Malwarebytes hat Schädling gefunden

fordpaule · 24.04.2011, 00:51

Der Rechner friert erst an einer bestimmten Stelle ein. Der Scan beginnt, es steht da das er normalerweise 10 Minuten dauern würde, oder bei stark infizierten Systemen etwa doppelt so lange, aber selbst nach einer Stunde ist immer noch alles unverändert. Er läßt sich auch nicht schließen oder ähnliches und am Rechner selbst geht dann auch nichts mehr.

Es erscheint keine Fehlermeldung, nur oben in der Leiste des Fensters steht "Keine Rückmeldung".

Ein Logfile kann ich nicht finden.

fordpaule · 24.04.2011, 11:24

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=cde92c77b6bee042a3bc5e82c81b8061
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-04-24 10:16:10
# local_time=2011-04-24 12:16:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3589 16777213 100 84 1079027 54263026 0 0
# compatibility_mode=5893 16776574 100 94 5114266 55235321 0 0
# compatibility_mode=8192 67108863 100 0 995 995 0 0
# scanned=206492
# found=0
# cleaned=0
# scan_time=36040

fordpaule · 24.04.2011, 11:30

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 24.04.2011 12:25:22 - Run 5
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Jörg\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 74,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 262,31 Gb Total Space | 190,70 Gb Free Space | 72,70% Space Free | Partition Type: NTFS
Drive D: | 203,45 Gb Total Space | 199,17 Gb Free Space | 97,90% Space Free | Partition Type: NTFS
Drive K: | 468,76 Gb Total Space | 462,95 Gb Free Space | 98,76% Space Free | Partition Type: NTFS
Drive L: | 462,75 Gb Total Space | 430,64 Gb Free Space | 93,06% Space Free | Partition Type: NTFS
 
Computer Name: JM | User Name: Jörg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.04.24 01:35:41 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jörg\Desktop\OTL.exe
PRC - [2011.04.13 15:03:38 | 001,298,320 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\itype.exe
PRC - [2011.04.13 15:02:34 | 001,808,784 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe
PRC - [2011.04.13 15:02:34 | 000,412,560 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2011.03.30 19:49:44 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2011.03.30 19:48:00 | 001,523,008 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2011.03.22 16:48:45 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.03.09 06:53:18 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011.03.09 06:52:54 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010.12.21 14:04:30 | 000,987,704 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.12.21 14:04:30 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2010.12.21 14:04:30 | 000,291,896 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psi_tray.exe
PRC - [2010.11.24 04:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton 360\Engine\5.0.0.125\ccSvcHst.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.09.21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 15:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.08.19 10:52:14 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.08.19 10:52:04 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007.12.10 16:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC207\Monitor.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.04.24 01:35:41 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jörg\Desktop\OTL.exe
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (PEVSystemStart)
SRV - [2011.03.30 19:48:00 | 001,523,008 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.03.30 19:45:32 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.03.09 06:52:54 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.03.09 01:05:28 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2010.12.24 06:01:12 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.12.21 14:04:30 | 000,987,704 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2010.12.21 14:04:30 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010.11.24 04:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\5.0.0.125\ccSvcHst.exe -- (N360)
SRV - [2010.11.16 02:10:14 | 000,267,568 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010.09.13 12:05:08 | 005,108,624 | ---- | M] (Markement) [Disabled | Stopped] -- C:\Programme\MARKEMENT\PCSUITE INSPECTOR\inspectorsvc.exe -- (PCSUITEINSPECTORSVC)
SRV - [2010.08.19 10:52:04 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010.07.26 19:33:52 | 003,512,072 | ---- | M] (Motorola, Inc.) [Disabled | Stopped] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV - [2010.07.16 15:07:54 | 000,508,680 | ---- | M] (Motorola, Inc.) [On_Demand | Stopped] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010.07.15 13:22:24 | 000,901,384 | ---- | M] (Motorola, Inc.) [Disabled | Stopped] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV - [2010.06.17 06:23:34 | 000,140,224 | ---- | M] (Advanced Micro Devices) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV - [2009.08.10 16:59:50 | 000,178,720 | ---- | M] () [Disabled | Stopped] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.08.10 16:59:48 | 000,387,616 | ---- | M] () [Disabled | Stopped] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.04.23 15:14:21 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\JRG~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2011.04.15 22:29:05 | 000,802,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110419.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011.04.12 13:01:38 | 000,045,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2011.04.04 14:04:02 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110423.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011.04.04 14:04:02 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110423.002\NAVENG.SYS -- (NAVENG)
