Hallo M-K-D-B,

der/das Ask Toolbar wurde mir nicht bei den Programmen in der Systemsteuerung angegeben. Somit war ich nicht in der Lage es zu löschen.
HSS-1.37-install-anchorfree-76-conduit.exe habe ich gelöscht und was die exe-Datei mit dem äusserst demütigenden Namen angeht war sie in meinem Simcity Ordner. Ich habe es nie auf die Reihe bekommen dieses Spiel zum funktionieren zu bringen, also habe ich es unbeachtet auf der Festplatte gelassen. Ich habe jetzt einfach den gesammten Ordner gelöscht. Mitlerweile läuft bei meinem Rechner alles, wie es sein soll. Keine Fehlermeldungen, alle Programme funktionieren so wie sie es sollten und ausserdem ist mein Rechner erheblich schneller geworden.

Zitat:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Folder move failed. C:\Programme\Ask.com scheduled to be moved on reboot.
========== FILES ==========
C:\Program Files\Windows Live\Messenger\msimg32.dll moved successfully.
C:\Program Files\Windows Live\Messenger\riched20.dll moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Melissa
->Temp folder emptied: 789787 bytes
->Temporary Internet Files folder emptied: 487627237 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 39346896 bytes
->Flash cache emptied: 5418 bytes

User: Melissa_2
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 75 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 21399 bytes
RecycleBin emptied: 158345527 bytes

Total Files Cleaned = 654,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 05022011_181218

Files\Folders moved on Reboot...
Folder move failed. C:\Programme\Ask.com scheduled to be moved on reboot.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 02.05.2011 18:43:21 - Run 6
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Melissa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,29 Gb Total Space | 63,23 Gb Free Space | 43,82% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 142,65 Gb Free Space | 99,04% Space Free | Partition Type: NTFS
Drive G: | 298,01 Gb Total Space | 128,11 Gb Free Space | 42,99% Space Free | Partition Type: FAT32
Drive J: | 931,28 Gb Total Space | 43,52 Gb Free Space | 4,67% Space Free | Partition Type: FAT32
 
Computer Name: ASSIGAMMELKEKS | User Name: Melissa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Melissa\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Replay Media Catcher\FLVSrvc.exe (Applian Technologies, Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe (Deutsche Telekom AG)
PRC - C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\profilemgr.exe (Deutsche Telekom AG)
PRC - C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe (Deutsche Telekom AG)
PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
PRC - C:\Programme\Common Files\Marmiko Shared\MWLaMaS.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Programme\T-Online\T-Online_Software_6\Notifier\Notifier.exe (fun communications GmbH, hxxp://www.fun.de)
PRC - C:\Programme\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.00\WlanCU.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Melissa\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AdobeActiveFileMonitor7.0) -- D:\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (tvicport) -- C:\Windows\System32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (MTOnlPktAlyX) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (SIS163u) -- C:\Windows\System32\drivers\SiS163u.sys (SiS Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp32&d=1008&m=aspire_l5100
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp32&d=1008&m=aspire_l5100
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.02 18:40:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.02 18:40:34 | 000,000,000 | ---D | M]
 
