Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Geräteanschluss-Sound ohne Gerät

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 15.05.2011, 12:31   #16
danira
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



So Malwarebytes läuft auf allen Rechnern... Die beiden Standrechner unserer Teens haben *schäm* bereits weit über 100 infizierte Dateien... Wir sind hier total platt. Antivir allein reicht wohl nicht aus oder...?

Der erste Laptop ist mit dem Malware fertig, ich war nicht sicher, ob du auch die OTL Logs haben möchtest? Hab sicherheitshalber mal beides fertig gemacht. Nennen wir ihn

Nummer 1 Malwarebytes:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6582

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

15.05.2011 12:57:08
mbam-log-2011-05-15 (12-57-08).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 253115
Laufzeit: 56 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


Nummer 1 OTL Extras:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.05.2011 13:15:50 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Ron!D\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 163,61 Gb Free Space | 70,25% Space Free | Partition Type: NTFS
 
Computer Name: ROND-PC | User Name: Ron!D | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0339C521-BA61-405D-AA25-7B2FC6D19893}" = rport=139 | protocol=6 | dir=out | app=system | 
"{0401BA0E-9EF7-4146-9405-E880FCFEBEE8}" = rport=445 | protocol=6 | dir=out | app=system | 
"{0CC05DD4-B920-4094-988C-0CCA1DCD7435}" = rport=137 | protocol=17 | dir=out | app=system | 
"{615D6F0F-93F3-4A5B-8756-B5D5DD08C46B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{63BB336D-8B8D-4EB8-BBB4-6EFF0735B178}" = lport=138 | protocol=17 | dir=in | app=system | 
"{78D55DD3-8811-4403-A02C-44B941B82C34}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{85982593-714C-44FA-BCB5-5220F4323EC5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A416063F-E49F-4C31-BDB8-30F3D8F33947}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A4A11BD8-8DFA-4FFE-B39E-A20762348296}" = lport=445 | protocol=6 | dir=in | app=system | 
"{AAC3845A-8CFB-4BFE-8333-F459A252E840}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner | 
"{B786969F-F4E4-4451-B7E1-A5448A450379}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D660EBF-93FA-4EB3-BC9A-8E6A63B15B91}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{14EB394C-25C0-4193-8DC1-40F563A350C9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{39C8F764-8056-4B4F-AFF4-1B781137A440}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{4ABC232C-0FB7-47B9-98C0-4141703EB60F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{51AB17E8-4C71-4A5C-BD21-D9A28C504A61}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{559FE011-995A-45F7-A77D-44B869A154B0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5E6D1C9B-8E50-4E10-80CB-A2059437FEF2}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{660733B3-0290-4B0D-B7FB-77501C28D367}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{7640E195-7F88-4094-8A6E-60140521DB6D}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{777B3BF4-FDBE-4610-8C93-6B506DB2F8FC}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{79810915-F22B-4EE2-A699-45D1386F0EC6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{7FAA9CA0-FCF7-41D4-84B4-FE096790E2D2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{8117EE3E-63C6-4036-9BFD-DCD89D63A157}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{8573E182-63B4-4356-9F77-D362DBF0F7CB}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{8E273EC2-5690-4243-A695-405268A39ED6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{C06DC672-2BBF-4CB3-8582-2F507CBEADA9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{C3B914EA-10A6-45E1-99D5-D1D8091AC61C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{CFE62F90-CA21-40D4-818F-14F9201CFF09}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{D5E86C3A-DF5F-4135-8659-2C3496171D6B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{F04BF0C7-800E-4CAF-A5C0-CAC2E1FACEB5}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{F0849F2E-521A-4465-866D-229973FF21D2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1E412F3E-745C-4581-A3D0-DEC286D4C56D}" = Tunes Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 24
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2CD0168D-FBBC-4667-8810-105CB6EC6348}" = HP Deskjet D1600 Printer Driver Software 13.0 Rel .6
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{449A16C4-83B3-426C-AA4A-00A34E80C093}" = Smart Battery
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{559FA707-18E2-44A1-90A0-5CC43F64A350}" = Radiotracker
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5727583F-3530-45FD-B09E-7E1CB6C135AD}" = DJ_SF_06_D1600_SW_Min
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-375CW
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736ef472-220d-475c-b2f4-29fe15a78d8d}" = Nero 9
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AB5668B8-1428-460F-AE02-999A598D6883}" = Wavpack4Wavelab6
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.3 - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D761C5D2-E727-415A-BC4E-52642CEA1A1C}" = TubeBox!
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EAE8CF06-28CA-4213-839C-A32817A47E00}" = D1600
"{EAE8F6AB-68E8-4AA9-9518-F677090690B2}" = TubeBox!
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.149
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go
"{FEF06E73-A519-4510-8CF3-B66041B91D8A}" = EMSC
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"AnyDVD" = AnyDVD
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CloneDVD2" = CloneDVD2
"CursorFX" = CursorFX
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 8.71" = GPL Ghostscript 8.71
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{449A16C4-83B3-426C-AA4A-00A34E80C093}" = Smart Battery
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mixxx" = Mixxx 1.7.2
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Shop for HP Supplies" = Shop for HP Supplies
"uTorrent" = µTorrent
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"WaveLabPro" = WaveLab 6
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 05.04.2011 08:41:52 | Computer Name = RonD-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 05.04.2011 08:41:52 | Computer Name = RonD-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15569
 
Error - 05.04.2011 08:41:52 | Computer Name = RonD-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15569
 
Error - 05.04.2011 08:41:53 | Computer Name = RonD-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 05.04.2011 08:41:53 | Computer Name = RonD-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16677
 
Error - 05.04.2011 08:41:53 | Computer Name = RonD-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16677
 
Error - 05.04.2011 08:41:54 | Computer Name = RonD-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 05.04.2011 08:41:54 | Computer Name = RonD-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 17800
 
Error - 05.04.2011 08:41:54 | Computer Name = RonD-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 17800
 
Error - 05.04.2011 08:41:55 | Computer Name = RonD-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
[ System Events ]
Error - 06.05.2011 04:02:54 | Computer Name = RonD-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 06.05.2011 04:47:36 | Computer Name = RonD-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 06.05.2011 12:02:01 | Computer Name = RonD-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.05.2011 01:32:07 | Computer Name = RonD-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.05.2011 12:24:29 | Computer Name = RonD-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.05.2011 12:47:19 | Computer Name = RonD-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.05.2011 12:50:23 | Computer Name = RonD-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 14.05.2011 16:54:04 | Computer Name = RonD-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 15.05.2011 05:12:44 | Computer Name = RonD-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description = 
 
Error - 15.05.2011 05:12:59 | Computer Name = RonD-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
         
--- --- ---


Nummer 1 OTL Txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 15.05.2011 13:15:50 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Ron!D\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 163,61 Gb Free Space | 70,25% Space Free | Partition Type: NTFS
 