DRV - [2011.03.14 20:58:33 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110421.001\IDSvix86.sys -- (IDSVix86)
DRV - [2011.03.09 11:21:34 | 007,723,008 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011.03.09 11:21:34 | 007,723,008 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.03.09 06:17:24 | 000,239,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.03.05 04:27:25 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011.03.05 03:04:56 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011.03.03 13:42:16 | 000,381,032 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2011.03.03 13:42:16 | 000,040,824 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)
DRV - [2011.03.03 13:42:14 | 000,057,112 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2010.12.01 07:24:00 | 000,295,032 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0500000.07D\SYMNETS.SYS -- (SymNetS)
DRV - [2010.11.23 18:33:00 | 000,263,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2010.11.23 06:08:31 | 000,509,560 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\Drivers\N360\0500000.07D\SRTSP.SYS -- (SRTSP)
DRV - [2010.11.23 06:08:31 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0500000.07D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.18 04:59:55 | 000,652,336 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0500000.07D\SYMEFA.SYS -- (SymEFA)
DRV - [2010.11.17 14:04:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010.11.16 03:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0500000.07D\Ironx86.SYS -- (SymIRON)
DRV - [2010.10.29 23:11:08 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010.10.21 04:28:36 | 000,340,016 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0500000.07D\SYMDS.SYS -- (SymDS)
DRV - [2010.10.07 14:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.08.31 19:09:00 | 000,208,896 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010.08.12 14:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010.08.12 13:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010.08.07 18:48:42 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.07.28 18:52:04 | 000,395,776 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmusb.sys -- (BTMUSB)
DRV - [2010.07.27 16:25:48 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.07.27 10:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010.06.30 13:02:08 | 000,041,344 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmcom.sys -- (BTMCOM)
DRV - [2010.05.27 14:37:50 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010.04.27 04:25:20 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2010.04.27 04:25:20 | 000,100,352 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssceserd.sys -- (ssceserd) SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM)
DRV - [2010.04.27 04:25:20 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2010.04.27 04:25:20 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2010.02.18 10:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.10.15 18:14:38 | 000,024,352 | ---- | M] (T-Systems International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SipIMNDI.sys -- (SipIMNDI)
DRV - [2009.08.04 16:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2009.07.23 23:02:56 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.07.14 00:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.01.07 23:39:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2008.12.07 12:44:54 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.02 14:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2008.02.13 14:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2006.07.24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dsl-start.computerbild.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.t-online.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 79 F8 D1 B6 88 CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5
FF - prefs.js..extensions.enabledItems: {269FB356-C69F-7349-D092-AB28AF836D0E}:3.5.004
FF - prefs.js..extensions.enabledItems: {4a1a0a40-7d27-11dd-ad8b-0800200c9a66}:1.3.1
FF - prefs.js..extensions.enabledItems: {81514210-E22A-4e69-93D5-E1EFD45B4620}:0.3.10.01.23
FF - prefs.js..extensions.enabledItems: {e213bb8f-8ebd-11db-96b7-005056c00008}:3.0.0.91
FF - prefs.js..network.proxy.http: "www-proxy.t-online.de"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://mystart.incredimail.com/?loc=ff_address_bar_fs_IM2_TEST&search="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.01.14 02:22:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011.03.05 03:08:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn\ [2011.03.05 03:04:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.06.28 02:24:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.22 16:48:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.22 16:48:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.13\extensions\\Components: C:\Program Files\SeaMonkey\components [2011.03.27 00:38:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.13\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2011.03.27 00:38:24 | 000,000,000 | ---D | M]
 