[2009.01.19 23:00:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melissa\AppData\Roaming\mozilla\Extensions
[2011.04.30 00:11:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions
[2010.07.09 10:27:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.14 11:54:26 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.03.28 22:07:49 | 000,000,000 | ---D | M] (Illimitux) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\illimitux@illimitux.net
[2010.01.30 16:48:09 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\radiobar@toolbar
[2010.02.07 02:10:02 | 000,000,000 | ---D | M] (Veoh Video Compass) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\searchrecs@veoh.com
[2011.01.25 12:30:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\staged-xpis
[2011.04.26 09:20:20 | 000,000,000 | ---D | M] (Foxit PDF Creator Toolbar) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\toolbar@ask.com
[2011.04.25 20:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.02.16 21:00:29 | 000,000,000 | ---D | M] (VMLoad) -- C:\Programme\Mozilla Firefox\extensions\{464F169E-ACE1-4C5F-A778-A433A3DABBAE}
[2011.04.25 20:36:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011.04.25 20:36:38 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2009.12.06 21:44:35 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD\FIREFOX\EXT
[2009.01.20 12:30:15 | 000,000,000 | ---D | M] (Veoh Web Player Video Finder) -- C:\PROGRAM FILES\VEOH NETWORKS\VEOHWEBPLAYER\FFVIDEOFINDER
[2011.04.25 20:36:12 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.05.25 18:09:48 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll
[2011.03.06 00:27:43 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.06 00:27:43 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.06 00:27:43 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.03.06 00:27:43 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.06 00:27:43 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.04.24 17:53:28 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (VMLoadHBO Class) - {C17C7688-31D1-46D7-8C9B-5D253E4F5D5E} - C:\Users\Melissa\AppData\Roaming\VMLoad\addin\VMLoad.dll (TODO: <Company name>)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Replay Media Catcher\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] c:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKCU..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Secret City - {D401C3A2-12EF-4D1D-A086-F3AB10B565BF} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop -  File not found
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Melissa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Melissa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006.11.03 12:58:30 | 000,000,038 | -H-- | M] () - G:\AUTORUN.FCB -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.27 06:00:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.27 06:00:07 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.27 05:59:57 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.04.26 20:00:02 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2011.04.26 19:58:13 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Melissa\Desktop\esetsmartinstaller_enu.exe
[2011.04.25 20:42:30 | 000,000,000 | ---D | C] -- C:\Users\Melissa\AppData\Roaming\Foxit Software
[2011.04.25 20:40:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2011.04.25 20:40:46 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com
[2011.04.25 20:40:36 | 000,000,000 | ---D | C] -- C:\Programme\Foxit Software
[2011.04.25 20:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.04.25 20:36:48 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2011.04.25 20:36:26 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.25 20:36:26 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.25 20:36:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.25 20:36:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.04.24 17:57:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.04.24 17:40:53 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011.04.24 17:40:16 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011.04.20 22:42:38 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.04.20 22:42:38 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.04.20 22:42:38 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.04.20 22:40:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.04.20 22:27:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.04.17 21:57:10 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.04.17 21:55:23 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2011.04.17 21:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.04.17 21:30:47 | 000,791,393 | ---- | C] (Lars Hederer                                                ) -- C:\Users\Melissa\Desktop\Erunt-setup.exe
[2011.04.17 21:30:47 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Melissa\Desktop\TFC.exe
[2011.04.17 20:51:30 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Melissa\Desktop\OTL.exe
[2011.04.16 11:30:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.16 11:30:02 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.16 11:30:02 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.16 11:30:02 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.16 11:30:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.16 11:30:02 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.16 11:30:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.16 11:30:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.16 11:30:01 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.16 11:30:01 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.16 11:30:00 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.16 11:30:00 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.16 11:30:00 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.16 11:30:00 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.16 11:30:00 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.16 11:30:00 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.16 11:30:00 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.16 11:30:00 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.16 11:30:00 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.16 11:30:00 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.16 11:30:00 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.16 11:29:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.16 11:29:59 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.16 11:29:59 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.16 11:29:59 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.16 11:29:59 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.16 11:29:59 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.16 11:29:59 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.16 11:29:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.16 11:29:59 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.16 11:29:59 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.16 11:29:58 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.04.16 11:29:58 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.16 11:29:58 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.04.16 11:29:58 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.16 11:29:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.04.16 11:29:58 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.16 11:29:58 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.16 11:29:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.15 15:11:24 | 000,000,000 | ---D | C] -- C:\Users\Melissa\AppData\Roaming\Malwarebytes
[2011.04.15 15:11:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.15 15:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.15 15:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.15 15:11:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.15 15:11:13 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.04.14 09:01:53 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.14 09:01:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.14 09:01:42 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.14 09:01:41 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.14 09:01:38 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.14 09:01:37 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.14 02:05:14 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011.04.13 12:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2011.04.13 12:51:30 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler
[2011.04.13 12:36:09 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2009.01.19 22:11:52 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2008.09.30 06:55:45 | 000,049,152 | ---- | C] ( ) -- C:\Windows\INTEROP.IWSHRUNTIMELIBRARY.DLL
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.02 18:31:44 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.02 18:19:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.02 18:18:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.02 18:18:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.02 18:18:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.02 18:17:38 | 1878,515,712 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.01 17:22:19 | 000,674,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.01 17:22:19 | 000,634,202 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.01 17:22:19 | 000,146,028 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.01 17:22:19 | 000,119,766 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.01 17:19:54 | 000,039,424 | ---- | M] () -- C:\Users\Melissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.28 21:03:16 | 000,211,200 | ---- | M] () -- C:\Users\Melissa\Desktop\Scannen0001xx.jpg
[2011.04.26 23:13:31 | 000,879,081 | ---- | M] () -- C:\Users\Melissa\Desktop\SecurityCheck.exe
[2011.04.26 19:58:22 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Melissa\Desktop\esetsmartinstaller_enu.exe
[2011.04.25 20:40:59 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2011.04.25 20:36:11 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.25 20:36:11 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.25 20:36:11 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.25 20:36:11 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.04.24 17:53:28 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.04.24 16:24:30 | 004,328,459 | R--- | M] () -- C:\Users\Melissa\Desktop\ComboFix.exe
[2011.04.20 00:26:48 | 000,040,504 | ---- | M] () -- C:\Users\Melissa\Desktop\Malvada.odt
[2011.04.19 19:33:17 | 000,050,477 | ---- | M] () -- C:\Users\Melissa\Desktop\Defogger.exe
[2011.04.19 18:49:41 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011.04.17 21:55:23 | 000,000,737 | ---- | M] () -- C:\Users\Melissa\Desktop\NTREGOPT.lnk
[2011.04.17 21:55:23 | 000,000,718 | ---- | M] () -- C:\Users\Melissa\Desktop\ERUNT.lnk
[2011.04.17 21:39:24 | 000,301,568 | ---- | M] () -- C:\Users\Melissa\Desktop\g2m3e4r.exe
[2011.04.17 21:39:23 | 000,791,393 | ---- | M] (Lars Hederer                                                ) -- C:\Users\Melissa\Desktop\Erunt-setup.exe
[2011.04.17 21:39:18 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Melissa\Desktop\TFC.exe
[2011.04.17 21:39:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Melissa\Desktop\OTL.exe
[2011.04.17 21:28:35 | 000,377,280 | ---- | M] () -- C:\Users\Melissa\Desktop\Load.exe
[2011.04.16 11:30:08 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.04.16 11:30:08 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.04.16 11:30:02 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.16 11:30:02 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.16 11:30:02 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.16 11:30:02 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.16 11:30:02 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.16 11:30:02 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.16 11:30:02 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.16 11:30:02 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.16 11:30:01 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.16 11:30:01 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.16 11:30:00 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.16 11:30:00 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.16 11:30:00 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.16 11:30:00 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.16 11:30:00 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.16 11:30:00 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.16 11:30:00 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.16 11:30:00 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.16 11:30:00 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.16 11:30:00 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.04.16 11:30:00 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.16 11:30:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.16 11:29:59 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.16 11:29:59 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.16 11:29:59 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.16 11:29:59 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.16 11:29:59 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.16 11:29:59 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.16 11:29:59 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.16 11:29:59 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.16 11:29:59 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.16 11:29:59 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.16 11:29:58 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.04.16 11:29:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.16 11:29:58 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.04.16 11:29:58 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.16 11:29:58 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.04.16 11:29:58 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.16 11:29:58 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.16 11:29:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.15 15:11:18 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.15 03:30:24 | 000,328,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.11 20:43:57 | 092,643,550 | ---- | M] () -- C:\Users\Melissa\Documents\Megavideo.com - 2828C2AF60C2BB..C2AB5BNeverAlone5DC2BB..C2ABC2B4C2AF2929.flv
[2011.04.06 22:35:33 | 000,000,054 | ---- | M] () -- C:\Windows\mpsettings.ini
 