Computer Name: ROND-PC | User Name: Ron!D | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ron!D\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe (Symantec Corporation)
PRC - C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe ()
PRC - C:\Programme\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Compal\Smart Battery\SMBTray.exe (Compal Electronics, Inc.)
PRC - C:\Programme\Hercules\Tunes Explorer\HTunesExplorerWireless.exe (Hercules(R))
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Ron!D\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Norton Internet Security\Engine\18.6.0.29\asoehook.dll (Symantec Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Corporation)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110430.001\BHDrvx86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110514.002\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110514.002\NAVENG.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1206000.01D\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.SYS (Symantec Corporation)
DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1206000.01D\SYMTDIV.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110513.001\IDSvix86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS (Symantec Corporation)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (EMSC) -- C:\Windows\system32\DRIVERS\EMSC.SYS (Windows (R) Codename Longhorn DDK provider)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.04.27 21:44:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2011.05.15 11:13:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn\ [2011.05.14 22:56:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.15 13:11:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.15 13:11:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.02.06 13:43:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2010.03.13 01:53:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ron!D\AppData\Roaming\mozilla\Extensions
[2010.03.13 01:53:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ron!D\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.05.15 11:46:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ron!D\AppData\Roaming\mozilla\Firefox\Profiles\k8vkaqt7.default\extensions
[2010.07.30 13:57:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ron!D\AppData\Roaming\mozilla\Firefox\Profiles\k8vkaqt7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.09 11:22:57 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Users\Ron!D\AppData\Roaming\mozilla\Firefox\Profiles\k8vkaqt7.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2011.03.09 11:25:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Ron!D\AppData\Roaming\mozilla\Firefox\Profiles\k8vkaqt7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.01.30 10:56:22 | 000,002,449 | ---- | M] () -- C:\Users\Ron!D\AppData\Roaming\Mozilla\Firefox\Profiles\k8vkaqt7.default\searchplugins\safesearch.xml
[2011.03.07 17:09:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.11.05 10:06:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.11.07 22:51:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.26 13:52:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.07 17:09:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010.03.13 02:02:33 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010.11.05 10:06:02 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.11.07 22:51:58 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.26 13:52:39 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.07 17:09:54 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.05.14 22:56:18 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\COFFPLGN
[2011.05.15 11:13:07 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPLGN
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.03.23 12:22:06 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.23 12:22:06 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.23 12:22:06 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.03.23 12:22:06 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.23 12:22:06 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SMBTray] C:\Programme\Compal\Smart Battery\SMBTray.exe (Compal Electronics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [CursorFX] C:\Program Files\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10p_Plugin.exe (Adobe Systems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Ron!D\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Ron!D\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.15 11:52:03 | 000,000,000 | ---D | C] -- C:\Users\Ron!D\AppData\Roaming\Malwarebytes
[2011.05.15 11:51:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.15 11:51:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.15 11:51:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.15 11:51:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.15 11:51:51 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.05.15 11:12:56 | 000,000,000 | ---D | C] -- C:\Users\Ron!D\Desktop\Pictures
[2011.04.27 22:23:33 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.27 22:23:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.27 22:23:23 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.04.17 19:24:27 | 000,000,000 | ---D | C] -- C:\Programme\Avanquest update
[2011.04.17 19:24:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.15 13:12:24 | 000,004,448 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.15 13:12:24 | 000,004,448 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.15 11:59:09 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.15 11:38:24 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.15 11:38:24 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.15 11:38:24 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.15 11:38:24 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.15 11:13:50 | 000,126,835 | ---- | M] () -- C:\Users\Ron!D\AppData\Roaming\nvModes.001
[2011.05.15 11:12:51 | 000,002,213 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2011.05.15 11:12:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.15 11:12:16 | 002,120,522 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1206000.01D\Cat.DB
[2011.05.15 11:11:33 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.14 23:52:07 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.05.14 23:28:58 | 000,017,408 | ---- | M] () -- C:\Users\Ron!D\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.14 23:02:44 | 000,000,083 | -HS- | M] () -- C:\ProgramData\.zreglib
[2011.05.14 22:56:55 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011.05.14 22:56:55 | 000,007,468 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011.05.14 22:56:55 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011.05.14 22:55:22 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1C5D1A24-2FDE-40D6-A7E9-79E0BA29A492}.job
[2011.05.07 18:49:20 | 000,126,835 | ---- | M] () -- C:\Users\Ron!D\AppData\Roaming\nvModes.dat
[2011.04.29 05:29:05 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1206000.01D\isolate.ini
[2011.04.17 19:26:19 | 000,002,045 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2011.04.16 21:02:17 | 000,254,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2011.05.15 11:51:56 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.17 19:26:18 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2011.01.19 10:33:22 | 000,001,940 | ---- | C] () -- C:\Users\Ron!D\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010.12.26 22:21:13 | 000,000,083 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.10.22 09:24:10 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.08.29 13:59:34 | 000,000,118 | ---- | C] () -- C:\Windows\Podcasts.INI
[2010.05.31 22:43:56 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2010.05.31 22:43:56 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2010.05.19 09:28:59 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.05.18 23:45:28 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.05.18 23:43:45 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2010.05.18 23:43:38 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2010.05.18 23:40:14 | 000,031,864 | ---- | C] () -- C:\Windows\maxlink.ini
[2010.05.18 14:40:15 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.05.18 14:40:15 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.04.27 21:44:05 | 000,023,686 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010.03.25 15:59:01 | 000,000,180 | ---- | C] () -- C:\Users\Ron!D\AppData\Roaming\default.rss
[2010.03.14 17:02:05 | 000,172,229 | ---- | C] () -- C:\Windows\hphins33.dat
[2010.03.14 17:02:05 | 000,000,586 | ---- | C] () -- C:\Windows\hphmdl33.dat
[2010.03.13 11:33:55 | 000,017,408 | ---- | C] () -- C:\Users\Ron!D\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.13 01:17:01 | 000,126,835 | ---- | C] () -- C:\Users\Ron!D\AppData\Roaming\nvModes.001
[2010.03.13 01:16:50 | 000,126,835 | ---- | C] () -- C:\Users\Ron!D\AppData\Roaming\nvModes.dat
[2010.03.13 00:41:57 | 000,000,680 | ---- | C] () -- C:\Users\Ron!D\AppData\Local\d3d9caps.dat
[2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007.04.17 10:44:28 | 000,266,240 | ---- | C] () -- C:\Windows\System32\EMSC.DLL
[2006.11.02 17:33:31 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,126,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,254,696 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >
         
--- --- ---

Alt 15.05.2011, 13:02   #17
danira
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



Einer von den ganz schlimmen...

Nummer 2 Malwarebytes:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6582

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

15.05.2011 13:42:33
mbam-log-2011-05-15 (13-42-33).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|)
Durchsuchte Objekte: 333672
Laufzeit: 51 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 2
Infizierte Registrierungsschlüssel: 132
Infizierte Registrierungswerte: 11
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 21
Infizierte Dateien: 77

Infizierte Speicherprozesse:
c:\program files\mywebsearch\bar\2.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> 3052 -> Unloaded process successfully.
c:\program files\mywebsearch\bar\2.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> 3544 -> Unloaded process successfully.

Infizierte Speichermodule:
c:\program files\mywebsearch\bar\2.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebSearchService (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.DataControl.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.DataControl (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.MultipleButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.MultipleButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.UrlAlertButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.UrlAlertButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.ThirdPartyInstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.ThirdPartyInstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MyWebSearch Email Plugin (Adware.MyWebSearch) -> Value: MyWebSearch Email Plugin -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MyWebSearch Email Plugin (Adware.MyWebSearch) -> Value: MyWebSearch Email Plugin -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\My Web Search Bar Search Scope Monitor (Adware.MyWebSearch) -> Value: My Web Search Bar Search Scope Monitor -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Value: {00A6FAF6-072E-44CF-8957-5838F569A31D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Value: {00A6FAF6-072E-44cf-8957-5838F569A31D} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Value: FunWebProducts -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\setups (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar\2.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Overlay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar\2.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar\2.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\1.bin\F3EZSETP.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\program files\mywebsearch\bar\2.bin\F3IMSTUB.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\program files\mywebsearch\bar\2.bin\F3PSSAVR.SCR (PUP.FunWebProducts) -> Not selected for removal.
c:\program files\mywebsearch\bar\2.bin\F3REGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3RESTUB.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\program files\mywebsearch\bar\2.bin\F3SCHMON.EXE (PUP.FunWebProducts) -> Not selected for removal.
c:\program files\mywebsearch\bar\2.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3AUXSTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3DLGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Users\Rene\AppData\LocalLow\mywebsearch\bar\setups\mwsautSp.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Users\Rene\downloads\smileycentral.exe (Adware.FunWeb) -> Quarantined and deleted successfully.
c:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Not selected for removal.
c:\program files\funwebproducts\Installr\1.bin\F3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\1.bin\NPFUNWEB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\chrome.manifest (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\INSTALL.RDF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\M3TPINST.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.


Nummer 2 OTL Extras:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.05.2011 13:47:44 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Rene\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,16 Gb Total Space | 230,43 Gb Free Space | 39,99% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 11,19 Gb Free Space | 55,96% Space Free | Partition Type: FAT32
 
