,639,210 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.02.12 15:57:47 | 000,604,764 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.02.12 15:57:47 | 000,131,024 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.02.12 15:57:47 | 000,108,096 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.02.12 15:56:35 | 000,087,953 | ---- | M] () -- C:\Users\Deborah\AppData\Roaming\nvModes.001
[2011.02.12 15:53:17 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Deborah\Desktop\OTL.exe
[2011.02.12 15:37:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.02.12 14:27:24 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011.02.12 14:00:58 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.02.12 14:00:47 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.12 14:00:47 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.12 14:00:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.12 14:00:36 | 3756,064,768 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.11 19:57:28 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.02.10 22:14:59 | 000,003,974 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2011.02.07 19:29:32 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\Defraggler Volume D Task.job
[2011.02.07 19:20:54 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\Defraggler Volume C Task.job
[2011.02.06 22:44:27 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2011.02.06 18:05:30 | 000,002,631 | ---- | M] () -- C:\Users\Deborah\Desktop\Microsoft Office Word 2007.lnk
[2011.01.31 17:55:15 | 000,045,568 | ---- | M] () -- C:\Users\Deborah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.25 01:14:56 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2011.01.24 03:52:19 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.11.18 21:33:27 | 192,354,232 | ---- | C] () -- C:\Programme\DataSafeLocalBackup_Basic.exe
[2010.11.07 17:02:52 | 005,595,832 | ---- | C] () -- C:\ProgramData\HSS-1.52-install-anchorfree-243-ask3.exe
[2010.10.14 16:31:00 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.10.14 16:30:59 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.10.14 16:30:58 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.10.03 18:56:05 | 000,000,095 | ---- | C] () -- C:\Users\Deborah\AppData\Local\fusioncache.dat
[2010.05.21 15:05:54 | 003,099,648 | ---- | C] () -- C:\Programme\openofficeorg32.msi
[2010.05.21 15:02:28 | 145,988,142 | ---- | C] () -- C:\Programme\openofficeorg1.cab
[2010.05.21 14:07:44 | 000,000,290 | ---- | C] () -- C:\Programme\setup.ini
[2010.02.24 00:43:45 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.02.24 00:43:45 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.02.17 16:12:14 | 000,000,067 | ---- | C] () -- C:\Windows\DVDRegionFreeLite.INI
[2010.01.20 21:45:58 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2010.01.20 21:45:57 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2010.01.20 21:45:57 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll
[2009.11.24 23:04:56 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2009.11.03 15:12:50 | 000,094,261 | ---- | C] () -- C:\Programme\Erinner-Mich.Gadget
[2009.11.03 15:12:02 | 000,057,490 | ---- | C] () -- C:\Programme\recyclebin.gadget
[2009.10.20 18:12:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.03 13:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.06.09 23:50:06 | 001,327,342 | ---- | C] () -- C:\ProgramData\pidgin-otr-3.2.0-1.exe
[2009.05.22 11:13:20 | 014,355,016 | ---- | C] () -- C:\Programme\pidgin-2.5.6.exe
[2009.04.27 22:56:39 | 011,759,104 | ---- | C] () -- C:\ProgramData\vpnclient-win-msi-5.0.04.0300-k9.exe
[2009.02.01 22:41:08 | 141,125,992 | ---- | C] () -- C:\ProgramData\OOo_3.0.1_Win32Intel_install_de.exe
[2009.02.01 17:00:21 | 001,519,800 | ---- | C] () -- C:\ProgramData\dMC-r10.exe
[2009.02.01 16:59:43 | 001,424,292 | ---- | C] () -- C:\ProgramData\Music Converter.zip
[2009.01.28 19:20:05 | 004,768,473 | ---- | C] () -- C:\ProgramData\Mindmap.exe
[2008.12.24 22:48:08 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008.12.24 22:40:07 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008.11.09 16:46:41 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2008.11.09 13:52:16 | 000,000,000 | ---- | C] () -- C:\ProgramData\WinDVD8.exe
[2008.10.21 12:00:27 | 010,708,992 | ---- | C] () -- C:\ProgramData\vpnclient-win-msi-5.0.02.0090-k9.exe
[2008.10.16 16:18:43 | 000,291,988 | ---- | C] () -- C:\Users\Deborah\AppData\Roaming\mdbu.bin
[2008.09.03 14:30:25 | 000,026,690 | ---- | C] () -- C:\ProgramData\EULA.RTF
[2008.09.03 14:30:24 | 000,020,992 | ---- | C] () -- C:\ProgramData\UPDATE.DOC
[2008.09.03 14:30:22 | 000,050,159 | ---- | C] () -- C:\ProgramData\Infox.doc
[2008.08.29 12:58:26 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2008.08.16 16:05:33 | 000,007,592 | ---- | C] () -- C:\Users\Deborah\AppData\Local\d3d9caps.dat
[2008.08.04 17:21:43 | 001,440,047 | ---- | C] () -- C:\ProgramData\wrar371d.exe
[2008.06.07 21:43:12 | 000,105,472 | ---- | C] () -- C:\Windows\System32\mtxoci.dll
[2008.06.04 13:25:45 | 015,895,117 | ---- | C] () -- C:\ProgramData\PDFCreator-0_9_5_setup.exe
[2008.05.02 14:11:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.05.02 12:18:46 | 000,003,974 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008.05.02 12:18:46 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\B16563253E.sys
[2008.05.02 12:09:09 | 000,000,000 | ---- | C] () -- C:\Users\Deborah\AppData\Roaming\wklnhst.dat
[2008.05.02 11:50:04 | 000,087,953 | ---- | C] () -- C:\Users\Deborah\AppData\Roaming\nvModes.001
[2008.05.02 10:42:23 | 000,087,953 | ---- | C] () -- C:\Users\Deborah\AppData\Roaming\nvModes.dat
[2008.05.02 09:58:58 | 000,045,568 | ---- | C] () -- C:\Users\Deborah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.03.14 01:59:15 | 000,167,936 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2008.03.14 01:59:14 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008.02.20 21:44:36 | 000,065,536 | ---- | C] () -- C:\Windows\System32\HPPLVS.dll
[2007.07.25 17:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2006.11.03 18:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:29:11 | 000,027,792 | ---- | C] () -- C:\Windows\System32\compobj.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