========== Files Created - No Company Name ==========
 
[2011.04.28 21:03:15 | 000,211,200 | ---- | C] () -- C:\Users\Melissa\Desktop\Scannen0001xx.jpg
[2011.04.26 23:51:38 | 006,332,870 | ---- | C] () -- C:\Users\Melissa\Desktop\13-dope_stars_inc-beatcrusher.mp3
[2011.04.26 23:13:26 | 000,879,081 | ---- | C] () -- C:\Users\Melissa\Desktop\SecurityCheck.exe
[2011.04.25 20:40:59 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2011.04.24 16:24:14 | 004,328,459 | R--- | C] () -- C:\Users\Melissa\Desktop\ComboFix.exe
[2011.04.20 22:42:38 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.04.20 22:42:38 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.04.20 22:42:38 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.04.20 22:42:38 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.04.20 22:42:38 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.04.19 19:33:16 | 000,050,477 | ---- | C] () -- C:\Users\Melissa\Desktop\Defogger.exe
[2011.04.19 18:49:40 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011.04.18 21:23:54 | 000,040,504 | ---- | C] () -- C:\Users\Melissa\Desktop\Malvada.odt
[2011.04.17 21:55:23 | 000,000,737 | ---- | C] () -- C:\Users\Melissa\Desktop\NTREGOPT.lnk
[2011.04.17 21:55:23 | 000,000,718 | ---- | C] () -- C:\Users\Melissa\Desktop\ERUNT.lnk
[2011.04.17 21:30:47 | 000,301,568 | ---- | C] () -- C:\Users\Melissa\Desktop\g2m3e4r.exe
[2011.04.17 21:28:35 | 000,377,280 | ---- | C] () -- C:\Users\Melissa\Desktop\Load.exe
[2011.04.16 11:30:00 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.04.15 15:11:18 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.11 20:43:58 | 092,643,550 | ---- | C] () -- C:\Users\Melissa\Documents\Megavideo.com - 2828C2AF60C2BB..C2AB5BNeverAlone5DC2BB..C2ABC2B4C2AF2929.flv
[2011.04.06 22:35:33 | 000,000,054 | ---- | C] () -- C:\Windows\mpsettings.ini
[2010.08.13 11:30:19 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010.06.14 19:12:53 | 000,000,130 | ---- | C] () -- C:\Windows\System32\rpireica.bin
[2009.11.12 20:27:13 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.11.12 20:27:13 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009.11.12 20:27:08 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.11.12 20:27:07 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.11.12 20:27:06 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.11.09 19:19:44 | 000,000,000 | ---- | C] () -- C:\Windows\System32\swunilog.ini
[2009.11.04 23:47:55 | 000,237,568 | ---- | C] () -- C:\Windows\System32\rmc_rtspdl.dll
[2009.09.24 06:17:18 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.24 06:17:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.02 06:57:23 | 000,007,268 | ---- | C] () -- C:\Users\Melissa\AppData\Local\d3d9caps.dat
[2009.07.02 13:51:39 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2009.02.10 19:22:57 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.01.28 20:46:28 | 000,000,096 | ---- | C] () -- C:\Users\Melissa\AppData\Roaming\wklnhst.dat
[2009.01.20 13:05:11 | 000,000,399 | ---- | C] () -- C:\Windows\vtplus32.ini
[2009.01.20 13:05:01 | 000,149,504 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE
[2009.01.20 13:04:31 | 000,032,295 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.01.20 13:04:21 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2009.01.20 13:03:53 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009.01.20 13:03:53 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.01.20 13:03:51 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll
[2009.01.20 13:02:53 | 000,006,315 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2009.01.20 00:02:56 | 000,039,424 | ---- | C] () -- C:\Users\Melissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.19 23:11:52 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.19 22:39:59 | 000,000,095 | ---- | C] () -- C:\Users\Melissa\AppData\Local\fusioncache.dat
[2009.01.19 22:11:52 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.11.06 18:33:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.10.06 06:48:51 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2008.10.06 06:48:51 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2008.01.21 09:15:58 | 000,674,344 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,146,028 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.04.11 19:30:48 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007.04.11 17:09:20 | 000,000,734 | ---- | C] () -- C:\Windows\generic.ini
[2007.04.11 17:09:20 | 000,000,125 | ---- | C] () -- C:\Windows\Alaunch.ini
[2007.04.11 17:07:33 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.04.11 17:07:33 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.04.11 17:07:32 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.04.11 09:20:03 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,328,032 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,634,202 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,119,766 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.01.06 15:04:00 | 000,049,152 | ---- | C] () -- C:\Windows\System32\unwlsdrv.exe
[2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

< End of report >
         

--- --- ---


Irgendwie wird bei mir kein Extras.txt mehr gespeichert. Ist das schlimm?

Gruß

Shinichi

Hallo Shinichi,

Zitat:

Zitat von Shinichi

Irgendwie wird bei mir kein Extras.txt mehr gespeichert. Ist das schlimm?

Schlimm nicht, für gewöhnlich erstellt aber OTL eine Extras.txt, wenn du meine Anweisung vom letzten Mal (Schritt # 4) 1:1 umgesetzt hast.




Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Dein Rechner ist sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Schritt # 1: ComboFix deinstallieren
Bitte vor der folgenden Aktion wieder temporär Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.

Windows-Taste + R drücke. Kopiere nun folgende Zeile in die Kommandozeile und klicke OK.

Code: Alles auswählenAufklappen

ATTFilter

Combofix /Uninstall
         

Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert, damit auch aus dieser die Schädlinge verschwinden.

Nun die eben deaktivierten Programme wieder aktivieren.





Schritt # 2: Systembereinigung mit OTL
Als nächstes müssen wir alle Programme, die zur Malwarebeseitigung notwendig waren, entfernen:

• Starte bitte die OTL.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Schließe bitte nun alle Programme.
• Klicke nun bitte auf den Button Bereinigung.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.

Schritt # 3: Programme deinstallieren/löschen

• Deinstalliere als nächstes bitte folgende Programme über die Systemsteuerung:
  • ERUNT
  • ESET Online Scanner
• Führe gegebenenfalls einen Neustart deines Rechners durch.
• Deinstalliere/Lösche gegebenenfalls weitere Dateien und Programme, die wir verwendet haben, manuell, falls sie noch nicht von deinem Rechner entfernt wurden.

Schritt # 4: Systemwiederherstellungspunkte löschen
Es ist nicht auszuschließen, dass durch die Malware auch Wiederherstellungspunkte infiziert sind. Dieses Problem behebst du wie folgt:

• Windows + R Taste drücken --> cleanmgr ( eingeben ) --> OK
• Wähle nun deine Systemplatte ( normal C: ).
• Klicke auf Systemdateien bereinigen --> erneut die Systemplatte wählen --> Reiter Weitere Optionen
• Klicke auf Systemwiederherstellung und Schattenkopien bereinigen.
• Klicke auf Löschen und warte, bis der Vorgang abgeschlossen ist.
• Schließe die Fenster.

Schritt # 5: Windows Update aktivieren
Sehen wir nach ob die Updates für Windows sich automatisch downloaden. Das ist der beste Weg um all die Sicherheits- Patches und Fixes zu erhalten.

• Windows + R Taste drücken.
• Kopiere nun folgenden Text in die Kommandozeile:
  
  Code: Alles auswählenAufklappen

  ATTFilter

  RunDll32.exe shell32.dll,Control_RunDLL wscui.cpl
           

• Klicke auf Ok.
• Stelle sicher, dass die automatischen Updates aktiviert sind.
• Downloade und installiere gegebenenfalls alle verfügbaren Updates.