Computer Name: RENE-PC | User Name: Rene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3179E6F3-EF1A-4111-802C-5F2BC9BCB961}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F297EAA8-902E-4B39-A857-1FFEC217C1D1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EFE06D-833D-4108-BD82-511B49806D3C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{0DB71864-88F0-4756-9A90-826AC0B13A42}" = protocol=17 | dir=in | app=c:\users\rene\appdata\local\temp\{c6f06d26-9b72-4e57-804d-3d8a61a7dd4e}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{0E929945-6A14-45BB-A5CD-6172A011FDB8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{12C674F4-EEBE-486C-AE86-D51485DA2552}" = protocol=17 | dir=in | app=c:\users\rene\downloads\sweetimsetup.exe | 
"{16EB2C7E-A36B-441F-A5CC-DBAAB2EA5F48}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe | 
"{443FC182-BC4C-4DEE-AFF6-6F0D0892E435}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe | 
"{4C0475BD-829E-4F87-A11A-67DD79B10CC3}" = protocol=17 | dir=in | app=c:\program files\gameshadow\gameshadow.exe | 
"{5021438D-BE71-4B18-AD24-02C338F42524}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{5151185E-EF48-4913-B7D3-F4984FC06BB8}" = protocol=6 | dir=in | app=c:\program files\gameshadow\gameshadow.exe | 
"{52C19FAC-5881-4B59-99E2-E56C0ABB7885}" = protocol=6 | dir=in | app=c:\users\rene\appdata\local\temp\{c6f06d26-9b72-4e57-804d-3d8a61a7dd4e}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{63515B0D-99E3-4E70-9C48-F3B5405985D3}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe | 
"{6E76878A-C51A-46C7-9F68-B2C27B158FCD}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{7EA39A0A-3A00-4728-869C-A90A98C3FFD5}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe | 
"{841CACC6-5BBA-4949-A1BA-7FE6FF01A4DB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{907EF761-B89D-475F-93EF-AF1B26675885}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{A41A1066-9382-4BED-A21E-EE40A30B65AD}" = protocol=6 | dir=in | app=c:\users\rene\downloads\sweetimsetup.exe | 
"{B798721B-9F9D-4E7A-B9C9-75B53EFB9119}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{BAAE06DA-D170-4521-93B7-678C7C549A0D}" = protocol=6 | dir=in | app=c:\program files\gameshadow\gsdownload.exe | 
"{BC4B006F-6C06-441E-9620-B71EC677D101}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{DFA51E52-50DC-431C-ABAC-BAB2DBF3FB2F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{E6925A5D-5B7B-413F-A661-971F347C0DB9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{F536D397-1BE0-43AC-BD7B-2036758885F5}" = protocol=17 | dir=in | app=c:\program files\gameshadow\gsdownload.exe | 
"{F8CC31D2-81EA-4FEE-B975-70DCCD8313EE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"TCP Query User{05D2D709-FBF2-416E-BD90-E82AC6C64089}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{12F4429E-182C-4157-B8AC-AFD504EF42B5}C:\users\rene\downloads\yuleech-runes_of_magic_3_0_8_2349_slim_eu.exe" = protocol=6 | dir=in | app=c:\users\rene\downloads\yuleech-runes_of_magic_3_0_8_2349_slim_eu.exe | 
"TCP Query User{FCB668DD-03C3-4331-86A1-F7198C8ED4DB}C:\users\rene\downloads\yuleech-runes_of_magic_3_0_8_2349_full_softtonic.exe" = protocol=6 | dir=in | app=c:\users\rene\downloads\yuleech-runes_of_magic_3_0_8_2349_full_softtonic.exe | 
"UDP Query User{3450A3CC-981A-4249-A7E1-9FD27CA9E8B1}C:\users\rene\downloads\yuleech-runes_of_magic_3_0_8_2349_slim_eu.exe" = protocol=17 | dir=in | app=c:\users\rene\downloads\yuleech-runes_of_magic_3_0_8_2349_slim_eu.exe | 
"UDP Query User{9D704362-9F66-4971-9325-A98872D89E79}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"UDP Query User{C290372B-200C-48D6-B495-C21295EB243F}C:\users\rene\downloads\yuleech-runes_of_magic_3_0_8_2349_full_softtonic.exe" = protocol=17 | dir=in | app=c:\users\rene\downloads\yuleech-runes_of_magic_3_0_8_2349_full_softtonic.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0D005F09-A5F4-473B-A901-5735C6AF5628}" = Silent Hunter 4 Wolves of the Pacific
"{0ED47137-C071-46CC-A243-E5E33271E10E}" = Windows Live Sign-in Assistant
"{1226B9A5-FBFD-4120-9AED-08CABCDAF3AB}" = Nokia Ovi Player
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{22444451-57E5-FDE7-8F18-1ABE53FE8F27}" = ccc-core-static
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{29CDE84F-EB38-4AB5-90A3-418B1D2DFBA9}" = ATI Catalyst Install Manager
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{47948554-90C6-4AAC-8CFA-D23CE11C1031}" = Nero 8 Essentials
"{49152886-CB7D-B67E-D356-C211042D5C86}" = Skins
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57EA7AB6-C606-00E0-8643-099F49C0908A}" = ccc-utility
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7AAF01A3-09BB-4A92-9DA2-A70E9ACE4E42}" = CCC Help German
"{7D2608B7-F981-3700-F01A-C48561DD8EA8}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3216B0-42D7-4912-7C36-E2D6466E8C72}" = Catalyst Control Center Graphics Previews Vista
"{8F651796-EC48-4A33-87D9-6866D3022052}" = Nokia Connectivity Cable Driver
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DEBE760-F2D0-11DD-6784-0195548618BE}" = GameShadow V3.1
"{A1D08B90-AE1A-4885-AC29-731496FD397E}" = Windows Live Fotogalerie
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4FE8FCD-F05D-4C2D-165F-BAA980A20932}" = Catalyst Control Center Graphics Full Existing
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B8D42C3A-3CFF-4A8A-A7DA-4F44474D12C5}" = Windows Live Writer
"{BA8CDAC9-2A02-42F4-049A-0F7B08520D08}" = Catalyst Control Center Core Implementation
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BF67F764-95B6-4360-BB57-B2E5AA6C814B}" = SweetIM Toolbar for Internet Explorer 4.0
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C9EE75C0-2258-3F33-EED2-9806E0BE26FD}" = Catalyst Control Center InstallProxy
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D9AC665E-585D-07B6-2530-A9B7471D3C24}" = Catalyst Control Center Localization German
"{DC37CF0C-BC73-B765-1103-E47EEEF96729}" = Catalyst Control Center Graphics Full New
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4423F16-0E98-4855-BFF4-3EF016C55D67}" = Nokia_Multimedia_Common_Components_2_5
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E8843212-F0FC-4C3B-BFF3-D51829CB4F19}" = iTunes
"{EAE8F6AB-68E8-4AA9-9518-F677090690B2}" = TubeBox!
"{ED56EF4F-35FF-48D4-B616-A66E791EF1B6}" = Die Siedler 2 - Die nächste Generation
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1A4DD31-FD90-3B2E-7854-194D6598BCE3}" = Catalyst Control Center Graphics Light
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online: Die Belagerung des Düsterwalds v03.0
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BFGC" = Big Fish Games: Game Manager
"BFG-Governor of Poker 2" = Governor of Poker 2
"CSI-Mord in 3 Dimensionen" = CSI-Mord in 3 Dimensionen 1.0
"DivX Setup.divx.com" = DivX-Setup
"Dofus 1.24.0" = Dofus 1.24.0
"DVB Dream_is1" = DVB Dream version 1.5e
"EADM" = EA Download Manager
"Google Chrome" = Google Chrome
"Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV TV Services" = Hauppauge WinTV TV Services
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Kino Mogul" = Kino Mogul
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"MTA:SA" = MTA:SA v1.0.4
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa2" = Picasa 2
"PriceGong" = PriceGong 2.1.0
"PunkBusterSvc" = PunkBuster Services
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Tomb Raider: Legend" = Tomb Raider: Legend 1.2
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"Westerner2" = Westerner 2
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"UnityWebPlayer" = Unity Web Player
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---


Nummer 2 OTL Txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 15.05.2011 13:47:44 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Rene\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,16 Gb Total Space | 230,43 Gb Free Space | 39,99% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 11,19 Gb Free Space | 55,96% Space Free | Partition Type: FAT32
 
Computer Name: RENE-PC | User Name: Rene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Rene\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Programme\GameShadow\GameShadow.exe (GameShadow Ltd)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Google\Google EULA\GoogleEULALauncher.exe (Google)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\WinTV\Ir.exe (Hauppauge Computer Works)
PRC - C:\Programme\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works)
PRC - C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Rene\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (HauppaugeTVServer) -- C:\Programme\WinTV\HCWTVServer.exe (Hauppauge Computer Works)
SRV - (EPGService) -- C:\Programme\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "My Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.2
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..keyword.URL: "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZSYYYYYYYYDE&ptb=7cbRThNAdNfNgo288C5zfQ&ind=2010120509&ptnrS=ZSYYYYYYYYDE&si=&n=77d0013d&psa=&st=kwd&searchfor="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin [2011.05.15 13:43:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010.12.17 18:07:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010.12.17 18:07:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.04 16:23:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.04 16:23:05 | 000,000,000 | ---D | M]
 
[2011.01.11 20:39:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rene\AppData\Roaming\mozilla\Extensions
[2011.05.04 14:17:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rene\AppData\Roaming\mozilla\Firefox\Profiles\5qorcu96.default\extensions
[2011.01.11 21:00:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rene\AppData\Roaming\mozilla\Firefox\Profiles\5qorcu96.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.11 20:39:49 | 000,010,023 | ---- | M] () -- C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\5qorcu96.default\searchplugins\mywebsearch.xml
[2011.05.04 16:23:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- 
[2010.12.05 16:48:11 | 000,000,000 | ---D | M] (PriceGong) -- C:\PROGRAM FILES\PRICEGONG\2.1.0\FF
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EPGServiceTool] C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
O4 - HKLM..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe (Google)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core]  File not found
O4 - HKCU..\Run: [GameShadow] C:\Program Files\GameShadow\GameShadow.exe (GameShadow Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.15 13:45:08 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.05.15 12:14:10 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Roaming\Malwarebytes
[2011.05.15 12:14:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.15 12:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.15 12:14:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.15 12:14:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.15 12:14:03 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.05.13 16:21:32 | 000,000,000 | ---D | C] -- C:\Users\Rene\Desktop\Soul Men
[2011.05.12 14:49:14 | 000,000,000 | ---D | C] -- C:\Users\Rene\Desktop\Detective Dee
[2011.04.28 19:19:03 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.28 19:19:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.25 18:28:17 | 000,000,000 | ---D | C] -- C:\Users\Rene\Desktop\Beverly Hills Chihuahua 2
[2011.04.24 13:10:32 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dofus
[2011.04.23 22:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dofus
[2011.04.23 22:33:15 | 000,000,000 | ---D | C] -- C:\Programme\Dofus
[2011.04.23 22:33:15 | 000,000,000 | ---D | C] -- C:\Users\Rene\Application Data
[2011.04.15 13:58:21 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.15 13:58:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.15 13:58:18 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.15 13:58:17 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.15 13:58:14 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.15 13:58:10 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.15 13:58:08 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.15 13:58:08 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.15 13:58:08 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.15 13:58:08 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.15 13:58:08 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.15 13:58:07 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.15 13:58:07 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.15 13:58:07 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011.04.15 13:58:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.15 13:58:05 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.15 13:58:04 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.15 13:58:04 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.15 13:45:08 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.05.15 13:44:24 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.15 13:44:11 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.15 13:44:11 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.15 13:44:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.15 13:44:02 | 3220,426,752 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.15 13:43:08 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.05.15 13:22:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.15 12:14:07 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.15 10:12:01 | 000,656,992 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.15 10:12:01 | 000,612,712 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.15 10:12:01 | 000,138,054 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.15 10:12:01 | 000,114,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.14 20:25:26 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{261E4000-9C13-42B7-B7F7-B3F0B39BFD15}.job
[2011.05.13 20:29:48 | 000,000,472 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Rene.job
[2011.05.12 14:56:44 | 000,046,592 | ---- | M] () -- C:\Users\Rene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.10 20:21:03 | 000,002,515 | ---- | M] () -- C:\Users\Rene\Desktop\TubeBox! starten.lnk
[2011.05.04 16:23:07 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.04 14:07:21 | 000,000,680 | ---- | M] () -- C:\Users\Rene\AppData\Local\d3d9caps.dat
[2011.04.24 13:10:32 | 000,000,793 | ---- | M] () -- C:\Users\Rene\Desktop\Dofus.lnk
[2011.04.17 02:15:41 | 000,302,352 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.05.15 12:14:07 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.04 16:23:07 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.04.24 13:10:32 | 000,000,793 | ---- | C] () -- C:\Users\Rene\Desktop\Dofus.lnk
[2011.03.07 21:27:10 | 000,191,899 | ---- | C] () -- C:\Windows\Kino Mogul Uninstaller.exe
[2011.02.05 22:06:59 | 000,028,672 | ---- | C] () -- C:\Windows\System32\pnpsetuq.dll
[2010.12.23 15:36:48 | 000,138,056 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.12.23 15:36:48 | 000,138,056 | ---- | C] () -- C:\Users\Rene\AppData\Roaming\PnkBstrK.sys
[2010.12.23 15:36:33 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.12.23 15:36:31 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.12.12 15:09:58 | 000,000,092 | ---- | C] () -- C:\Users\Rene\AppData\Local\fusioncache.dat
[2010.12.05 18:19:30 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.11.02 18:55:55 | 000,000,680 | ---- | C] () -- C:\Users\Rene\AppData\Local\d3d9caps.dat
[2010.10.02 21:29:35 | 000,000,399 | ---- | C] () -- C:\Windows\vtplus32.ini
[2010.10.02 21:29:31 | 000,000,030 | ---- | C] () -- C:\Windows\System32\UNWISE.INI
[2010.10.02 21:29:30 | 000,149,504 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE
[2010.10.02 21:29:01 | 000,032,295 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.10.02 21:28:54 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2010.10.02 21:28:38 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.10.02 21:28:37 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.10.02 21:28:36 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll
[2010.10.02 16:51:05 | 000,007,293 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2010.09.27 15:36:42 | 000,000,008 | ---- | C] () -- C:\Users\Rene\AppData\Roaming\DofusAppId0_1
[2010.09.26 15:20:03 | 000,046,592 | ---- | C] () -- C:\Users\Rene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.24 15:54:29 | 000,000,169 | ---- | C] () -- C:\Users\Rene\AppData\Roaming\D2Info0
[2010.09.24 15:54:29 | 000,000,008 | ---- | C] () -- C:\Users\Rene\AppData\Roaming\DofusAppId0_2
[2008.11.19 13:47:58 | 000,015,312 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2008.11.12 17:35:52 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.11.07 10:23:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.11.07 10:13:42 | 000,000,023 | ---- | C] () -- C:\Windows\System32\drivers\VERSION.DAT
[2008.11.07 02:43:51 | 000,656,992 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.11.07 02:43:51 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.11.07 02:43:51 | 000,138,054 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.11.07 02:43:51 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.11.06 18:10:01 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008.11.06 18:10:01 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.09.24 04:19:02 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.09.24 03:40:36 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.09.17 21:17:18 | 000,176,918 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.03.06 02:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2007.08.21 23:51:16 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2007.08.21 21:36:12 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,302,352 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,612,712 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,114,716 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:D0757AAB
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
         