[2011.02.14 18:04:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Extensions
[2011.02.14 18:04:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009.12.30 04:39:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2011.04.15 22:16:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions
[2010.03.26 22:52:50 | 000,000,000 | ---D | M] (Strata Aero) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{269FB356-C69F-7349-D092-AB28AF836D0E}
[2011.01.13 03:04:09 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.03.11 17:31:31 | 000,000,000 | ---D | M] (MonoChrome) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{4a1a0a40-7d27-11dd-ad8b-0800200c9a66}
[2010.03.11 17:29:17 | 000,000,000 | ---D | M] (Past Modern) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{81514210-E22A-4e69-93D5-E1EFD45B4620}
[2011.03.22 16:51:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010.06.04 16:03:47 | 000,000,000 | ---D | M] (myFireFox) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}
[2010.03.26 22:52:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{269FB356-C69F-7349-D092-AB28AF836D0E}\mozapps\extensions
[2011.03.22 16:51:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{dc572301-7619-498c-a57d-39143191b318}\modules\extensions
[2010.06.04 16:03:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}\chrome\mozapps\extensions
[2011.04.22 00:02:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\SeaMonkey\Profiles\itaa7dxm.default\extensions
[2010.04.15 20:20:37 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Jörg\AppData\Roaming\mozilla\SeaMonkey\Profiles\itaa7dxm.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011.01.11 04:05:50 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jörg\AppData\Roaming\mozilla\SeaMonkey\Profiles\itaa7dxm.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.04.21 23:52:39 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Jörg\AppData\Roaming\mozilla\SeaMonkey\Profiles\itaa7dxm.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2010.08.25 21:37:15 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Users\Jörg\AppData\Roaming\mozilla\SeaMonkey\Profiles\itaa7dxm.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2010.09.04 21:29:10 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Users\Jörg\AppData\Roaming\mozilla\SeaMonkey\Profiles\itaa7dxm.default\extensions\inspector@mozilla.org
[2010.10.26 14:02:59 | 000,002,149 | ---- | M] () -- C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\searchplugins\MyStart Search.xml
[2010.08.12 13:12:24 | 000,005,529 | ---- | M] () -- C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\searchplugins\SearchquWebSearch.xml
[2011.03.21 17:14:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.02.18 11:41:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011.02.18 11:41:38 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.03.05 03:04:09 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN
[2011.03.05 03:08:04 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
File not found (No name found) -- C:\USERS\JÃ¶RG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6WEU7DO9.DEFAULT\EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C}
File not found (No name found) -- C:\USERS\JÃ¶RG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6WEU7DO9.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\USERS\JÃ¶RG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6WEU7DO9.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}
File not found (No name found) -- C:\USERS\JÃ¶RG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6WEU7DO9.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
File not found (No name found) -- C:\USERS\JÃ¶RG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6WEU7DO9.DEFAULT\EXTENSIONS\SEARCHDICTCC@ROUGHAEL.XPI
[2011.03.22 16:48:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2011.02.18 11:41:21 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2008.09.09 15:15:38 | 000,098,304 | ---- | M] (Zylom) -- C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2011.03.22 16:48:48 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.22 16:48:48 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2011.03.22 16:48:48 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.22 16:48:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.08.12 13:12:24 | 000,005,529 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
[2011.03.22 16:48:48 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.22 16:48:48 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.08.08 21:23:39 | 000,000,825 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\5.0.0.125\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\5.0.0.125\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.0.0.125\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [KiesPDLR]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Programme\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Programme\Motorola\Bluetooth\btmiesend.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O27 - HKLM IFEO\burningstudioelements.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\fixitcenter.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\nvcplui.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\setup.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.03.31 10:35:30 | 000,000,102 | ---- | M] () - K:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{b8cc613c-311f-11e0-bc6b-001d6012fcdd}\Shell - "" = AutoRun
O33 - MountPoints2\{b8cc613c-311f-11e0-bc6b-001d6012fcdd}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{b8cc6157-311f-11e0-bc6b-001d6012fcdd}\Shell - "" = AutoRun
O33 - MountPoints2\{b8cc6157-311f-11e0-bc6b-001d6012fcdd}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.24 01:58:55 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2011.04.24 01:57:50 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Jörg\Desktop\esetsmartinstaller_enu.exe
[2011.04.24 01:37:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.04.24 01:35:33 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Jörg\Desktop\OTL.exe
[2011.04.23 16:07:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011.04.23 15:12:57 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.04.23 15:12:57 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.04.23 15:12:57 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.04.23 15:06:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.04.22 11:56:25 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.04.21 03:23:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus
[2011.04.21 03:23:09 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliPoint
[2011.04.21 03:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Tastatur
[2011.04.21 03:10:18 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliType Pro
[2011.04.18 14:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.04.12 23:19:57 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.04.12 22:48:10 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.12 22:48:10 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.12 22:48:08 | 002,333,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.12 22:48:06 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.12 22:48:06 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.12 22:48:06 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.12 22:48:03 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2011.04.12 19:22:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2011.04.12 19:22:44 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2011.04.12 19:22:44 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2011.04.12 19:22:43 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2011.04.12 19:22:42 | 004,105,832 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2011.04.12 19:22:42 | 002,160,744 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2011.04.12 19:22:42 | 000,485,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2011.04.12 19:22:42 | 000,070,248 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2011.04.12 19:22:41 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2011.04.12 19:22:41 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2011.04.12 19:22:41 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2011.04.12 19:22:41 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2011.04.12 19:22:41 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2011.04.12 19:22:41 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2011.04.12 19:22:38 | 001,730,112 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2011.04.12 19:22:37 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2011.04.12 19:22:37 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2011.04.12 18:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.04.12 18:24:57 | 000,000,000 | ---D | C] -- C:\Programme\AMD APP
[2011.04.12 18:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.04.12 13:01:38 | 000,045,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dc3d.sys
[2011.04.12 11:57:47 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2011.04.12 11:57:47 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2011.04.11 03:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeGamePick.com
[2011.04.08 23:02:10 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itpcoin815.dll