< End of report >
--- --- ---













OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12.02.2011 15:56:55 - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\Deborah\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,47 Gb Total Space | 126,39 Gb Free Space | 44,28% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,01 Gb Free Space | 50,05% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive G: | 7,52 Gb Total Space | 6,66 Gb Free Space | 88,65% Space Free | Partition Type: FAT32
 
Computer Name: DEBORAH-PC | User Name: Deborah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A5E2B07-51E8-42E8-923A-D4EC0B63759D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{1C6ED249-669C-4FD3-B468-A401ECE8769C}" = rport=138 | protocol=17 | dir=out | app=system | 
"{4078CB51-F0C7-4D65-A8CF-CE209FEAE5FD}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{4188D3A5-CB05-4FFC-B1A8-27A5B68DACAA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{5FAE9CAC-D976-4B71-A0CD-46A8EA50DAA1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{A95C8CC5-69EF-418F-BD0E-53A8F8E65B03}" = rport=139 | protocol=6 | dir=out | app=system | 
"{C89511A7-E065-4F02-80F4-2EFAFB1D6759}" = lport=138 | protocol=17 | dir=in | app=system | 
"{CDAFA82B-725A-4BA8-BBCA-056D563F8F24}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D767B4D1-B0C9-4598-8C21-940799FCD362}" = rport=445 | protocol=6 | dir=out | app=system | 
"{DA83BE3C-D91E-447B-8D93-164483AFD7AC}" = lport=139 | protocol=6 | dir=in | app=system | 
"{E43D9368-D3C9-4D71-A506-6B75C8BC5490}" = lport=137 | protocol=17 | dir=in | app=system | 
"{F8D356CB-1DC4-4898-843C-6DDBD175FF7A}" = rport=137 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1368893F-66CD-4DC3-8C49-EA000F7C00E0}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe | 
"{3327076D-25B0-4CA2-A64B-7878921F9ABE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{37028ED3-1BC5-440F-9094-512DC1400C88}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{4CAE09C3-7546-45AD-93AD-E43E38FE6FC6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{54A48AA7-1E97-4C18-B0B7-BD66594F60B5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{664DFE21-C50C-4E9E-9382-0715CD42A03B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7ABCFBE1-9836-4CE8-9C21-41BD2DB91691}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{83739FAF-32BD-4973-ABCF-5ECB8648E962}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{9950E4AB-F218-486D-8EB8-AB190047A780}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe | 
"{A07444AD-59EE-4315-8887-AFCDDD4B155A}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe | 
"{B2D79687-87A0-428C-9A68-6108D783FA13}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe | 
"{D13C6BB2-1843-43D3-827A-D1821F05E572}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe | 
"{EE211991-AEE7-45D2-9289-545AEB451E32}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{F04EE998-637F-4F43-ADC2-22849E86B9E2}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{F36C9475-DD69-4B9B-BBF3-4E018B01CAAC}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe | 
"TCP Query User{27AD79EF-666C-435E-948C-C3B8580DD82F}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe | 
"TCP Query User{2A9F0308-5759-42DC-A922-6F3DB2EDDC30}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{35450212-AF91-4FB2-A80D-D9183553E282}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe | 
"TCP Query User{5CB7A006-32AD-40AB-9A8B-237D0606F418}C:\users\deborah\appdata\local\temp\usmt\migwiz.exe" = protocol=6 | dir=in | app=c:\users\deborah\appdata\local\temp\usmt\migwiz.exe | 
"TCP Query User{C7DEE26E-A9DD-4E7B-A5B5-16DE7C72B9D9}C:\program files\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files\pidgin\pidgin.exe | 