--- --- ---
__________________


Alt 15.05.2011, 13:20   #18
danira
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



Hier der nächste noch schlimmere...

Nummer 3 Malwarebytes:

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 6582

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048

15.05.2011 14:06:43
mbam-log-2011-05-15 (14-06-35).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|)
Durchsuchte Objekte: 478126
Laufzeit: 1 Stunde(n), 14 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 236
Infizierte Registrierungswerte: 15
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 42
Infizierte Dateien: 119

Infizierte Speicherprozesse:
c:\program files (x86)\mywebsearch\bar\2.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> 2556 -> No action taken.

Infizierte Speichermodule:
c:\program files (x86)\mywebsearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebSearchService (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info.1 (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.DataControl.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.DataControl (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.2 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.KOPFF.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.KOPFF (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Scopes.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Scopes (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.1 (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Stock.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Stock (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.CntntDic.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.CntntDic (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{CFC16189-8A92-4a29-A940-60248385F426} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.CntntDisp.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.CntntDisp (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.MultipleButton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.MultipleButton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.UrlAlertButton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.UrlAlertButton (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.ThirdPartyInstaller (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MyWebSearch.ThirdPartyInstaller.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbAx (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbAx.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.IEButton (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.IEButton.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.ReportData (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.ReportData.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\QueryExplorer (Adware.QueryExplorer) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> No action taken.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MyWebSearch Email Plugin (Adware.MyWebSearch) -> Value: MyWebSearch Email Plugin -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MyWebSearch Email Plugin (Adware.MyWebSearch) -> Value: MyWebSearch Email Plugin -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\My Web Search Bar Search Scope Monitor (Adware.MyWebSearch) -> Value: My Web Search Bar Search Scope Monitor -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Value: {00A6FAF6-072E-44CF-8957-5838F569A31D} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Value: {00A6FAF6-072E-44cf-8957-5838F569A31D} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ShopperReports 3.0.497.0 (Adware.HotBar) -> Value: ShopperReports 3.0.497.0 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790572B376545633AB95 (Malware.Trace) -> Value: SRS_IT_E8790572B376545633AB95 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Value: FunWebProducts -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ShopperReports@ShopperReports.com (ShopperReports) -> Value: ShopperReports@ShopperReports.com -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> No action taken.
c:\programdata\clickpotatolitesa (Adware.ClickPotato) -> No action taken.
c:\Users\Michelle\AppData\Roaming\clickpotatolite (Adware.ClickPotato) -> No action taken.
c:\programdata\queryexplorer (Adware.QueryExplorer) -> No action taken.
c:\Users\Michelle\AppData\Roaming\shopperreports3 (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\clickpotatolite (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\clickpotatolite\bin (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0 (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0\firefox (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0\firefox\extensions (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0\firefox\extensions\plugins (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\funwebproducts (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\funwebproducts\screensaver (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464} (Adware.QueryExplorer) -> No action taken.
c:\program files (x86)\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\chrome (Adware.QueryExplorer) -> No action taken.
c:\program files (x86)\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\defaults (Adware.QueryExplorer) -> No action taken.
c:\program files (x86)\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\defaults\preferences (Adware.QueryExplorer) -> No action taken.
c:\program files (x86)\mywebsearch (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\1.bin\chrome (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\chrome (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Game (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\History (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\icons (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Message (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Overlay (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\queryexplorer (Adware.QueryExplorer) -> No action taken.
c:\program files (x86)\shopperreports3 (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0 (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\firefox (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> No action taken.

Infizierte Dateien:
c:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSBAR.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\mozillaps.dll (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\CmndFF.dll (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0\clickpotatolitesabho.dll (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\cntntcntr.dll (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\BRNstIE.dll (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0\clickpotatolitesahook.dll (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0\clickpotatoliteuninstaller.exe (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0\launchhelp.dll (Adware.Seekmo) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0\firefox\extensions\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\mozilla firefox\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\mywebsearch\bar\1.bin\M3FFTBPR.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\1.bin\M3PATCH.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3IMSTUB.DLL (PUP.FunWebProducts) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3PSSAVR.SCR (PUP.FunWebProducts) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3REGHK.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3RESTUB.DLL (PUP.FunWebProducts) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3SCHMON.EXE (PUP.FunWebProducts) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3AUXSTB.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3DLGHK.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\queryexplorer\queryexplorer.exe (Adware.QueryExplorer) -> No action taken.
c:\program files (x86)\queryexplorer\uninstall.exe (Adware.QueryExplorer) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\shopperreportsuninstaller.exe (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> No action taken.
c:\programdata\queryexplorer\queryexplorer117.exe (Adware.QueryExplorer) -> No action taken.
c:\Users\Michelle\AppData\LocalLow\mywebsearch\bar\setups\mwsautSp.exe (Adware.MyWebSearch) -> No action taken.
c:\Users\Michelle\downloads\clickpotatoinstaller(2).exe (Adware.Hotbar.Gen) -> No action taken.
c:\Users\Michelle\downloads\clickpotatoinstaller.exe (Adware.Hotbar.Gen) -> No action taken.
c:\Users\Michelle\downloads\cursormania(2).exe (Adware.FunWeb) -> No action taken.
c:\Users\Michelle\downloads\cursormania.exe (Adware.FunWeb) -> No action taken.
c:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.
c:\Windows\SysWOW64\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.
c:\Windows\Temp\tmp00000001260903aff7be3f71 (Adware.QueryExplorer) -> No action taken.
c:\windows.old.000\Users\Michelle\downloads\VLCSetup.exe (Adware.Seekmo) -> No action taken.
c:\programdata\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> No action taken.
c:\programdata\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> No action taken.
c:\programdata\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> No action taken.
c:\programdata\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> No action taken.
c:\programdata\clickpotatolitesa\clickpotatolitesa_hpk.dat (Adware.ClickPotato) -> No action taken.
c:\programdata\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0\firefox\extensions\chrome.manifest (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\clickpotatolite\bin\10.0.530.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> No action taken.
c:\program files (x86)\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\chrome.manifest (Adware.QueryExplorer) -> No action taken.
c:\program files (x86)\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\install.rdf (Adware.QueryExplorer) -> No action taken.
c:\program files (x86)\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\chrome\queryexplorer.jar (Adware.QueryExplorer) -> No action taken.
c:\program files (x86)\mozilla firefox\extensions\{27e679cc-6aab-4b2a-bb87-096fe4178464}\defaults\preferences\prefs.js (Adware.QueryExplorer) -> No action taken.
c:\program files (x86)\mywebsearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\chrome.manifest (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\INSTALL.RDF (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\M3TPINST.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\2.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\launchhelp.dll (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\link.ico (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar (Adware.ShopperReports) -> No action taken.
c:\program files (x86)\shopperreports3\bin\3.0.497.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> No action taken.