[2011.04.08 23:02:04 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipcoin815.dll
[2011.04.07 18:08:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\sda
[2011.04.07 18:08:16 | 009,888,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtsUStoricon.dll
[2011.04.07 18:08:16 | 000,313,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtsUStor.dll
[2011.04.07 18:08:16 | 000,197,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtsUStor.sys
[2011.04.07 18:04:36 | 003,789,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
[2011.04.07 18:04:36 | 000,357,720 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32H.dll
[2011.04.07 18:04:36 | 000,263,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
[2011.04.07 18:04:36 | 000,076,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32H.dll
[2011.04.07 18:04:36 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32H.dll
[2011.04.07 18:04:35 | 001,974,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
[2011.04.07 18:04:35 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DHT32.dll
[2011.04.07 18:04:35 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RH3DAA32.dll
[2011.04.07 18:04:35 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32H.dll
[2011.04.07 18:04:35 | 000,069,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
[2011.04.07 17:01:50 | 000,000,000 | ---D | C] -- C:\Users\Jörg\Documents\DriverGenius
[2011.04.06 01:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\formatpart
[2011.04.05 22:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\redistpart
[2011.04.05 15:49:35 | 000,000,000 | ---D | C] -- C:\Programme\EASEUS
[2011.04.05 14:32:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.04.05 13:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Paragon
[2011.03.26 20:16:32 | 000,000,000 | ---D | C] -- C:\archive_db
[2011.03.26 20:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\createpart
[2011.03.26 18:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011.03.26 18:26:18 | 000,000,000 | ---D | C] -- C:\Programme\Ashampoo
[2011.03.26 17:46:46 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\openBVE
[2011.03.26 17:45:05 | 000,000,000 | ---D | C] -- C:\Users\Jörg\Neuer Ordner
[2011.03.26 17:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Festplatten Manager™ 2011 Kompakt
[1 C:\Users\Jörg\AppData\Local\*.tmp files -> C:\Users\Jörg\AppData\Local\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.24 12:26:42 | 000,879,081 | ---- | M] () -- C:\Users\Jörg\Desktop\SecurityCheck.exe
[2011.04.24 10:17:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.24 01:58:47 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Jörg\Desktop\esetsmartinstaller_enu.exe
[2011.04.24 01:46:48 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 01:46:48 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 01:38:54 | 2817,433,600 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.24 01:35:41 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jörg\Desktop\OTL.exe
[2011.04.22 11:06:23 | 000,002,689 | ---- | M] () -- C:\Users\Jörg\Desktop\Microsoft-Maus.lnk
[2011.04.22 03:00:17 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.22 03:00:17 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.22 03:00:17 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.22 03:00:17 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.21 12:30:47 | 000,305,072 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.21 03:29:29 | 000,002,971 | ---- | M] () -- C:\Users\Jörg\Desktop\Microsoft-Tastatur.lnk
[2011.04.20 23:25:09 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.20 23:25:09 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.18 14:26:56 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.15 13:03:55 | 000,245,293 | ---- | M] () -- C:\Windows\hpoins19.dat
[2011.04.12 13:01:38 | 000,045,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dc3d.sys
[2011.04.12 11:57:45 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011.04.08 23:02:10 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\itpcoin815.dll
[2011.04.08 23:02:04 | 000,390,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ipcoin815.dll
[2011.04.07 11:50:13 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-561928940-1091444881-3976653915-1000UA.job
[2011.04.07 11:50:13 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-561928940-1091444881-3976653915-1000Core.job
[2011.04.06 02:12:13 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2011.04.05 09:35:24 | 000,002,410 | ---- | M] () -- C:\Users\Jörg\Desktop\Paragon Festplatten Manager™.lnk
[2011.03.31 16:49:14 | 004,105,832 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2011.03.31 16:49:14 | 002,160,744 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2011.03.30 19:50:20 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2011.03.30 19:45:40 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2011.03.30 19:45:32 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2011.03.26 17:46:49 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011.03.26 17:46:48 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[1 C:\Users\Jörg\AppData\Local\*.tmp files -> C:\Users\Jörg\AppData\Local\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.04.24 12:26:24 | 000,879,081 | ---- | C] () -- C:\Users\Jörg\Desktop\SecurityCheck.exe
[2011.04.23 15:12:57 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.04.23 15:12:57 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.04.23 15:12:57 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.04.23 15:12:57 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.04.23 15:12:57 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.04.22 11:06:23 | 000,002,689 | ---- | C] () -- C:\Users\Jörg\Desktop\Microsoft-Maus.lnk
[2011.04.21 03:29:29 | 000,002,971 | ---- | C] () -- C:\Users\Jörg\Desktop\Microsoft-Tastatur.lnk
[2011.04.18 14:26:56 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.15 13:02:48 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2011.04.06 02:12:13 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2011.04.05 09:35:24 | 000,002,410 | ---- | C] () -- C:\Users\Jörg\Desktop\Paragon Festplatten Manager™.lnk
[2011.03.21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011.02.14 18:03:50 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.02.07 17:36:47 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.02.02 00:01:14 | 000,227,586 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.01.18 15:55:52 | 000,019,456 | ---- | C] () -- C:\Users\Jörg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.13 05:03:18 | 000,003,155 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.01.12 18:26:11 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011.01.04 17:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.01.04 17:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.01.04 17:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.01.04 17:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.12.24 05:13:43 | 000,224,180 | ---- | C] () -- C:\Windows\hpoins16.dat
[2010.12.24 05:13:43 | 000,003,770 | ---- | C] () -- C:\Windows\hpomdl16.dat
[2010.10.08 04:08:07 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.10.08 04:07:58 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.10.08 04:07:54 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.09.05 14:26:15 | 000,000,130 | ---- | C] () -- C:\Windows\tropical_beaches1.ini
[2010.09.05 14:24:20 | 000,000,091 | ---- | C] () -- C:\Windows\System32\nfsHDWaterfall03.ini
[2010.09.05 14:21:44 | 000,001,760 | ---- | C] () -- C:\Windows\unins002.dat
[2010.08.29 16:23:08 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010.08.29 16:23:08 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010.07.03 02:40:38 | 000,000,130 | ---- | C] () -- C:\Windows\waterscenes1.ini
[2010.07.03 02:39:58 | 000,001,694 | ---- | C] () -- C:\Windows\unins001.dat
[2010.07.03 02:38:27 | 000,000,186 | ---- | C] () -- C:\Windows\waterscenes2.ini
[2010.07.03 02:37:22 | 000,001,730 | ---- | C] () -- C:\Windows\unins000.dat
[2010.01.25 12:24:16 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLec.DAT
[2010.01.14 02:21:32 | 000,023,686 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010.01.08 16:54:01 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010.01.08 16:48:26 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009.12.31 16:33:05 | 000,074,240 | ---- | C] () -- C:\Windows\AKDeInstall.exe
[2009.12.31 00:49:42 | 000,245,293 | ---- | C] () -- C:\Windows\hpoins19.dat
[2009.12.31 00:49:42 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2009.12.30 13:26:28 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Super Strings
[2009.12.30 13:26:28 | 000,000,268 | RH-- | C] () -- C:\Users\Jörg\AppData\Roaming\Stingers
[2009.12.30 13:26:28 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLds.DAT
[2009.12.29 19:31:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 10:47:43 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:47:43 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,305,072 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008.12.07 12:44:54 | 000,030,088 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2008.08.21 03:36:01 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.03.06 02:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2006.11.02 10:27:46 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP207.ini