"TCP Query User{D57E573F-D331-4108-BD17-15BCF1771AAA}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe | 
"UDP Query User{02994A71-2B05-4AEE-9672-F281CE458060}C:\users\deborah\appdata\local\temp\usmt\migwiz.exe" = protocol=17 | dir=in | app=c:\users\deborah\appdata\local\temp\usmt\migwiz.exe | 
"UDP Query User{34762CED-074E-4F1F-916D-09776811ADCF}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe | 
"UDP Query User{7041C244-5CC6-4BDE-ACF1-A3C9390D7DD0}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{9A890FAC-CCE7-42FD-849F-D89114E6EDF1}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe | 
"UDP Query User{C7E63BA1-CC9C-4492-B27B-10E275C7EE7B}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe | 
"UDP Query User{FFF15117-E225-4952-AFEC-06A3EF248A03}C:\program files\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files\pidgin\pidgin.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09E2111C-16B1-4DDF-BF0D-F994C9A12350}" = Adobe Setup
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2CD82D77-8D1E-44FC-9A90-BBA95AC8D6B7}" = Protector Suite QL 5.8
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C569633-C8DE-46E2-BB8F-F65198681C2F}" = Corel Snapfire
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}" = Cisco Systems VPN Client 5.0.04.0300
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = Benutzerhandbuch
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{64367D02-ADA8-4FA0-B348-27F25C60BC7B}" = muvee autoProducer 5.0
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B8BA496-E201-4246-9A8B-687B49145F53}" = IObit Toolbar v4.1
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.5 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}" = Adobe Creative Suite 3 Design Premium
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3E3F224-704C-4873-BA3E-0B8D3D4C59E8}" = Samsung PC Studio 3
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD023F61-65E9-465C-B558-7C64EB2B97E6}" = Dell Handbuch zum Einstieg
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Advanced Video FX Engine" = Advanced Video FX Engine
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Creative OEM002" = Laptop Integrated Webcam Driver (1.03.02.0719)  
"Defraggler" = Defraggler
"Dell Support Center" = Dell Support Center
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.3
"Free Audio Converter_is1" = Free Audio Converter version 2.2
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.5
"Game Booster_is1" = Game Booster
"GPG4Win" = GnuPG For Windows
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HotspotShield" = Hotspot Shield 1.56
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"IObit Security 360_is1" = IObit Security 360
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NVIDIA Drivers" = NVIDIA Drivers
"Pidgin" = Pidgin
"pidgin-otr" = pidgin-otr 3.2.0-1
"ProInst" = Intel(R) PROSet/Wireless Software
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"ScummVM_is1" = ScummVM 1.0.0
"Smart Defrag_is1" = Smart Defrag
"TrueCrypt" = TrueCrypt
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12.07.2010 11:41:57 | Computer Name = Deborah-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 12.07.2010 11:48:54 | Computer Name = Deborah-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 12.07.2010 12:06:32 | Computer Name = Deborah-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 12.07.2010 16:52:29 | Computer Name = Deborah-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung javaw.exe, Version 6.0.200.2, Zeitstempel 0x4bc398b3,
 fehlerhaftes Modul awt.dll, Version 6.0.200.2, Zeitstempel 0x4bc3c8d8, Ausnahmecode
 0xc0000005, Fehleroffset 0x000a3614,  Prozess-ID 0xa94, Anwendungsstartzeit 01cb2204229dc690.
 