Nummer 3 OTL Extras:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.05.2011 14:11:28 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Michelle\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576,16 Gb Total Space | 157,81 Gb Free Space | 27,39% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 11,19 Gb Free Space | 55,96% Space Free | Partition Type: FAT32
 
Computer Name: MICHELLE-PC | User Name: Michelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
"VistaSp2" = 7E D6 4A D2 F9 03 CC 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{050833A5-F075-4C98-B418-378415CE54CF}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{0A1B7B22-9E97-4B51-AE2B-C2F92E5F2E63}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | 
"{10DD184F-A0E3-45A3-90EE-717D34E8B259}" = protocol=6 | dir=in | app=c:\users\michelle\downloads\sweetimsetup.exe | 
"{18342393-BA25-456A-8740-02332BA4C691}" = protocol=17 | dir=in | app=c:\users\michelle\appdata\local\temp\{bf83c856-4fdc-4884-a8be-1af1dbed704d}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{22908449-D60B-45DF-B4B7-A2FD0499B88E}" = protocol=17 | dir=in | app=c:\users\michelle\downloads\sweetimsetup.exe | 
"{400C559C-E5C8-4630-A373-292AAC4C072F}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | 
"{4F2B4E50-E9F5-4395-9FAA-AE000E5457AA}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | 
"{93E1BBAC-CF19-4C9C-B642-3D378F643315}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{AE0169D8-806C-46C8-BD79-DB5EA97851EA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{B52B26A2-FFD4-4450-85DE-9E11927F557E}" = protocol=6 | dir=in | app=c:\users\michelle\appdata\local\temp\{bf83c856-4fdc-4884-a8be-1af1dbed704d}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{ECBEE0CB-8C2E-46FE-8F44-6206F92B422A}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | 
"TCP Query User{0F35CD76-97C3-4E62-9B46-52CD6EAA7CAE}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"TCP Query User{69E92AA4-5B0D-401B-87F8-EFFB20E5E025}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"TCP Query User{FA4A4BD3-23ED-4984-8294-DA455C60D6AE}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"UDP Query User{3011F0C7-396D-46C8-8230-432E959F6610}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"UDP Query User{7C659F59-B86F-42DA-B1AA-3C783E3B798C}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"UDP Query User{CD318323-7869-40C1-8110-ECE6562B18F4}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4EE2B017-D82C-4B12-B071-5CF1B23D1A42}" = SweetIM for Messenger 3.4
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{BF67F764-95B6-4360-BB57-B2E5AA6C814B}" = SweetIM Toolbar for Internet Explorer 4.0
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"AChat_is1" = AChat 1.13
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Cinergy T-Stick" = Cinergy T-Stick V8.08.18.01
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"conduitEngine" = Conduit Engine
"EA Download Manager" = EA Download Manager
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"NSS" = Norton Security Scan
"PriceGong" = PriceGong 2.1.0
"Red Light Center 3D Client" = Red Light Center 3D Client
"RegClean Pro_is1" = RegClean Pro
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"VirtualKeyboard" = Virtual Keyboard 2.4.0
"VLC media player" = VLC media player 1.1.4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Black and White" = Black and White
"PhotoFiltre" = PhotoFiltre
"Waterfall" = Waterfall
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 15.05.2011 05:55:53 | Computer Name = Michelle-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 15.05.2011 05:55:53 | Computer Name = Michelle-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 15.05.2011 05:55:53 | Computer Name = Michelle-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 15.05.2011 05:55:54 | Computer Name = Michelle-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 15.05.2011 05:55:54 | Computer Name = Michelle-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 15.05.2011 05:55:54 | Computer Name = Michelle-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 15.05.2011 05:55:54 | Computer Name = Michelle-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 15.05.2011 05:55:54 | Computer Name = Michelle-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 15.05.2011 05:55:54 | Computer Name = Michelle-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 15.05.2011 08:10:13 | Computer Name = Michelle-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 26.04.2011 06:01:28 | Computer Name = Michelle-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 28.04.2011 14:23:00 | Computer Name = Michelle-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 28.04.2011 14:23:00 | Computer Name = Michelle-PC | Source = Service Control Manager | ID = 7038
Description = 
 
Error - 28.04.2011 14:23:00 | Computer Name = Michelle-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 29.04.2011 05:30:24 | Computer Name = Michelle-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse
 0015AF9BC1BD wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
 hat eine DHCPNACK-Meldung gesendet).
 
Error - 30.04.2011 02:36:00 | Computer Name = Michelle-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 29.04.2011 um 23:21:49 unerwartet heruntergefahren.
 
Error - 01.05.2011 02:18:21 | Computer Name = Michelle-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 30.04.2011 um 22:57:53 unerwartet heruntergefahren.
 
Error - 02.05.2011 06:23:23 | Computer Name = Michelle-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 01.05.2011 um 21:43:12 unerwartet heruntergefahren.
 
Error - 14.05.2011 02:58:55 | Computer Name = Michelle-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 13.05.2011 um 23:07:38 unerwartet heruntergefahren.
 
Error - 15.05.2011 03:49:13 | Computer Name = Michelle-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 14.05.2011 um 23:11:51 unerwartet heruntergefahren.
 
 
< End of report >
         
--- --- ---

Nummer 3 OTL Txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 15.05.2011 14:11:28 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Michelle\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576,16 Gb Total Space | 157,81 Gb Free Space | 27,39% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 11,19 Gb Free Space | 55,96% Space Free | Partition Type: FAT32
 
Computer Name: MICHELLE-PC | User Name: Michelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Michelle\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Michelle\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (AF9035BDA) -- C:\Windows\SysNative\DRIVERS\AF9035BDA.sys (AfaTech                  )
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\DRIVERS\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://home.sweetim.com"
FF - prefs.js..extensions.enabledItems: {27E679CC-6AAB-4B2A-BB87-096FE4178464}:1.0
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2
FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.497.0
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.2
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..keyword.URL: "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCxdm924YYDE&ptb=hK5U0whB00U3t4qBDtQlpg&ind=2010120413&ptnrS=ZCxdm924YYDE&si=&n=77d000dd&psa=&st=kwd&searchfor="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://home.mywebsearch.com/index.jhtml?ptnrS=ZCxdm924YYDE&ptb=hK5U0whB00U3t4qBDtQlpg&n=77d003f6"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=PTF&o=15503&locale=de_DE&apn_uid=157C421C-25EB-4CCD-9AC4-D9FC421A112A&apn_ptnrs=LH&apn_sauid=52965A64-F738-4E19-BDB6-995EF875A116&apn_dtid=&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\2.bin
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.06 22:06:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.15 14:07:01 | 000,000,000 | ---D | M]
 