< End of report >

--- --- ---

fordpaule · 24.04.2011, 11:31

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 24.04.2011 12:25:22 - Run 5
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Jörg\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 74,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 262,31 Gb Total Space | 190,70 Gb Free Space | 72,70% Space Free | Partition Type: NTFS
Drive D: | 203,45 Gb Total Space | 199,17 Gb Free Space | 97,90% Space Free | Partition Type: NTFS
Drive K: | 468,76 Gb Total Space | 462,95 Gb Free Space | 98,76% Space Free | Partition Type: NTFS
Drive L: | 462,75 Gb Total Space | 430,64 Gb Free Space | 93,06% Space Free | Partition Type: NTFS
 
Computer Name: JM | User Name: Jörg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{080E275F-67BF-6E44-10A5-6B25BD0C73E6}" = ccc-utility
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23D4A873-14FF-474E-0001-6529DDC11226}" = CDRWIN 8
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{29258311-EA49-11DE-967C-005056C00008}" = Paragon Festplatten Manager™ 2011 Kompakt
"{2E1A71D5-7897-4F3F-B0E3-B412C86A646D}" = Need for Speed™ ProStreet
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{32A3A4F4-B792-11D6-A78A-00B0D0160240}" = Java(TM) SE Development Kit 6 Update 24
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44A3BDE7-E797-4FBC-8FBD-DE5E68AB4D26}" = Fischer Weltalmanach und Atlas 2010
"{4944DAC1-2923-4D8E-908A-D08E2998ADBE}" = Trust Webcam Live 
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{67E0C987-AAC3-E5A2-B32D-1BE48BC297E1}" = ATI Catalyst Install Manager
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69606296-D891-72A8-8E38-FB505C78178D}" = AMD Drag and Drop Transcoding
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6CF47FD1-3CF8-4206-BA24-A2B1E43D8CCA}" = IncrediMail
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7F4BDCF6-8E71-4675-859F-274D4541DDF8}" = Internet Explorer
"{8004E5FD-A3A1-F723-EDAF-D5808A756DDC}" = Catalyst Control Center Graphics Previews Common
"{8232F780-08F1-4894-AA3E-76529901E391}" = PS_SF_02_Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C06EE31-AE51-4589-B53F-1406F6BBA229}" = F.E.A.R. Ultimate Shooter Edition - F.E.A.R. 2
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FD4407C-A901-092A-EB3C-602B52C361DC}" = Catalyst Control Center
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96056420-DDF3-46A7-AA8D-BC2D1AE5290B}" = Microsoft IntelliType Pro 8.1
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A6F4E4F-9FAB-78A2-020B-3DAED3B2E0E1}" = AMD Fuel
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek PCI Fast Ethernet Controller Driver For Vista and Win7
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{BB751CFD-8BCE-9754-ACBE-D6EFDC69C937}" = WMV9/VC-1 Video Playback
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C24B0741-A616-6C3F-F952-BAC0CE90761F}" = CCC Help English
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C64A995B-1A93-48CE-B93B-1EEDB096CBD7}" = PS_SF_02_Software_Min
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust WB-1300N Webcam Live
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CE9FEF4B-B88C-45DE-B89A-42BEAE7D6601}" = SlimCleaner
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D3DA07A4-2AB9-4226-83C5-E7948B179243}" = NetSchafkopf
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E60B8506-DDC7-433d-AF9E-999D0F543C4A}" = 2570_Help
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E9BECF5D-5BA8-950F-7757-17D825A37371}" = Catalyst Control Center InstallProxy
"{EA7FE7AB-34AE-4e14-84C5-187E6EC0AB9B}" = 2570
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F66D5732-C2A6-4f88-B8FE-AEDA10355FBD}" = 2570Trb
"{F69E48F2-94B0-4272-845C-5F21F2A9815F}" = HP Photosmart Printer Driver Software 13.0 Rel. 2
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Animated Tropical Beaches_is1" = Animated Tropical Beaches
"Animated Water Scenes 2_is1" = Animated Water Scenes 2
"Animated Water Scenes_is1" = Animated Water Scenes
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.4
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"ESET Online Scanner" = ESET Online Scanner v3
"Free Billiards 2008_is1" = Free Billiards 2008
"Fun and Bullets_is1" = Fun and Bullets
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"IncrediMail" = IncrediMail 2.0
"InstallShield_{44A3BDE7-E797-4FBC-8FBD-DE5E68AB4D26}" = Fischer Weltalmanach und Atlas 2010
"InstallShield_{4944DAC1-2923-4D8E-908A-D08E2998ADBE}" = Trust Webcam Live 
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"Knippel Shareware" = Knippel Shareware
"LogoMaker_is1" = LogoMaker 3.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Microsoft IntelliType Pro 8.1" = Microsoft IntelliType Pro 8.1
"Mobile Partner" = Mobile Partner
"Motorola Bluetooth_is1" = Motorola Bluetooth
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"N360" = Norton 360
"nfsHDWaterfall03 New Free Screensaver_is1" = NewFreeScreensaver nfsHDWaterfall03
"Nikon FotoShare" = Nikon FotoShare
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Opera 11.01.1190" = Opera 11.01
"PCSUITE_INSPECTOR_PRO_is1" = PCSUITE INSPECTOR
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"POI FINDER (iGO My way 8)_is1" = POI FINDER 3.67 (iGO My way 8)
"RACE_is1" = RACE
"RealPlayer 12.0" = RealPlayer
"SeaMonkey (2.0.13)" = SeaMonkey (2.0.13)
"Secunia PSI" = Secunia PSI (2.0.0.1003)
"Shop for HP Supplies" = Shop for HP Supplies
"Skat! 2000" = Skat! 2000
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Veetle TV" = Veetle TV 0.9.17
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SKIP-BO Castaway Caper(TM)" = SKIP-BO Castaway Caper(TM)
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

--- --- ---

fordpaule · 24.04.2011, 11:35

Results of screen317's Security Check version 0.99.10
Windows 7 Service Pack 1 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
ESET Online Scanner v3
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
TuneUp Utilities 2011
TuneUp Utilities Language Pack (de-DE)
SlimCleaner
Java(TM) 6 Update 24
Java(TM) SE Development Kit 6 Update 24
Adobe Flash Player 10.2.159.1
````````````````````````````````
Process Check:
objlist.exe by Laurent
Norton ccSvcHst.exe
``````````End of Log````````````

fordpaule · 24.04.2011, 11:40

Wieso steht da IE 8? Ich habe definitiv IE 9 auf dem Rechner...

M-K-D-B · 24.04.2011, 12:50

Hallo fordpaule,

Schritt # 1: Fragen beantworten

Zitat:

Wieso steht da IE 8? Ich habe definitiv IE 9 auf dem Rechner...

Da scheint ein Fehler bei SecurityCheck vorzuliegen. OTL bestätigt, dass du den IE 9 installiert hast.