Schritt # 6: Schutz vor weiteren Infektionen
Damit du in Zukunft vor ähnlichen Infektionen geschützt bist, empfehle ich dir noch ein paar nützliche Programme inklusive ein paar Tipps.

• Vergewissere dich, dass dein Virenscanner stets aktuell ist und regelmäßig Updates erhält.
• Daneben empfehle ich dir die Verwendung eines der folgenden Anti-Malware tools:
  • Malwarebytes' Anti-Malware
  • SuperAntiSpyware
  • Emsisoft AntiMalware
• SpywareBlaster
  Eine kurze Einführung findest du Hier
• MVPs hosts file
  Eine Einführung findest du hier
• Öffne keine E-Mails oder deren Anhänge, wenn du den Absender nicht kennst!
• Verwende keine Filesharing Programme, da damit sehr oft Malware übertragen wird!
• Verwende keine Keygens, Cracks, Cheats, etc.!
• Halte ALLE deine Programme aktuell, z. B. mit dem Online Secunia Inspector!

Schritt # 7: Passwörter ändern

• Du warst mit einem Trojaner infiziert, der Passwörter ausspäht.
• Darum bitte ich dich, alle deine Passwörter (E-Mail, Ebay, Amazon, Online Banking, Facebook, etc.) zu ändern.

Schritt # 8: Deine Rückmeldung
Bitte gib mir kurz Bescheid, wenn alles erledigt ist und du keine Fragen mehr hast, damit ich das Thema aus meinen Abos löschen kann.

Hallo M-K-D-B,

wie schön, dass mein Rechner nun endlich wieder sauber ist.
DANKE DANKE DANKE!!!


Ich habe ComboFix deinstalliert, die Systembereinigung mit OTL durchgeführt, ERNUT und ESET Online Scanner deinstalliert, die Systemwiederherstellungspunkte gelöscht, und Windows Update aktiviert.

Malwarebytes' Anti-Malware habe ich gleich auf meinem Rechner behalten, da ich es ja schon zuvor hatte, ich habe SpywareBlaster installiert und die Anweisungen befolgt (was ich auch in Zukunft so beibehalten werde), auch mit dem Online Secunia Inspector habe ich mich vertraut gemacht und sämtliche Passwörter geändert.

Bei MVPs hosts file gibt es ein Problem, wenn ich den Anweisungen für Windows Vista folge, komme ich bei

Zitat "hxxp://winhelp2002.mvps.org/hostsvista.htm"

Zitat:

Updating the HOSTS file via the SendTo method

The first step is to create a new shortcut in your SendTo folder. Open Windows Explorer to:
\Users\<username>\AppData\Roaming\Microsoft\Windows\SendTo

Note: where "<username>" is your login name
[or]
Start | Run (type) shell:sendto (click Ok)

Next: Right-click in the right pane and select: New > shortcut [screenshot]
In the next dialog box click Browse and navigate to: Windows\System32\drivers\etc
Click Ok and in the next dialog box name the shortcut (example) Update Hosts

zu dem Problem, dass ich im besagtem Ordner keine neue Verknüpfung erstellen kann. Ich kann zwar bei Rechtsklick eine neue Verknüpfung anwählen, aber es wird keine erstellt.

In ordnung, dass erstmal wieder soweit von mir.

Gruß
Shinichi

Hallo Shinichi,

Zitat:

Zitat von Shinichi

DANKE DANKE DANKE!!!

Ich bin froh, dass wir helfen konnten

Zitat:

Zitat von Shinichi

Bei MVPs hosts file gibt es ein Problem...

Es gibt einen einfacheren Weg:

• Lade dir die Datei hosts.zip auf deinen Desktop.
• Entpacke das Archiv auf deinen Desktop.
• Rechtsklicke auf die Datei mvps.bat -> Als Administrator ausführen
• Bestätige die Sicherheitsabfrage mit Ja.
• Es erscheint ein Fenster. Bestätige mit einer beliebigen Taste.

Bitte gib mir kurz Bescheid, obs damit funktioniert hat.

Hallo M-K-D-B,

also ich bin deinen Anweisungen gefolgt und nach der Bestätigung der Sicherheitsabfrage, hat sich das Fenster einfach wieder geschlossen. Hat das so seine Richtigkeit?

Gruß
Shinichi

Hallo Shinichi,





Schritt # 1: Fragen beantworten
Bitte beantworte mir folgende Fragen:

Zitat:

Zitat von Shinichi

also ich bin deinen Anweisungen gefolgt und nach der Bestätigung der Sicherheitsabfrage, hat sich das Fenster einfach wieder geschlossen. Hat das so seine Richtigkeit?

Nach der Bestätigung der Sicherheitsabfrage sollte erst einmal ein blaues Fenster erscheinen. Ich habe dir einmal das Bild MVPS.png unten mit angefügt. Sah das Fenster so aus? Wenn ja, dann sollte es funktioniert haben.

Zur Kontrolle überprüfen wir das mit OTL:




Schritt # 2: Systemscan mit OTL
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden )

• Doppelklick auf die OTL.exe
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles hier in den Thread.

Schritt # 3: Deine Rückmeldung
Zur weiteren Analyse benötige ich zusammen mit deiner nächsten Antwort

• die Beantwortung der gestellten Fragen und
• die beiden neuen Logfiles von OTL (OTL.txt und Extras.txt).

Hallo M-K-D-B,

ja genau dieses Fenster ist erschienen, dann hat also alles geklappt sehr schön.

OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 06.05.2011 11:40:54 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Melissa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
4,00 Gb Paging File | 1,00 Gb Available in Paging File | 13,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,29 Gb Total Space | 51,26 Gb Free Space | 35,52% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 142,65 Gb Free Space | 99,04% Space Free | Partition Type: NTFS
Drive G: | 298,01 Gb Total Space | 128,11 Gb Free Space | 42,99% Space Free | Partition Type: FAT32
 
Computer Name: ASSIGAMMELKEKS | User Name: Melissa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Melissa\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Replay Media Catcher\FLVSrvc.exe (Applian Technologies, Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe (Deutsche Telekom AG)
PRC - C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\profilemgr.exe (Deutsche Telekom AG)
PRC - C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe (Deutsche Telekom AG)
PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
PRC - C:\Programme\Common Files\Marmiko Shared\MWLaMaS.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Programme\Common Files\Marmiko Shared\MWLaMaSUpdate.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Programme\T-Online\T-Online_Software_6\Notifier\Notifier.exe (fun communications GmbH, hxxp://www.fun.de)
PRC - C:\Programme\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.00\WlanCU.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Melissa\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AdobeActiveFileMonitor7.0) -- D:\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (tvicport) -- C:\Windows\System32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (MTOnlPktAlyX) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (SIS163u) -- C:\Windows\System32\drivers\SiS163u.sys (SiS Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp32&d=1008&m=aspire_l5100
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp32&d=1008&m=aspire_l5100
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.02 18:40:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.02 18:40:34 | 000,000,000 | ---D | M]
 
[2009.01.19 23:00:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melissa\AppData\Roaming\mozilla\Extensions
[2011.05.03 00:49:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions
[2010.07.09 10:27:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.14 11:54:26 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.03.28 22:07:49 | 000,000,000 | ---D | M] (Illimitux) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\illimitux@illimitux.net
[2010.01.30 16:48:09 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\radiobar@toolbar
[2010.02.07 02:10:02 | 000,000,000 | ---D | M] (Veoh Video Compass) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\searchrecs@veoh.com
[2011.01.25 12:30:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\staged-xpis
[2011.04.26 09:20:20 | 000,000,000 | ---D | M] (Foxit PDF Creator Toolbar) -- C:\Users\Melissa\AppData\Roaming\mozilla\Firefox\Profiles\ne30dex4.default\extensions\toolbar@ask.com
[2011.04.25 20:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.02.16 21:00:29 | 000,000,000 | ---D | M] (VMLoad) -- C:\Programme\Mozilla Firefox\extensions\{464F169E-ACE1-4C5F-A778-A433A3DABBAE}
[2011.04.25 20:36:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011.04.25 20:36:38 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2009.12.06 21:44:35 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD\FIREFOX\EXT
[2009.01.20 12:30:15 | 000,000,000 | ---D | M] (Veoh Web Player Video Finder) -- C:\PROGRAM FILES\VEOH NETWORKS\VEOHWEBPLAYER\FFVIDEOFINDER
[2011.04.25 20:36:12 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.05.25 18:09:48 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll
[2011.03.06 00:27:43 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.06 00:27:43 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.06 00:27:43 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.03.06 00:27:43 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.06 00:27:43 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.03.30 21:17:20 | 000,615,911 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1  localhost
O1 - Hosts: 127.0.0.1  fr.a2dfp.net
O1 - Hosts: 127.0.0.1  m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1  ad.a8.net
O1 - Hosts: 127.0.0.1  asy.a8ww.net
O1 - Hosts: 127.0.0.1  abcstats.com
O1 - Hosts: 127.0.0.1  a.abv.bg
O1 - Hosts: 127.0.0.1  adserver.abv.bg
O1 - Hosts: 127.0.0.1  adv.abv.bg
O1 - Hosts: 127.0.0.1  bimg.abv.bg
O1 - Hosts: 127.0.0.1  ca.abv.bg
O1 - Hosts: 127.0.0.1  www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1  track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1  accuserveadsystem.com
O1 - Hosts: 127.0.0.1  www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1  achmedia.com
O1 - Hosts: 127.0.0.1  aconti.net
O1 - Hosts: 127.0.0.1  secure.aconti.net
O1 - Hosts: 127.0.0.1  www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1  am1.activemeter.com
O1 - Hosts: 127.0.0.1  www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1  ads.activepower.net
O1 - Hosts: 127.0.0.1  stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1  ad2games.com
O1 - Hosts: 127.0.0.1  cms.ad2click.nl
O1 - Hosts: 16259 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (VMLoadHBO Class) - {C17C7688-31D1-46D7-8C9B-5D253E4F5D5E} - C:\Users\Melissa\AppData\Roaming\VMLoad\addin\VMLoad.dll (TODO: <Company name>)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Replay Media Catcher\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] c:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKCU..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Secret City - {D401C3A2-12EF-4D1D-A086-F3AB10B565BF} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop -  File not found
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Melissa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Melissa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006.11.03 12:58:30 | 000,000,038 | -H-- | M] () - G:\AUTORUN.FCB -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.06 11:39:06 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Melissa\Desktop\OTL.exe
[2011.05.03 12:28:39 | 000,000,000 | ---D | C] -- C:\Users\Melissa\Desktop\hosts
[2011.05.02 20:49:42 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2011.05.02 20:49:42 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSSTDFMT.DLL
[2011.05.02 20:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2011.05.02 20:49:41 | 000,000,000 | ---D | C] -- C:\Programme\SpywareBlaster
[2011.04.27 06:00:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.27 06:00:07 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.27 05:59:57 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.04.26 20:00:02 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2011.04.25 20:42:30 | 000,000,000 | ---D | C] -- C:\Users\Melissa\AppData\Roaming\Foxit Software
[2011.04.25 20:40:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2011.04.25 20:40:46 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com
[2011.04.25 20:40:36 | 000,000,000 | ---D | C] -- C:\Programme\Foxit Software
[2011.04.25 20:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.04.25 20:36:48 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2011.04.25 20:36:26 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.25 20:36:26 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.25 20:36:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.25 20:36:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.04.24 17:57:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.04.17 21:57:10 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.04.16 11:30:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.16 11:30:02 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.16 11:30:02 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.16 11:30:02 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.16 11:30:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.16 11:30:02 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.16 11:30:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.16 11:30:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.16 11:30:01 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.16 11:30:01 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.16 11:30:00 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.16 11:30:00 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.16 11:30:00 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.16 11:30:00 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.16 11:30:00 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.16 11:30:00 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.16 11:30:00 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.16 11:30:00 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.16 11:30:00 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.16 11:30:00 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.16 11:30:00 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.16 11:29:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.16 11:29:59 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.16 11:29:59 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.16 11:29:59 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.16 11:29:59 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.16 11:29:59 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.16 11:29:59 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.16 11:29:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.16 11:29:59 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.16 11:29:59 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.16 11:29:58 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.04.16 11:29:58 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.16 11:29:58 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.04.16 11:29:58 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.16 11:29:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.04.16 11:29:58 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.16 11:29:58 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.16 11:29:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.15 15:11:24 | 000,000,000 | ---D | C] -- C:\Users\Melissa\AppData\Roaming\Malwarebytes
[2011.04.15 15:11:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.15 15:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.15 15:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.15 15:11:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.15 15:11:13 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.04.14 09:01:53 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.14 09:01:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.14 09:01:42 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.14 09:01:41 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.14 09:01:38 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.14 09:01:37 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.14 02:05:14 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011.04.13 12:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2011.04.13 12:51:30 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler
[2011.04.13 12:36:09 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2009.01.19 22:11:52 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2008.09.30 06:55:45 | 000,049,152 | ---- | C] ( ) -- C:\Windows\INTEROP.IWSHRUNTIMELIBRARY.DLL
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.06 11:39:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Melissa\Desktop\OTL.exe
[2011.05.06 11:19:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.06 10:36:47 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.06 10:36:47 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.06 00:22:35 | 000,044,544 | ---- | M] () -- C:\Users\Melissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.05 18:19:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.04 18:38:41 | 000,674,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.04 18:38:41 | 000,634,202 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.04 18:38:41 | 000,146,028 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.04 18:38:41 | 000,119,766 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.04 17:36:35 | 000,343,174 | ---- | M] () -- C:\Users\Melissa\Desktop\Original Tetris theme (Tetris Soundtrack).mp3
[2011.05.03 00:07:20 | 000,042,307 | ---- | M] () -- C:\Users\Melissa\Desktop\Malvada.odt
[2011.05.02 20:49:42 | 000,000,816 | ---- | M] () -- C:\Users\Melissa\Desktop\SpywareBlaster.lnk
[2011.05.02 20:36:45 | 000,328,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.05.02 20:36:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.02 20:36:20 | 1878,515,712 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.28 21:03:16 | 000,211,200 | ---- | M] () -- C:\Users\Melissa\Desktop\Scannen0001xx.jpg
[2011.04.25 20:40:59 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2011.04.25 20:36:11 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.25 20:36:11 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.25 20:36:11 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.25 20:36:11 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.04.19 18:49:41 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011.04.16 11:30:08 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.04.16 11:30:08 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.04.16 11:30:02 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.16 11:30:02 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.16 11:30:02 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.16 11:30:02 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.16 11:30:02 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.16 11:30:02 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.16 11:30:02 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.16 11:30:02 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.16 11:30:01 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.16 11:30:01 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.16 11:30:00 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.16 11:30:00 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.16 11:30:00 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.16 11:30:00 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.16 11:30:00 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.16 11:30:00 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.16 11:30:00 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.16 11:30:00 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.16 11:30:00 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.16 11:30:00 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.04.16 11:30:00 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.16 11:30:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.16 11:29:59 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.16 11:29:59 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.16 11:29:59 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.16 11:29:59 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.16 11:29:59 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.16 11:29:59 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.16 11:29:59 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.16 11:29:59 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.16 11:29:59 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.16 11:29:59 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.16 11:29:58 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.04.16 11:29:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.16 11:29:58 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.04.16 11:29:58 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.16 11:29:58 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.04.16 11:29:58 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.16 11:29:58 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.16 11:29:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.15 15:11:18 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.11 20:43:57 | 092,643,550 | ---- | M] () -- C:\Users\Melissa\Documents\Megavideo.com - 2828C2AF60C2BB..C2AB5BNeverAlone5DC2BB..C2ABC2B4C2AF2929.flv
[2011.04.06 22:35:33 | 000,000,054 | ---- | M] () -- C:\Windows\mpsettings.ini
 