[2010.10.01 21:55:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michelle\AppData\Roaming\mozilla\Extensions
[2011.05.06 22:07:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michelle\AppData\Roaming\mozilla\Firefox\Profiles\pupsd063.default\extensions
[2010.10.03 10:22:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michelle\AppData\Roaming\mozilla\Firefox\Profiles\pupsd063.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.31 11:15:26 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Users\Michelle\AppData\Roaming\mozilla\Firefox\Profiles\pupsd063.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2011.01.25 18:24:17 | 000,002,385 | ---- | M] () -- C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\pupsd063.default\searchplugins\askcom.xml
[2010.10.19 21:28:08 | 000,000,927 | ---- | M] () -- C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\pupsd063.default\searchplugins\conduit.xml
[2010.12.04 20:37:02 | 000,010,025 | ---- | M] () -- C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\pupsd063.default\searchplugins\mywebsearch.xml
[2011.01.25 18:24:06 | 000,003,915 | ---- | M] () -- C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\pupsd063.default\searchplugins\sweetim.xml
[2011.05.15 14:07:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- 
[2011.01.25 18:24:16 | 000,000,000 | ---D | M] (PriceGong) -- C:\PROGRAM FILES (X86)\PRICEGONG\2.1.0\FF
() (No name found) -- C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PUPSD063.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2011.05.06 22:06:35 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.06 22:06:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.06 22:06:37 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.05.06 22:06:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.06 22:06:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.05.06 22:06:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.06 22:06:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [EA Core]  File not found
O4 - HKCU..\Run: [RDReminder] C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (Systweak Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.15 12:21:20 | 000,000,000 | ---D | C] -- C:\Users\Michelle\AppData\Roaming\Malwarebytes
[2011.05.15 12:21:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.15 12:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.15 12:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.15 12:21:00 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.15 12:21:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.04.29 12:50:28 | 001,653,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.04.29 12:50:28 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.04.28 20:22:46 | 000,000,000 | ---D | C] -- C:\Programme\Windows Portable Devices
[2011.04.28 20:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2011.04.28 20:22:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2011.04.28 20:06:20 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2011.04.28 20:06:20 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2011.04.28 20:06:19 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2011.04.28 20:06:19 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2011.04.28 20:06:19 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2011.04.28 20:06:19 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2011.04.28 20:06:19 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2011.04.28 20:06:19 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2011.04.28 20:06:18 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2011.04.28 20:06:18 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2011.04.28 20:06:18 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiag.exe
[2011.04.28 20:06:18 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2011.04.28 20:06:18 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiag.exe
[2011.04.28 20:05:35 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BthMtpContextHandler.dll
[2011.04.28 20:05:35 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShextAutoplay.exe
[2011.04.28 20:05:35 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShextAutoplay.exe
[2011.04.28 20:05:27 | 002,727,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2011.04.28 20:05:27 | 002,537,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdshext.dll
[2011.04.28 20:05:27 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2011.04.28 20:05:27 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2011.04.28 20:05:27 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2011.04.28 20:05:27 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2011.04.28 20:05:27 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2011.04.28 20:05:27 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdMtp.dll
[2011.04.28 20:05:27 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceWMDRM.dll
[2011.04.28 20:05:27 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
[2011.04.28 20:05:27 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceWMDRM.dll
[2011.04.28 20:05:27 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceTypes.dll
[2011.04.28 20:05:27 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
[2011.04.28 20:05:27 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2011.04.28 20:05:27 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
[2011.04.28 20:05:27 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceConnectApi.dll
[2011.04.28 20:05:27 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdMtpUS.dll
[2011.04.28 20:05:27 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceConnectApi.dll
[2011.04.28 20:05:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WpdUsb.sys
[2011.04.28 20:05:27 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdConns.dll
[2011.04.28 20:04:38 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2011.04.28 20:04:38 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2011.04.28 20:04:38 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011.04.28 20:04:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2011.04.28 20:04:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaccrc.dll
[2011.04.28 20:02:00 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2011.04.28 20:01:59 | 003,815,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2011.04.28 20:01:59 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2011.04.28 20:01:59 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2011.04.28 20:01:59 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2011.04.28 20:01:59 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2011.04.28 17:40:08 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.04.28 17:40:08 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.04.28 17:40:07 | 001,555,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.04.28 17:40:07 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.04.28 17:39:43 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshsq.dll
[2011.04.28 17:39:43 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2011.04.28 17:39:41 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.04.28 17:39:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011.04.28 17:39:40 | 003,068,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2011.04.28 17:39:40 | 002,002,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011.04.28 17:39:40 | 001,257,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFH264Dec.dll
[2011.04.28 17:39:40 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011.04.28 17:39:40 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFH264Dec.dll
[2011.04.28 17:39:40 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.04.28 17:39:40 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2011.04.28 17:39:40 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10level9.dll
[2011.04.28 17:39:40 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxgi.dll
[2011.04.28 17:39:40 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2011.04.28 17:39:40 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.04.28 17:39:39 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2011.04.28 17:39:39 | 001,268,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2011.04.28 17:39:39 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10.dll
[2011.04.28 17:39:39 | 000,625,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2011.04.28 17:39:39 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011.04.28 17:39:39 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011.04.28 17:39:39 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011.04.28 17:39:39 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10core.dll
[2011.04.28 17:39:39 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011.04.28 17:39:39 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011.04.28 17:39:38 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2011.04.28 17:39:38 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2011.04.28 17:39:38 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFHEAACdec.dll
[2011.04.28 17:39:38 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmp4src.dll
[2011.04.28 17:39:38 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFHEAACdec.dll
[2011.04.28 17:39:38 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2011.04.28 17:39:38 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmp4src.dll
[2011.04.28 17:39:38 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2011.04.28 17:39:37 | 003,548,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2011.04.28 17:39:37 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2011.04.28 17:39:37 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2011.04.28 17:39:36 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2011.04.28 17:39:36 | 001,204,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2011.04.28 17:39:36 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2011.04.28 17:39:36 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2011.04.28 17:39:36 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2011.04.28 17:39:36 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2011.04.28 17:39:36 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2011.04.28 17:39:35 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2011.04.28 17:39:35 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2011.04.28 17:37:59 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2011.04.28 17:37:59 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2011.04.28 17:37:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2011.04.28 17:37:58 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2011.04.26 12:01:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2011.04.26 12:01:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2011.04.26 12:01:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2011.04.26 12:01:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2011.04.26 12:01:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2011.04.26 12:01:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2011.04.24 22:43:10 | 000,000,000 | ---D | C] -- C:\Users\Michelle\AppData\Roaming\dvdcss
[2011.04.24 09:59:38 | 000,000,000 | ---D | C] -- C:\Users\Michelle\AppData\Roaming\vlc
[2011.04.24 09:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.04.24 09:59:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.15 14:08:40 | 000,003,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.15 14:08:40 | 000,003,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.15 14:08:39 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.15 14:08:37 | 000,000,732 | ---- | M] () -- C:\Users\Michelle\AppData\Local\d3d9caps64.dat
[2011.05.15 14:08:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.15 13:37:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.15 12:21:03 | 000,000,952 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.15 09:54:28 | 001,458,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.15 09:54:28 | 000,632,594 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.05.15 09:54:28 | 000,599,528 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.15 09:54:28 | 000,128,406 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.05.15 09:54:28 | 000,105,404 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.14 22:44:57 | 000,000,680 | ---- | M] () -- C:\Users\Michelle\AppData\Local\d3d9caps.dat
[2011.05.14 20:01:15 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A025FCBF-8A1A-4063-9513-092CE2AFD65F}.job
[2011.05.07 22:46:40 | 000,017,408 | ---- | M] () -- C:\Users\Michelle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.04 16:58:00 | 000,000,504 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Michelle.job
[2011.05.04 14:22:10 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\Regclean Pro_UPDATES.job
[2011.04.28 20:22:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011.04.28 20:22:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011.04.26 12:05:03 | 000,230,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.04.24 09:59:32 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
 
========== Files Created - No Company Name ==========
 
[2011.05.15 12:21:03 | 000,000,952 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.06 22:06:38 | 000,000,904 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.04.28 20:22:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011.04.28 20:22:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011.04.24 09:59:32 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.10.30 18:19:53 | 000,017,408 | ---- | C] () -- C:\Users\Michelle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.03 15:35:09 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010.10.03 15:34:45 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010.10.03 15:34:24 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010.10.02 11:08:18 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010.10.01 23:12:52 | 000,000,552 | ---- | C] () -- C:\Users\Michelle\AppData\Local\d3d8caps.dat
[2010.10.01 22:09:34 | 000,000,680 | ---- | C] () -- C:\Users\Michelle\AppData\Local\d3d9caps.dat
[2010.10.01 21:44:34 | 000,000,732 | ---- | C] () -- C:\Users\Michelle\AppData\Local\d3d9caps64.dat
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006.11.02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

< End of report >
         
--- --- ---
__________________

Alt 15.05.2011, 13:54   #19
danira
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



Und zu guter Letzt:

Nummer 4 Malwarebytes:
Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 6582

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

15.05.2011 14:11:48
mbam-log-2011-05-15 (14-11-48).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 284913
Laufzeit: 2 Stunde(n), 2 Minute(n), 20 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


Nummer 4 OTL Extras:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 5/15/2011 2:40:21 PM - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Ronny del Rosso\Downloads
 Starter Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 88.82 Gb Free Space | 59.59% Space Free | Partition Type: NTFS
 
Computer Name: RONNYDELROSSO | User Name: Ronny del Rosso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{185AFA7A-F63E-450B-94AA-011CAC18090E}" = E-Cam
"{1E412F3E-745C-4581-A3D0-DEC286D4C56D}" = Tunes Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2E741D13-BD2A-45EB-8342-7127233E5DAC}" = LocaleMe
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{559FA707-18E2-44A1-90A0-5CC43F64A350}" = Radiotracker
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-375CW
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{75C14F0A-EAA4-43CD-AA81-32FDB1686329}" = TubeBox!
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F1F5CF-144F-466B-A939-1675B0022ADE}" = Pacemaker Editor
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A736ED15-FE0B-462F-9EF2-E021F622D232}_is1" = GamePark Console
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.3 MUI
"{C04E7C11-A3DA-480B-9018-F292E04CA26A}" = FontResizer
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C73F2967-062E-48F2-A462-D335B8950183}" = Safari
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{EA478FED-F9B4-4176-88C3-41937786872D}" = ExpPrint
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB686487-C637-4EEF-BCB1-C92463F2CC05}" = Atheros Ethernet Utility
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASUS VIBE" = ASUS VIBE
"Eee Docking_is1" = Eee Docking 2.4.0
"FormatFactory" = FormatFactory 2.60
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NIS" = Norton Internet Security
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"WaveLabPro" = WaveLab 6
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 5/15/2011 7:43:44 AM | Computer Name = RonnydelRosso | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/05/15 13:43:44.471]: [00001888]: GetDeviceIpAddress:
 GetAddressByName [BRW904CE591EABB] Error  
 
Error - 5/15/2011 7:44:27 AM | Computer Name = RonnydelRosso | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/05/15 13:44:27.309]: [00001888]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.2.100]  
 
Error - 5/15/2011 7:44:27 AM | Computer Name = RonnydelRosso | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/05/15 13:44:27.403]: [00001888]: GetDeviceIpAddress:
 GetAddressByName [BRW904CE591EABB] Error  
 
Error - 5/15/2011 7:44:57 AM | Computer Name = RonnydelRosso | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/05/15 13:44:57.464]: [00001888]: GetDeviceIpAddress:
 GetAddressByName [BRW904CE591EABB] Error  
 
Error - 5/15/2011 7:45:40 AM | Computer Name = RonnydelRosso | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/05/15 13:45:40.302]: [00001888]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.2.100]  
 
Error - 5/15/2011 7:45:40 AM | Computer Name = RonnydelRosso | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/05/15 13:45:40.395]: [00001888]: GetDeviceIpAddress:
 GetAddressByName [BRW904CE591EABB] Error  
 
Error - 5/15/2011 7:46:10 AM | Computer Name = RonnydelRosso | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/05/15 13:46:10.441]: [00001888]: GetDeviceIpAddress:
 GetAddressByName [BRW904CE591EABB] Error  
 
Error - 5/15/2011 7:46:53 AM | Computer Name = RonnydelRosso | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/05/15 13:46:53.310]: [00001888]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.2.100]  
 