Gibts noch Probleme mit deinem Rechner oder läuft alles so wie es sein soll?

Zitat:

Windows 7 Service Pack 1 (UAC is disabled!)

Warum ist die Benutzerkontensteuerung deaktiviert?
Info: Benutzerkontensteuerung (UAC) deaktivieren / aktivieren

Klicke auf Start
Gib unten in die Suchleiste folgendes ein:
Code:
ATTFilter
```
msconfig
         
```
Klicke Enter
Wähle den Tab Tools aus.
Wähle den Eintrag UAC-Einstellungen ändern aus
Klicke auf Starten
Wähle mindestens die zweite Einstellung von oben aus und klicke auf Ok.
Bestätige die Änderungen gegebenenfalls mit Ja.
Schließe das Fenster wieder.

Schritt # 2: Registry Cleaner
Ich sehe, dass Du sogenannte Registry Cleaner am System hast.
In deinem Fall SlimCleaner.

Wir empfehlen auf keinen Fall jegliche Art von Registry Cleaner.

Der Grund ist ganz einfach:

Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr booted.

Wie soll der Cleaner zu 100% wissen ob der Eintrag benötigt wird oder nicht ?
Es ist vollkommen egal ob ein paar verwaiste Registry Einträge am System sind oder nicht.
Auch die dauernd angepriesene Beschleunigung des Systems ist nur bedingt wahr. Du würdest es nicht merken.

Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen.
Zerstörst Du die Registry, zerstörst Du Windows.

Ich empfehle Dir hiermit die oben genannte Software zu deinstallieren und in Zukunft auf solche Art von Software zu verzichten.
TuneUp Utilities 2011 hast du ebenfalls noch installiert. Man kanns mit solchen Programmen auch übertreiben.

Schritt # 3: Java deinstallieren/neu installieren

Schließe alle Internet Browser.
Folge dem Pfad: Start -> Systemsteuerung -> Programme deinstallieren
Deinstalliere bitte Java(TM) 6 Update 24 und Java(TM) SE Development Kit 6 Update 24
Lade dir anschließend Java(TM) 6 Update 25 und Java(TM) SE Development Kit 6 Update 25 auf deinen Desktop.
Installiere anschließend die neuen Versionen mit Rechtsklick -> Als Administrator ausführen

Schritt # 4: Durchführung einer Sicherheitskontrolle

Starte SecurityCheck.exe und folge den Anweisungen in der DOS- Box.
Wenn der Scan beendet wurde, sollte sich ein Textdokument ( checkup.txt ) öffnen.
Poste den Inhalt bitte hier.

Schritt # 5: Deine Rückmeldung
Zur weiteren Analyse benötige ich zusammen mit deiner nächsten Antwort

die Beantwortung der gestellten Fragen und
das neue Logfile von SecurityCheck.

fordpaule · 24.04.2011, 16:09

Results of screen317's Security Check version 0.99.10
Windows 7 Service Pack 1 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
ESET Online Scanner v3
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
TuneUp Utilities 2011
TuneUp Utilities Language Pack (de-DE)
Java(TM) 6 Update 25
Java(TM) SE Development Kit 6 Update 25
Java DB 10.6.2.1
Out of date Java installed!
Adobe Flash Player 10.2.159.1
````````````````````````````````
Process Check:
objlist.exe by Laurent
Norton ccSvcHst.exe
``````````End of Log````````````

fordpaule · 24.04.2011, 16:12

SlimCleaner habe ich entfernt. Weiß gar nicht mehr weshalb der auf dem Rechner gewesen ist, benutzt habe ich ihn nie.

Der Rechner läuft sehr gut. Habe keinerlei Probleme feststellen können.

Die Benutzerkontensteuerung war abgeschaltet, da mich die ständigen Fragen beim Installieren von Programmen gestört haben. War wohl keine allzu gute Idee...

Gelesen hatte ich das mit der Benutzerkontensteuerung im deutschen Windows 7 Forum.

M-K-D-B · 24.04.2011, 18:00

Hallo fordpaule,

Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Dein Rechner ist sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Schritt # 1: Systembereinigung mit OTL
Als nächstes müssen wir alle Programme, die zur Malwarebeseitigung notwendig waren, entfernen:

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Button Bereinigung.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.

Schritt # 2: Programme deinstallieren/löschen

Deinstalliere als nächstes bitte folgende Programme über die Systemsteuerung:
- ESET Online Scanner
Führe gegebenenfalls einen Neustart deines Rechners durch.
Deinstalliere/Lösche gegebenenfalls weitere Dateien und Programme, die wir verwendet haben, manuell, falls sie noch nicht von deinem Rechner entfernt wurden.

Schritt # 3: Windows Update aktivieren
Sehen wir nach ob die Updates für Windows sich automatisch downloaden. Das ist der beste Weg um all die Sicherheits- Patches und Fixes zu erhalten.

Windows + R Taste drücken.
Kopiere nun folgenden Text in die Kommandozeile:
Code:
ATTFilter
```
RunDll32.exe shell32.dll,Control_RunDLL wscui.cpl
         
```
Klicke auf Ok.
Stelle sicher, dass die automatischen Updates aktiviert sind.
Downloade und installiere gegebenenfalls alle verfügbaren Updates.

Schritt # 4: Schutz vor weiteren Infektionen
Damit du in Zukunft vor ähnlichen Infektionen geschützt bist, empfehle ich dir noch ein paar nützliche Programme inklusive ein paar Tipps.