========== Files Created - No Company Name ==========
 
[2011.05.04 17:36:33 | 000,343,174 | ---- | C] () -- C:\Users\Melissa\Desktop\Original Tetris theme (Tetris Soundtrack).mp3
[2011.05.02 20:49:42 | 000,000,816 | ---- | C] () -- C:\Users\Melissa\Desktop\SpywareBlaster.lnk
[2011.04.28 21:03:15 | 000,211,200 | ---- | C] () -- C:\Users\Melissa\Desktop\Scannen0001xx.jpg
[2011.04.26 23:51:38 | 006,332,870 | ---- | C] () -- C:\Users\Melissa\Desktop\13-dope_stars_inc-beatcrusher.mp3
[2011.04.25 20:40:59 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2011.04.19 18:49:40 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011.04.18 21:23:54 | 000,042,307 | ---- | C] () -- C:\Users\Melissa\Desktop\Malvada.odt
[2011.04.16 11:30:00 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.04.15 15:11:18 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.11 20:43:58 | 092,643,550 | ---- | C] () -- C:\Users\Melissa\Documents\Megavideo.com - 2828C2AF60C2BB..C2AB5BNeverAlone5DC2BB..C2ABC2B4C2AF2929.flv
[2011.04.06 22:35:33 | 000,000,054 | ---- | C] () -- C:\Windows\mpsettings.ini
[2010.08.13 11:30:19 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010.06.14 19:12:53 | 000,000,130 | ---- | C] () -- C:\Windows\System32\rpireica.bin
[2009.11.12 20:27:13 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.11.12 20:27:13 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009.11.12 20:27:08 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.11.12 20:27:07 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.11.12 20:27:06 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.11.09 19:19:44 | 000,000,000 | ---- | C] () -- C:\Windows\System32\swunilog.ini
[2009.11.04 23:47:55 | 000,237,568 | ---- | C] () -- C:\Windows\System32\rmc_rtspdl.dll
[2009.09.24 06:17:18 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.24 06:17:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.02 06:57:23 | 000,007,268 | ---- | C] () -- C:\Users\Melissa\AppData\Local\d3d9caps.dat
[2009.07.02 13:51:39 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2009.02.10 19:22:57 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.01.28 20:46:28 | 000,000,096 | ---- | C] () -- C:\Users\Melissa\AppData\Roaming\wklnhst.dat
[2009.01.20 13:05:11 | 000,000,399 | ---- | C] () -- C:\Windows\vtplus32.ini
[2009.01.20 13:05:01 | 000,149,504 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE
[2009.01.20 13:04:31 | 000,032,295 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.01.20 13:04:21 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2009.01.20 13:03:53 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009.01.20 13:03:53 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.01.20 13:03:51 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll
[2009.01.20 13:02:53 | 000,006,315 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2009.01.20 00:02:56 | 000,044,544 | ---- | C] () -- C:\Users\Melissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.19 23:11:52 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.19 22:39:59 | 000,000,095 | ---- | C] () -- C:\Users\Melissa\AppData\Local\fusioncache.dat
[2009.01.19 22:11:52 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.11.06 18:33:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.10.06 06:48:51 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2008.10.06 06:48:51 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2008.01.21 09:15:58 | 000,674,344 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,146,028 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.04.11 19:30:48 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007.04.11 17:09:20 | 000,000,734 | ---- | C] () -- C:\Windows\generic.ini
[2007.04.11 17:09:20 | 000,000,125 | ---- | C] () -- C:\Windows\Alaunch.ini
[2007.04.11 17:07:33 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.04.11 17:07:33 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.04.11 17:07:32 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.04.11 09:20:03 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,328,032 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,634,202 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,119,766 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.01.06 15:04:00 | 000,049,152 | ---- | C] () -- C:\Windows\System32\unwlsdrv.exe
[2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