Error - 12.07.2010 17:31:15 | Computer Name = Deborah-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 13.07.2010 04:30:33 | Computer Name = Deborah-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 13.07.2010 04:30:33 | Computer Name = Deborah-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 14.07.2010 09:24:27 | Computer Name = Deborah-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 14.07.2010 09:24:27 | Computer Name = Deborah-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 14.07.2010 09:27:41 | Computer Name = Deborah-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
[ Dell Events ]
Error - 21.11.2010 05:10:29 | Computer Name = Deborah-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 21.11.2010 05:10:29 | Computer Name = Deborah-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 21.11.2010 05:23:01 | Computer Name = Deborah-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 21.11.2010 05:23:01 | Computer Name = Deborah-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 06.12.2010 08:02:34 | Computer Name = Deborah-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 06.12.2010 08:02:34 | Computer Name = Deborah-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 20.12.2010 13:15:33 | Computer Name = Deborah-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 20.12.2010 13:15:33 | Computer Name = Deborah-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 09.02.2011 16:47:53 | Computer Name = Deborah-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
[ OSession Events ]
Error - 04.06.2008 14:53:55 | Computer Name = Deborah-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session 
lasted 127 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 13.01.2009 10:30:18 | Computer Name = Deborah-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 119
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 13.02.2009 15:35:55 | Computer Name = Deborah-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 832
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 11.02.2011 06:16:01 | Computer Name = Deborah-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 11.02.2011 06:16:15 | Computer Name = Deborah-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 12.02.2011 09:00:25 | Computer Name = Deborah-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
 
Error - 12.02.2011 09:00:35 | Computer Name = Deborah-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
 
Error - 12.02.2011 09:01:21 | Computer Name = Deborah-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 12.02.2011 09:01:55 | Computer Name = Deborah-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 12.02.2011 09:01:57 | Computer Name = Deborah-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 12.02.2011 09:08:44 | Computer Name = Deborah-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = 
 
Error - 12.02.2011 09:08:44 | Computer Name = Deborah-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = 
 
Error - 12.02.2011 09:08:44 | Computer Name = Deborah-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = 
 
 
< End of report >
--- --- ---






Was nun?

Dank dir schonmal Arne!


 

Themen zu Virus autorun.inf auf Festplatte, externer Festplatte und USB
anti-malware, antivir, antivir meldet, autorun.inf, bli, blockiert, computer, datei, dateien, ergebnis, explorer, festplatte, folge, infiziert, löschen, malwarebytes, meldet, min, platte, problem, schnelle hilfe, service, sicherheit, usb, version, virus, zugriff


« Trojaner Drop.Agnet.bzdh | wurde ich gehackt.. verdacht auf troja/keylogger »


Ähnliche Themen: Virus autorun.inf auf Festplatte, externer Festplatte und USB


  1. Virus auf externer Festplatte?
    Plagegeister aller Art und deren Bekämpfung - 13.09.2014 (5)
  2. Virus auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 03.07.2014 (1)
  3. Not-a-Virus: Adware.win32.cydoor von Kaspersky auf externer Festplatte gefunden
    Plagegeister aller Art und deren Bekämpfung - 22.01.2014 (3)
  4. Recycle.Bin virus auf externer Festplatte, Daten unsichtbar
    Log-Analyse und Auswertung - 30.09.2013 (6)
  5. BOO/Sinowal.a Virus auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 09.04.2013 (21)
  6. Daten auf Externer Festplatte durch Virus unsichtbar
    Plagegeister aller Art und deren Bekämpfung - 02.10.2012 (6)
  7. Virus von externer Festplatte löschen ohne Bilder davon zu löschen
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (1)
  8. Virus "W32/Virut.Gen" auf Externer Festplatte ('F:\AppInst.exe')
    Log-Analyse und Auswertung - 21.11.2011 (27)
  9. autorun.inf auf externer Festplatte !
    Plagegeister aller Art und deren Bekämpfung - 05.09.2011 (5)
  10. Virus versteckt dateien auf Externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 04.09.2011 (1)
  11. Trojaner im Recycler auf externer Festplatte gefunden: TR/Autorun.nt
    Plagegeister aller Art und deren Bekämpfung - 20.10.2010 (3)
  12. Virus USB Festplatte curice autorun.inf elena.exe
    Plagegeister aller Art und deren Bekämpfung - 15.02.2010 (1)
  13. Virus (Trojaner Win32 Fake/AV) auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 03.02.2010 (1)
  14. autorun.inf auf externer Festplatte (WORM/Kido.IX)
    Plagegeister aller Art und deren Bekämpfung - 11.12.2009 (2)
  15. Virus in Autorun.inf und in Recylcer von externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 19.05.2009 (4)
  16. Wie bekomme ich Virus von externer Festplatte?
    Plagegeister aller Art und deren Bekämpfung - 02.02.2009 (1)
  17. Virus in autorun.inf gefunden (auf externer Festplatte)
    Plagegeister aller Art und deren Bekämpfung - 21.12.2008 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Virus autorun.inf auf Festplatte, externer Festplatte und USB - Ok, ich hab alles so gemacht wie vorgeschlagen. Hier die beiden Outputs:OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 12.02.2011 15:56:55 - Run 1 OTL by OldTimer - Virus autorun.inf auf Festplatte, externer Festplatte und USB...
Archiv
Du betrachtest: Virus autorun.inf auf Festplatte, externer Festplatte und USB auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132