Vergewissere dich, dass dein Virenscanner stets aktuell ist und regelmäßig Updates erhält.
Daneben empfehle ich dir die Verwendung eines der folgenden Anti-Malware tools:
- Malwarebytes' Anti-Malware
- SuperAntiSpyware
- Emsisoft AntiMalware
SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Eine Einführung findest du hier
Öffne keine E-Mails oder deren Anhänge, wenn du den Absender nicht kennst!
Verwende keine Filesharing Programme, da damit sehr oft Malware übertragen wird!
Verwende keine Keygens, Cracks, Cheats, etc.!
Halte ALLE deine Programme aktuell, z. B. mit dem Online Secunia Inspector!

Schritt # 5: Deine Rückmeldung
Bitte gib mir kurz Bescheid, wenn alles erledigt ist und du keine Fragen mehr hast, damit ich das Thema aus meinen Abos löschen kann.

fordpaule · 24.04.2011, 21:56

OTL und alle weiteren Programme und Dateien sind deinstaliert, bzw. gelöscht.

Windows Update ist eingeschaltet und hat auch ein optionales Update gefunden und erfolgreich instaliert.

Habe mir zusätzlich zu Malewarbytes' Anti-Malware noch den Emsisoft AntiMalware Scanner heruntergeladen.

Meine Programme halte ich mit den Secunia Personal Software Inspector auf dem neuesten Stand.

Habe keine weiteren Fragen und bedanke mich sehr herzlich für Deine kompetente Hilfe!

M-K-D-B · 24.04.2011, 21:59

Ich bin froh, dass wir helfen konnten

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

fordpaule · 25.04.2011, 01:29

Ich habe gerade diesen Emsisoft AntiMalware Scanner laufen lassen und bekam folgendes angezeigt:

Zitat:

Emsisoft Anti-Malware - Version 5.1
Letztes Update: 24.04.2011 23:46:22

Scan Einstellungen:

Scan Methode: N/A
Objekte: Speicher, Traces, Cookies, C:\Windows\, C:\Program Files
Archiv Scan: Aus
Heuristik: Aus
ADS Scan: An

Scan Beginn: 24.04.2011 23:46:36

Key: HKEY_LOCAL_MACHINE\software\Trymedia Systems gefunden: Trace.Registry.Trymedia!A2
Key: HKEY_LOCAL_MACHINE\software\Trymedia Systems\ActiveMARK Software gefunden: Trace.Registry.Trymedia!A2
C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Cookies\jörg@bs.serving-sys[1].txt gefunden: Trace.TrackingCookie.bs.serving-sys!A2
C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Cookies\jörg@doubleclick[1].txt gefunden: Trace.TrackingCookie.doubleclick!A2
C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Cookies\jörg@incredimail[2].txt gefunden: Trace.TrackingCookie.incredimail!A2
C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Cookies\jörg@serving-sys[1].txt gefunden: Trace.TrackingCookie.serving-sys!A2
C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Cookies\Low\jörg@incredimail[2].txt gefunden: Trace.TrackingCookie.incredimail!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1281273693934000 gefunden: Trace.TrackingCookie.aol.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1281450234239000 gefunden: Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1281984534814000 gefunden: Trace.TrackingCookie.about.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1281984537031000 gefunden: Trace.TrackingCookie.about.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1281984537048000 gefunden: Trace.TrackingCookie.about.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1282042990875001 gefunden: Trace.TrackingCookie.myspace.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1282674726400000 gefunden: Trace.TrackingCookie.azcentral.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1282674726405000 gefunden: Trace.TrackingCookie.azcentral.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1282674726433000 gefunden: Trace.TrackingCookie.azcentral.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283096183043000 gefunden: Trace.TrackingCookie.azcentral.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283292495748001 gefunden: Trace.TrackingCookie.usatoday.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283438569933000 gefunden: Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283438569934000 gefunden: Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283815538557000 gefunden: Trace.TrackingCookie.usatoday.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283972402069000 gefunden: Trace.TrackingCookie.myspace.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283972408193000 gefunden: Trace.TrackingCookie.myspace.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283972440748000 gefunden: Trace.TrackingCookie.myspace.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1284504006369000 gefunden: Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1285248121619000 gefunden: Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1285248132153000 gefunden: Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1285424906342000 gefunden: Trace.TrackingCookie.myspace.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1286827026977000 gefunden: Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1286827026978000 gefunden: Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1289741879009000 gefunden: Trace.TrackingCookie.media!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1289912291701000 gefunden: Trace.TrackingCookie.aol.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1292868505020000 gefunden: Trace.TrackingCookie.media!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1295100265696000 gefunden: Trace.TrackingCookie.thefreedictionary.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1296169440629000 gefunden: Trace.TrackingCookie.www.emjcd.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1296570902413000 gefunden: Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1296695280457000 gefunden: Trace.TrackingCookie.www.zanox-affiliate.de!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1296869512063001 gefunden: Trace.TrackingCookie.aol.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1296869512063002 gefunden: Trace.TrackingCookie.aol.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1298392245523000 gefunden: Trace.TrackingCookie.s2.trafficmaxx.de!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1298429407325000 gefunden: Trace.TrackingCookie.aol.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1299026374412000 gefunden: Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1299082746639000 gefunden: Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1299109193211000 gefunden: Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1299110046416000 gefunden: Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1299716842654000 gefunden: Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117154081 gefunden: Trace.TrackingCookie.analytics.worldnow.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117165086 gefunden: Trace.TrackingCookie.usatoday.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117165098 gefunden: Trace.TrackingCookie.usatoday.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175656 gefunden: Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175657 gefunden: Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175662 gefunden: Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175663 gefunden: Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175664 gefunden: Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175680 gefunden: Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175985 gefunden: Trace.TrackingCookie.www6.addfreestats.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117177389 gefunden: Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117178368 gefunden: Trace.TrackingCookie.doubleclick.net!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117180972 gefunden: Trace.TrackingCookie.com!A2