< End of report >
         

--- --- ---


OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 06.05.2011 11:40:54 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Melissa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
4,00 Gb Paging File | 1,00 Gb Available in Paging File | 13,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,29 Gb Total Space | 51,26 Gb Free Space | 35,52% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 142,65 Gb Free Space | 99,04% Space Free | Partition Type: NTFS
Drive G: | 298,01 Gb Total Space | 128,11 Gb Free Space | 42,99% Space Free | Partition Type: FAT32
 
Computer Name: ASSIGAMMELKEKS | User Name: Melissa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{9265EC7A-E74F-4CDF-8A76-E4033AD19FF8}" = lport=2799 | protocol=17 | dir=in | name=altova license metering port (udp) | 
"{9D830633-DD90-4848-B43D-4EF669D6F30D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C30F9E5F-F884-4709-8280-9BF784D597AF}" = lport=2799 | protocol=6 | dir=in | name=altova license metering port (tcp) | 
"{CDB5E889-7B85-4872-A409-1F10550761B2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{36C6E343-386F-4206-9620-AE09F0637B87}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{37C1A328-628F-440D-BB32-B14E94F9B3C8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{429E1076-6ED3-4631-A110-E242611ABD04}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe | 
"{470485FC-DCD2-42E6-838B-540E050DE5C6}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | 
"{5A2859D1-F844-4801-BA8A-BDC0BDBFA558}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe | 
"{6A08AA94-D7A3-4683-87AB-B24381941503}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{718A601A-C322-4255-83C0-FCDA64B2CA6D}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe | 
"{76D1DCC1-7E94-4A4E-9187-78274AB2BBFC}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe | 
"{868152AE-DA95-4E0E-9108-8CE3109FF356}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{88E99510-3643-4B2E-B7CE-83B61D45F9D8}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{9291FD17-F5BA-4322-A18A-4EC9F59C4022}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe | 
"{99BCA220-9175-484D-BC1C-2B1676046127}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{A53B27B6-773D-47E5-AFA9-73C76B7FF3E9}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe | 
"{A8296857-D3DC-45A0-AEA7-8C9B04B9EB2A}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe | 
"{AB2224D7-5B2C-4C66-9F80-4C9570629041}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{AE04494B-E8AE-437B-9966-C6983DD556F0}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | 
"{AF92660B-57A0-46FB-885B-3665D19E3912}" = dir=in | app=c:\program files\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe | 
"{CA400290-A962-4669-95F0-71C5F75DF3A5}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe | 
"{EB9C78C8-C45B-4B90-80EA-EC8212B374EC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001FC252-5D30-956C-D6E3-405B9651B698}" = CCC Help Korean
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0145ABB1-8F13-D85C-EFA7-16AAFD415F07}" = Catalyst Control Center Localization Chinese Standard
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08091134-5478-4F0E-5A1A-470BE72647ED}" = CCC Help Thai
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{18F72BF6-D1B1-04AF-BBB2-EA2BA6F50EDB}" = CCC Help English
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1E6F7CFD-5BEB-0828-B1B1-645FA4F292DB}" = Catalyst Control Center Localization Korean
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{27005EDF-E80A-7059-81A3-692051625488}" = Catalyst Control Center Localization French
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2D4A265B-8CE4-EF70-0C2A-1271119AA5B3}" = Catalyst Control Center Localization Turkish
"{2EA65C2D-0C11-3D8B-46AE-B9092EE7D64C}" = CCC Help Norwegian
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2EB3629F-C98A-F5A3-25C2-D47B0EDF2A7C}" = CCC Help Greek
"{2FA6AE84-DFE1-9651-7AEB-2E8C78E5B97D}" = CCC Help Swedish
"{355D4B62-447F-1654-70EE-5DEB8D11D807}" = Catalyst Control Center Localization Danish
"{37EBDFAC-5900-A0AD-CCE9-9A0DDA5682F9}" = Catalyst Control Center Localization Portuguese
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{41D87F76-0623-B98E-089E-AD0010369AC1}" = ccc-utility
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45576B9A-D9A9-CCE2-488F-E74A96FA550B}" = CCC Help Turkish
"{472BC165-1990-1963-7AAD-BD4DAA3F293E}" = CCC Help Finnish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4C56E5-819C-E1EB-B682-2F3EB3C32D88}" = CCC Help Hungarian
"{4C0F2181-4765-D5C5-B665-52E7722C1D18}" = Catalyst Control Center Localization Japanese
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{526B988C-393C-181A-0536-257C6AE70D18}" = CCC Help Portuguese
"{5792B5D9-645A-3309-C848-9BB7A68F1667}" = CCC Help Russian
"{593AF68A-BEDA-BC04-D278-7E020F2E6A6E}" = Catalyst Control Center Localization Dutch
"{5EC29BC7-F0E5-4FA1-864C-D155548B024E}" = Altova StyleVision® 2009  Enterprise Edition
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ED5CFB-7EBF-AEF2-C5FF-DCF2D2AC5A77}" = Catalyst Control Center Core Implementation
"{687C95B4-4670-DEF1-4585-E11CE3AB7C26}" = CCC Help German
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D4DC170-69D1-7CE8-EF98-6DCDC887FA1C}" = Catalyst Control Center Localization Spanish
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{75D803F3-2CCA-F91B-F269-1EA77BA56688}" = Catalyst Control Center Localization Chinese Traditional
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CE727EA-498F-B17F-53B6-C695E134C83C}" = Catalyst Control Center Localization Greek
"{7E70195B-0530-EED3-E8FE-237EC86F989E}" = Catalyst Control Center Localization Polish
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88410D8F-8529-492B-B556-2394A29B811B}" = Broadcom Driver Installation Program
"{886607CA-3144-493D-1134-EEAAC8D5AAFD}" = CCC Help French
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A5AEB5F-C533-FD3B-9D35-6FF8BEB91A7E}" = CCC Help Dutch
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CB7C96F-22D5-5911-3507-4639ED218CE6}" = CCC Help Polish
"{8FF37D01-3105-690A-C481-06EBED787498}" = Catalyst Control Center Localization Swedish
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97D4EB44-3BD8-F35A-14AE-73FB3B491396}" = Catalyst Control Center Localization Italian
"{99AF8AED-2960-B47B-CAA0-1558B5E78D48}" = CCC Help Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B5A6F0F-EBEC-85B1-C3C2-07E84A58E0DD}" = Catalyst Control Center Graphics Light
"{9EC9754D-CA34-4293-B5DB-3BD245A88A43}" = ArcSoft MediaImpression
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A78024C0-8C20-27CB-2B7B-6A60445B61AF}" = Catalyst Control Center Localization Russian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B231A9E2-9E9C-9226-E483-DD2D725D1BFE}" = Catalyst Control Center Localization Thai
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7CBEC53-C913-87E2-D70F-3BABEFB0A080}" = Catalyst Control Center Localization Finnish
"{B92C4887-D617-F6C5-DC4B-94984C23E0ED}" = Catalyst Control Center Graphics Full Existing
"{BD2BA0B1-5448-987E-9562-6C665252714A}" = Catalyst Control Center Localization Norwegian
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDC88E5A-F47B-4314-AB38-994592E32C95}" = 802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.00
"{C03A4F4C-09A2-ADA3-0DE9-F830F636DD4B}" = CCC Help Spanish
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C6660342-B863-AD6B-3D74-C5466AAF1A5F}" = CCC Help Italian
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D475C441-82E7-4694-8717-EA8896D6D37A}" = CCC Help Japanese
"{D51FFF33-0F42-72C1-0DFD-220E3B3E4F97}" = CCC Help Chinese Traditional
"{DABC2CCE-5B36-66D2-2CEF-EA2188BE51CF}" = ccc-core-static
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DD8E5E2F-2189-3CB5-D048-38102D91C06A}" = Catalyst Control Center Graphics Full New
"{DE247139-8107-31A7-E580-6AFAE183A95F}" = Catalyst Control Center Localization German
"{DEB38E1A-F4E5-4DF0-96F4-4050567A9D09}" = AV Input Selection
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E7DA2552-8808-7F25-1A85-AAFDE834CA14}" = CCC Help Czech
"{EB0A38F9-6698-B5D5-949E-E042BBEE763B}" = Catalyst Control Center Localization Hungarian
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F748B133-D25C-14C2-0178-D90703042FDE}" = CCC Help Chinese Standard
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{F840ACBD-6167-EDD9-FD4D-41A79DF43552}" = Catalyst Control Center Localization Czech
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Any Video Converter_is1" = Any Video Converter 2.6.7
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CloneDVD2" = CloneDVD2
"Defraggler" = Defraggler
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Foxit Reader" = Foxit Reader
"Free Studio_is1" = Free Studio version 4.2
"Free Video to Mp3 Converter_is1" = Free Video to Mp3 Converter version 3.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"Google Desktop" = Google Desktop
"Graboid Video" = Graboid Video 1.65
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{BDC88E5A-F47B-4314-AB38-994592E32C95}" = 802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.00
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.3.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"RealPlayer 12.0" = RealPlayer
"Replay Media Catcher 3.11" = Replay Media Catcher 3.11
"Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
"Shockwave" = Shockwave
"SpywareBlaster_is1" = SpywareBlaster 4.4
"Tastenteufel" = Tastenteufel
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VideoLAN VLC media player 0.8.6d
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich.
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 24.04.2011 09:07:17 | Computer Name = AssiGammelKeks | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4615976
 