Error - 5/15/2011 7:46:53 AM | Computer Name = RonnydelRosso | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/05/15 13:46:53.403]: [00001888]: GetDeviceIpAddress:
 GetAddressByName [BRW904CE591EABB] Error  
 
Error - 5/15/2011 7:47:23 AM | Computer Name = RonnydelRosso | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/05/15 13:47:23.449]: [00001888]: GetDeviceIpAddress:
 GetAddressByName [BRW904CE591EABB] Error  
 
[ System Events ]
Error - 3/21/2011 4:18:24 PM | Computer Name = RonnydelRosso | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 3/23/2011 4:20:30 AM | Computer Name = RonnydelRosso | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 3/23/2011 4:21:04 AM | Computer Name = RonnydelRosso | Source = Service Control Manager | ID = 7023
Description = Der Dienst "iPod-Dienst" wurde mit folgendem Fehler beendet:   %%-2147417831
 
Error - 3/23/2011 4:21:29 AM | Computer Name = RonnydelRosso | Source = DCOM | ID = 10010
Description = 
 
Error - 3/24/2011 9:20:54 AM | Computer Name = RonnydelRosso | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 3/25/2011 4:02:04 AM | Computer Name = RonnydelRosso | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 3/27/2011 6:15:24 AM | Computer Name = RonnydelRosso | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 3/27/2011 2:42:01 PM | Computer Name = RonnydelRosso | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 3/28/2011 8:30:12 AM | Computer Name = RonnydelRosso | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 3/29/2011 2:05:41 AM | Computer Name = RonnydelRosso | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
 
< End of report >
         
--- --- ---

Nummer 4 OTL Txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 5/15/2011 2:40:21 PM - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Ronny del Rosso\Downloads
 Starter Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 88.82 Gb Free Space | 59.59% Space Free | Partition Type: NTFS
 
Computer Name: RONNYDELROSSO | User Name: Ronny del Rosso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ronny del Rosso\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\EeePC\SHE\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\EeePC\HotkeyService\HotkeyService.exe (ASUSTeK Computer Inc.)
PRC - C:\Windows\System32\AsusService.exe ()
PRC - C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.)
PRC - C:\Users\Ronny del Rosso\Downloads\moveMe02f\MoveME.exe ()
PRC - C:\Program Files\Hercules\Tunes Explorer\HTunesExplorerWireless.exe (Hercules(R))
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Ronny del Rosso\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Corporation)
SRV - (AsusService) -- C:\Windows\System32\AsusService.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110430.001\BHDrvx86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110514.002\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110514.002\NAVENG.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1206000.01D\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.SYS (Symantec Corporation)
DRV - (SymNetS) -- C:\Windows\System32\Drivers\NIS\1206000.01D\SYMNETS.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110513.001\IDSvix86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS (Symantec Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = ASUS Eee Family | Easy to Learn, Work and Play [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = ASUS Eee Family | Easy to Learn, Work and Play [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2011/05/13 12:20:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn\ [2011/05/11 08:56:01 | 000,000,000 | ---D | M]
 
[2010/06/25 09:25:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ronny del Rosso\AppData\Roaming\mozilla\Extensions
[2010/06/25 09:25:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ronny del Rosso\AppData\Roaming\mozilla\Firefox\Profiles\9gc3rphi.default\extensions
[2011/01/24 15:30:19 | 000,002,449 | ---- | M] () -- C:\Users\Ronny del Rosso\AppData\Roaming\Mozilla\Firefox\Profiles\9gc3rphi.default\searchplugins\safesearch.xml
[2011/03/20 11:44:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010/07/03 20:13:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/03 13:47:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/25 22:08:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/13 14:11:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/07 22:10:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/05/11 08:56:01 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\COFFPLGN
[2011/05/13 12:20:35 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPLGN
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [HotkeyService] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SuperHybridEngine] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKCU..\Run: [ISUSPM Startup]  File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Ronny del Rosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{555223c7-77fa-11df-aa26-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Start.exe
O33 - MountPoints2\{555223c7-77fa-11df-aa26-806e6f6e6963}\Shell\Install\Command - "" = D:\Start.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/05/15 14:33:01 | 000,000,000 | ---D | C] -- C:\Users\Ronny del Rosso\AppData\Local\Diagnostics
[2011/05/15 12:08:15 | 000,000,000 | ---D | C] -- C:\Users\Ronny del Rosso\AppData\Roaming\Malwarebytes
[2011/05/15 12:07:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/15 12:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/15 12:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/15 12:07:53 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/15 12:07:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/14 23:54:43 | 000,000,000 | ---D | C] -- C:\Users\Ronny del Rosso\Desktop\Sicherung Netbook 15.5.2011
[2011/05/11 08:52:42 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2011/05/11 08:52:41 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2011/05/11 08:52:33 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/05/11 08:52:32 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/04/27 22:08:11 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/27 22:07:45 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011/04/27 22:07:11 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2011/04/27 22:07:10 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2011/04/27 22:07:09 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2011/04/27 22:06:53 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010/06/14 23:23:15 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
 
========== Files - Modified Within 30 Days ==========
 
[2011/05/15 14:29:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/15 12:08:01 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/15 11:08:38 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/15 11:08:38 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/15 10:59:57 | 1603,723,264 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/15 00:22:18 | 000,694,430 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/05/15 00:22:18 | 000,691,192 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2011/05/15 00:22:18 | 000,689,108 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2011/05/15 00:22:18 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/05/15 00:22:18 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/15 00:22:18 | 000,132,940 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2011/05/15 00:22:18 | 000,130,140 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/05/15 00:22:18 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/05/15 00:22:18 | 000,127,144 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2011/05/15 00:22:18 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/13 12:19:47 | 000,002,427 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2011/05/13 12:19:00 | 001,991,968 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1206000.01D\Cat.DB
[2011/05/12 13:08:13 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011/05/12 13:08:13 | 000,007,468 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011/05/12 13:08:13 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011/04/29 05:29:05 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1206000.01D\isolate.ini
[2011/04/18 19:54:41 | 000,282,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2011/05/15 12:08:01 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/06 13:44:17 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/03/06 13:42:20 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2011/03/06 13:42:06 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011/01/19 16:40:09 | 000,001,940 | ---- | C] () -- C:\Users\Ronny del Rosso\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/08/29 11:05:47 | 000,000,118 | ---- | C] () -- C:\Windows\Podcasts.INI
[2010/08/29 10:44:46 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010/06/14 23:29:07 | 000,000,712 | R--- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat
[2010/06/14 23:29:07 | 000,000,008 | R--- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2010/06/14 23:24:02 | 000,219,136 | ---- | C] () -- C:\Windows\System32\AsusService.exe
[2010/06/14 23:23:59 | 000,021,864 | ---- | C] () -- C:\Windows\AsAcpiSvrLang.ini
[2010/06/14 23:23:11 | 000,050,026 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010/06/14 23:22:36 | 000,032,787 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/11/25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/07/26 03:49:39 | 000,689,108 | ---- | C] () -- C:\Windows\System32\perfh010.dat
[2009/07/26 03:49:39 | 000,335,478 | ---- | C] () -- C:\Windows\System32\perfi010.dat
[2009/07/26 03:49:39 | 000,127,144 | ---- | C] () -- C:\Windows\System32\perfc010.dat
[2009/07/26 03:49:39 | 000,037,534 | ---- | C] () -- C:\Windows\System32\perfd010.dat
[2009/07/26 03:39:02 | 000,691,192 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2009/07/26 03:39:02 | 000,341,322 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2009/07/26 03:39:02 | 000,132,940 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2009/07/26 03:39:02 | 000,043,068 | ---- | C] () -- C:\Windows\System32\perfd013.dat
[2009/07/26 03:28:45 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009/07/26 03:28:45 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009/07/26 03:28:45 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009/07/26 03:28:45 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009/07/26 03:18:20 | 000,694,430 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2009/07/26 03:18:20 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2009/07/26 03:18:20 | 000,130,140 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2009/07/26 03:18:20 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 06:33:53 | 000,282,760 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/04/02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS

< End of report >
         
--- --- ---

Alt 15.05.2011, 14:10   #20
markusg
/// Malware-holic
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



erst mal, entwarnung, dies ist nur adware.
ist zwar auch unangenehm, da sie das surfverhalten ausspähen kann und dann geziehlt werbung macht, aber nicht so schlimm, das formatiert werden muss.
obwohl hier auch noch etwas zu machen währe, update technisch und einige sicherheits regeln.
ich würde also vorschlagen, dass wir uns erst mal und das gerät kümmern wesswegen du hier bist, und dann um den rest, falls das ok für dich ist.
zu deiner frage wegen avira.
avira, sowie jedes andere antiviren programm, ist als einzellösung nicht genug. heut zu tage bedeutet pc sicherheit dass man ein gesammtes konzept beachtet, welches ich dir noch erkläre, wenn du den ersten pc zum formatieren bereit hast.
keine angst, die tipps sind leicht umzusetzen.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.05.2011, 14:19   #21
danira
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



Oh puh....Das hätte ich jetzt nicht gedacht... Es sah doch so schlimm aus...

Meine Dateien brauchen noch 5 Minuten bis sie auf der Festplatte sind, dann kann es losgehen.

Was mich ja noch brennend interessieren würde, wäre wie ich an dieses Rootkit rangekommen bin? Und was für andere unangenehme Zeitgenossen ich auf der Festplatte habe? Aber das sprengt hier wahrscheinlich den Rahmen, oder?