Gescannt

Dateien: 164592
Traces: 587294
Cookies: 3088
Prozesse: 54

Gefunden

Dateien: 0
Traces: 2
Cookies: 57
Prozesse: 0
Registry Keys: 0

Scan Ende: 25.04.2011 01:45:03
Scan Zeit: 1:58:27

C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117180972 Quarantäne Trace.TrackingCookie.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117178368 Quarantäne Trace.TrackingCookie.doubleclick.net!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175985 Quarantäne Trace.TrackingCookie.www6.addfreestats.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175656 Quarantäne Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175657 Quarantäne Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175662 Quarantäne Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175663 Quarantäne Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175664 Quarantäne Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117175680 Quarantäne Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117177389 Quarantäne Trace.TrackingCookie.go.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117154081 Quarantäne Trace.TrackingCookie.analytics.worldnow.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1298392245523000 Quarantäne Trace.TrackingCookie.s2.trafficmaxx.de!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1296695280457000 Quarantäne Trace.TrackingCookie.www.zanox-affiliate.de!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1296169440629000 Quarantäne Trace.TrackingCookie.www.emjcd.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1295100265696000 Quarantäne Trace.TrackingCookie.thefreedictionary.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1289741879009000 Quarantäne Trace.TrackingCookie.media!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1292868505020000 Quarantäne Trace.TrackingCookie.media!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1285248121619000 Quarantäne Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1285248132153000 Quarantäne Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1296570902413000 Quarantäne Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1299026374412000 Quarantäne Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1299082746639000 Quarantäne Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1299109193211000 Quarantäne Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1299110046416000 Quarantäne Trace.TrackingCookie.msnbc.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283292495748001 Quarantäne Trace.TrackingCookie.usatoday.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283815538557000 Quarantäne Trace.TrackingCookie.usatoday.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117165086 Quarantäne Trace.TrackingCookie.usatoday.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1300804117165098 Quarantäne Trace.TrackingCookie.usatoday.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1282674726400000 Quarantäne Trace.TrackingCookie.azcentral.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1282674726405000 Quarantäne Trace.TrackingCookie.azcentral.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1282674726433000 Quarantäne Trace.TrackingCookie.azcentral.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283096183043000 Quarantäne Trace.TrackingCookie.azcentral.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1282042990875001 Quarantäne Trace.TrackingCookie.myspace.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283972402069000 Quarantäne Trace.TrackingCookie.myspace.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283972408193000 Quarantäne Trace.TrackingCookie.myspace.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283972440748000 Quarantäne Trace.TrackingCookie.myspace.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1285424906342000 Quarantäne Trace.TrackingCookie.myspace.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1281984534814000 Quarantäne Trace.TrackingCookie.about.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1281984537031000 Quarantäne Trace.TrackingCookie.about.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1281984537048000 Quarantäne Trace.TrackingCookie.about.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1281450234239000 Quarantäne Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283438569933000 Quarantäne Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1283438569934000 Quarantäne Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1284504006369000 Quarantäne Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1286827026977000 Quarantäne Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1286827026978000 Quarantäne Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1299716842654000 Quarantäne Trace.TrackingCookie.de.sitestat.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1281273693934000 Quarantäne Trace.TrackingCookie.aol.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1289912291701000 Quarantäne Trace.TrackingCookie.aol.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1296869512063001 Quarantäne Trace.TrackingCookie.aol.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1296869512063002 Quarantäne Trace.TrackingCookie.aol.com!A2
C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\6weu7do9.default\cookies.sqlite:1298429407325000 Quarantäne Trace.TrackingCookie.aol.com!A2
C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Cookies\jörg@serving-sys[1].txt Quarantäne Trace.TrackingCookie.serving-sys!A2
C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Cookies\jörg@incredimail[2].txt Quarantäne Trace.TrackingCookie.incredimail!A2
C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Cookies\Low\jörg@incredimail[2].txt Quarantäne Trace.TrackingCookie.incredimail!A2
C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Cookies\jörg@doubleclick[1].txt Quarantäne Trace.TrackingCookie.doubleclick!A2
C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Cookies\jörg@bs.serving-sys[1].txt Quarantäne Trace.TrackingCookie.bs.serving-sys!A2
Key: HKEY_LOCAL_MACHINE\software\Trymedia Systems Quarantäne Trace.Registry.Trymedia!A2
Key: HKEY_LOCAL_MACHINE\software\Trymedia Systems\ActiveMARK Software Quarantäne Trace.Registry.Trymedia!A2

Quarantäne

Dateien: 0
Traces: 2
Cookies: 57

M-K-D-B · 25.04.2011, 09:04

Hallo fordpaule,

Emsisoft AntiMalware hat lediglich Tracking Cookies und Reste in der Registrierungsdatenbank gefunden. Diese Funde können keinen Schaden anrichten.

Du kannst sie auch bedenkenlos aus der Quarantäne löschen.

Vielen Dank für die PM.

Wünsche dir alles Gute.

fordpaule · 25.04.2011, 10:35

Alles klar. Da bin ich ja beruhigt.

Wünsche Dir auch alles Gute!

24.04.2011, 21:59	#27
M-K-D-B /// TB-Ausbilder	Malwarebytes hat Schädling gefunden Ich bin froh, dass wir helfen konnten Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

25.04.2011, 09:04	#29
M-K-D-B /// TB-Ausbilder	Malwarebytes hat Schädling gefunden Hallo fordpaule, Emsisoft AntiMalware hat lediglich Tracking Cookies und Reste in der Registrierungsdatenbank gefunden. Diese Funde können keinen Schaden anrichten. Du kannst sie auch bedenkenlos aus der Quarantäne löschen. Vielen Dank für die PM. Wünsche dir alles Gute.

Malwarebytes hat Schädling gefunden

Log-Analyse und Auswertung: Malwarebytes hat Schädling gefunden