Error - 24.04.2011 09:07:18 | Computer Name = AssiGammelKeks | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 24.04.2011 09:07:18 | Computer Name = AssiGammelKeks | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4616975
 
Error - 24.04.2011 09:07:18 | Computer Name = AssiGammelKeks | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4616975
 
Error - 24.04.2011 09:07:19 | Computer Name = AssiGammelKeks | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 24.04.2011 09:07:19 | Computer Name = AssiGammelKeks | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4618020
 
Error - 24.04.2011 09:07:19 | Computer Name = AssiGammelKeks | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4618020
 
Error - 24.04.2011 09:07:20 | Computer Name = AssiGammelKeks | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 24.04.2011 09:07:20 | Computer Name = AssiGammelKeks | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4619143
 
Error - 24.04.2011 09:07:20 | Computer Name = AssiGammelKeks | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4619143
 
[ System Events ]
Error - 01.05.2011 04:18:52 | Computer Name = AssiGammelKeks | Source = DCOM | ID = 10010
Description = 
 
Error - 01.05.2011 04:18:54 | Computer Name = AssiGammelKeks | Source = atikmdag | ID = 43033
Description = Edid checksum error
 
Error - 02.05.2011 12:12:22 | Computer Name = AssiGammelKeks | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 02.05.2011 12:17:38 | Computer Name = AssiGammelKeks | Source = atikmdag | ID = 43033
Description = Edid checksum error
 
Error - 02.05.2011 12:17:38 | Computer Name = AssiGammelKeks | Source = atikmdag | ID = 43037
Description = 
 
Error - 02.05.2011 12:17:38 | Computer Name = AssiGammelKeks | Source = atikmdag | ID = 43033
Description = Edid checksum error
 
Error - 02.05.2011 14:31:44 | Computer Name = AssiGammelKeks | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 02.05.2011 14:36:20 | Computer Name = AssiGammelKeks | Source = atikmdag | ID = 43033
Description = Edid checksum error
 
Error - 02.05.2011 14:36:20 | Computer Name = AssiGammelKeks | Source = atikmdag | ID = 43037
Description = 
 
Error - 02.05.2011 14:36:21 | Computer Name = AssiGammelKeks | Source = atikmdag | ID = 43033
Description = Edid checksum error
 
 
< End of report >
         

--- --- ---


Gruß
Shinichi

Hallo Shinichi,


Entferne abschließend bitte OTL wieder von deinem Rechner:

Schritt # 1: Systembereinigung mit OTL
Als nächstes müssen wir alle Programme, die zur Malwarebeseitigung notwendig waren, entfernen:

• Starte bitte die OTL.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Schließe bitte nun alle Programme.
• Klicke nun bitte auf den Button Bereinigung.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.

Zitat:

ja genau dieses Fenster ist erschienen, dann hat also alles geklappt sehr schön.

Dein OTL Logfile bestätigt das erfolgreiche Ersetzen der neuen Hosts Datei.

Ich bin froh, dass wir helfen konnten


Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Hallo M-K-D-B,

das freut mich und ich wollte mich nochmal bei dir und dem Board bedanken. Ihe macht wirklich eine tolle Arbeit!

Gruß
Shinichi