Alt 15.05.2011, 14:31   #22
markusg
/// Malware-holic
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



wie genau du darann gekommen bist weis ich nicht, du hast zumindest ein backdoor, ein programm welches hintertüren für eine neu infektion öffnet + ein rootkit, welches einem angreifer volle kontrolle über das system gibt.
mögliches einfallstor sind sicherheitslücken.
dies heißt, software, die nicht mit updates versorgt wurde.

ok, folgende frage:
wisst ihr, wie das gerät zu formatieren ist?
falls nein:
nutzt ihr eine windows cd, recovery cd oder recovery partition?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.05.2011, 14:52   #23
danira
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



Ja, das weiß ich. Bin auch schon dabei...

Alt 15.05.2011, 15:03   #24
markusg
/// Malware-holic
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



sehr gut.
danach gehts weiter:
http://www.trojaner-board.de/96344-a...-rechners.html
hier alles unter vista /windows 7 und allgemeines abarbeiten!
beginnend mit den updates etc.
als antivirus kannst du zb avast nutzen. pdf zur anleitung gibts hier:
http://www.trojaner-board.de/127580-...igurieren.html
heuristiken sollten immer auf hoch stehen.
avast bietet in der kostenlosen version den besten funktionsumfang im moment denke ich.
als browser opera.
falls er dir nicht zusagt, passe ich die anleitung für nen andern browser an
um das surfen sicherer zu machen, würde ich Sandboxie empfehlen.
Download:
Sandbox*Einstellungen |

(als pdf)
hier noch ein paar zusatzeinstellungen, nicht verunsichern lassen, wenn du das programm instaliert hast, werden sie klar.
den direkten datei zugriff bitte auf opera beschrenken,
bei
Internetzugriff:
opera.exe
öffne dann sandboxie, dann oben im menü auf sandbox klickem, wähle deine sandbox aus und klicke dann auf sandboxeinstellung.
dort auf anwendung, webbrowser, andere dort auf direkten zugriff auf opera bookmarks erlauben. dann auf hinzufügen und ok.
somit kannst du deine lesezeichen auch in der sandbox dauerhaft abspeichern.

wenn du mit dem programm gut auskommst, ist ne lizenz zu empfehlen.
1. es gibt dann noch ein paar mehr funktionen.
2. kommt nach nem monat die anzeige, dass das programm freeware ist, die verschwindet erst nach ner zeit, find ich n bissel nerfig.
3. ist die lizenz lebenslang gültig, kostenpunkt rund 30 €, und du kannst sie auf allen pcs in deinem haushalt einsetzen.
eine sandbox ist eine vom system isoliert arbeitene umgebung, wenn hier ein schadprogramm reingelangt, läuft es im besten falle nicht, da wir die sandbox eingeschrenkt haben, oder es läuft, kommt aber nicht raus.
kenne keine malware, die das im moment kann.
um die volle wirkung zu erreichen muss alles umgesetzt und eingehalten werden.
alle benötigten verknüpfungen fürs eingeschrenkte konto nach
c:\benutzer\Default\desktop bzw \startmenü
kopieren. so sind sie für alle sichtbar
wenn du fragen hast, probleme, oder erfolgreich warst, melde dich bitte.
wenn du online banking betreibst, lese den passenden abschnitt
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.05.2011, 20:31   #25
danira
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



Sooooo....

Nach vielen Stunden des Wartens auf das Ende des Windows Update... Hab ich nun sogar all deine Aufgaben erledigt.
Ob ich mich an den Opera gewöhnen kann... Naja, wird schon werden, aber er ist halt doch bissl' anders als mein heißgeliebter Firefox...
Wie siehts denn mit einem E-Mail-Programm aus? Da hatte ich ja bis jetzt den Thunderbird für.

Hab ich eigentlich schon gesagt???

Alt 15.05.2011, 20:33   #26
markusg
/// Malware-holic
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



hi, thunderbird ist ok.
na wenn du dich gar nicht an den opera gewöhnen kannst passe ich für den ff an.
wie siehts mit sandboxie, secunia file hippo und paragon backup aus, kommst du damit zurecht?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.05.2011, 21:06   #27
danira
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



Ja, mit Sandboxie, secunia und file hippo komme ich zurecht, bei dem paragon backup warte ich noch auf die Bestätigungs-Email.

Ich weiß nicht, vielleicht ist es ja nur Gewohnheitssache mit so einem neuen Browser... Er kommt mir unglaublich viel langsamer vor als der Firefox ist das richtig? Ich kann gaaaaaanz entspannt zuschauen, wie er eine Seite aufbaut und langsam mitzählt, bis er endlich alle 73 Elemente einer Seite richtig zusammengebastelt hat. Hier bei euch zeigt er mir immer erst eine weiße Seite und das Geschriebene in Times New Roman linksbündig, bis er irgendwann die Seite richtig (und in Farbe) zusammenhat.
Und irgendwie habe ich da oben rechts keine "schließen, minimieren, vollbild" Symbole mehr - erst wenn ich mit der Maus einmal darüber gefahren bin tauchen die auf. Der Rest ist vermutlich Gewohnheitssache.

Geändert von danira (15.05.2011 um 21:28 Uhr)

Alt 16.05.2011, 10:32   #28
markusg
/// Malware-holic
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



öffne mal opera datei menü einstellungen, schnell einstellungen, opera turbo, schalt das mal ein.
falls der nicht bei dir läuft tauschen wir ihn aus.
über symbol leiste kannst du noch einiges ein /ausblenden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 16.05.2011, 12:43   #29
danira
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



Diesen Turbo hatte ich schon gefunden, aber der sagt da unten immer wieder, dass ich offensichtlich eine schnelle Internetverbindung habe und das der Turbo nur bei langsamen Netzwerken etwas bringt. Trotzdem ist er aber an und hat da x3 stehen.

Aber im Moment funzt hier irgendwie gar nichts mehr... Secunia und File Hippo, die ich ja bereits erfolgreich installiert hatte und die sich auch schon in meiner Taskleiste breit gemacht hatten, sind einfach WEG! Als ob ich sie nie installiert hätte. Nirgendwo mehr zu finden. Das ist mir aber erst aufgefallen, nachdem ich nun 3x(!) Open Office installiert habe und dies nach einem Neustart ebenfalls immer wieder komplett WEG ist...

Was mach ich denn falsch? Sandboxie und Opera sind die einzigen Programme, die mir auf der Festplatte drauf bleiben...

Alt 16.05.2011, 14:08   #30
markusg
/// Malware-holic
 
Geräteanschluss-Sound ohne Gerät - Standard

Geräteanschluss-Sound ohne Gerät



aber du speicherst die downloads außerhalb der sandbox oder?
also du lädst über die sandbox und dann werden die dateien wiederhergestellt, oder instalierst du in der sandbox, dann sind die programme natürlich wieder weg.
die sandbox ist ja nur zum surfen und um programme zu testen, die programme die du auf dem pc willst müssen außerhalb laufen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Geräteanschluss-Sound ohne Gerät
32 bit, 7-zip, adobe, avira, bonjour, desktop, dll, error, explorer, flash player, format, frage, google, google earth, home, install.exe, location, logfile, mozilla, mozilla thunderbird, nvidia, oldtimer, registry, rundll, schließen, security, server, shell32.dll, shortcut, software, taskleiste, tcp, trojan.clicker, tubebox, udp, vista




Ähnliche Themen: Geräteanschluss-Sound ohne Gerät


  1. [Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend
    Log-Analyse und Auswertung - 27.06.2014 (3)
  2. 2 mal die gleiche App auf einem Android Gerät
    Smartphone, Tablet & Handy Security - 20.12.2013 (3)
  3. Gerät startet sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 26.10.2013 (14)
  4. Gerät über VPN nicht ansprechbar?
    Netzwerk und Hardware - 21.08.2013 (0)
  5. Studie: Gut jeder Dritte nutzt mobiles Gerät ohne Passwort
    Nachrichten - 04.04.2013 (0)
  6. Unknown Device - Unbekanntes USB-Gerät
    Netzwerk und Hardware - 25.09.2012 (18)
  7. Sound ohne offenen Explorer etc.
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (1)
  8. Auf Das Gerät,Pfart kan nicht zugegriffen werden
    Plagegeister aller Art und deren Bekämpfung - 24.02.2012 (5)
  9. USB-Gerät wurde nicht erkannt
    Plagegeister aller Art und deren Bekämpfung - 06.05.2011 (3)
  10. Unbekanntes Gerät im Netzwerk
    Netzwerk und Hardware - 04.09.2010 (2)
  11. Ordneröffnen Sound ohne Zutun + Netzwerkverkehrausschlag
    Mülltonne - 08.01.2010 (1)
  12. Ordneröffnen Sound ohne Zutun + Netzwerkverkehrausschlag
    Log-Analyse und Auswertung - 08.01.2010 (1)
  13. Sound spielt ohne erkennbaren Grund
    Log-Analyse und Auswertung - 22.11.2008 (2)
  14. MCI-Gerät nachinstallieren....
    Alles rund um Windows - 25.02.2008 (0)
  15. USB Gerät wurde nicht erkannt
    Netzwerk und Hardware - 21.04.2007 (2)
  16. problem mit audio gerät
    Alles rund um Windows - 08.10.2006 (15)
  17. Geräteanschluß-Sound kommt ohne Grund
    Alles rund um Windows - 27.10.2005 (3)

Zum Thema Geräteanschluss-Sound ohne Gerät - So Malwarebytes läuft auf allen Rechnern... Die beiden Standrechner unserer Teens haben *schäm* bereits weit über 100 infizierte Dateien... Wir sind hier total platt. Antivir allein reicht wohl nicht aus - Geräteanschluss-Sound ohne Gerät...
Archiv
Du betrachtest: Geräteanschluss-Sound ohne Gerät auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.