Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Antiviren-, Firewall- und andere Schutzprogramme (https://www.trojaner-board.de/antiviren-firewall-andere-schutzprogramme/)
-   -   Internet-Explorer spinnt! (https://www.trojaner-board.de/87700-internet-explorer-spinnt.html)

Leonora 01.07.2010 15:18
Internet-Explorer spinnt!
 
Hallo!

Ich habe ein Problem mit dem IE.
Ich fahre den Laptop hoch, Verbindung von FritzBox zum Netz steht (zeigt er mir so an), Fenster für IE öffnet sich, aber mehr passiert nicht.
Wenn ich ihn dann runterfahre und wieder und wieder hochfahre, klappt es irgendwann und ich kann über meine Startseite Google ins Netz.

Er ist in letzter Zeit auch recht langsam geworden, Avira öffnet sich meist erst, wenn ich schon im Netz bin.

Kann mir irgendjemand bei meinem Problem helfen?
Habe gestern schon die Programme CCleaner, Mawarebytes und OTL durchlaufen lassen, ergab keine Änderung.

Wenn Ihr mir etwas schreibt, bitte für Dumme erklären, bin echt kein Genie am Rechner...:confused:

Vielen Dank schon mal

Leonora

BIOTEC 02.07.2010 11:13
Versuch doch mal Firefox...ich halt nix vom IE 8...auch wenn da viel Werbung auf Kabel 1 gemacht wird, das der sicherer wäre als früher...installiere dir mal Firefox und versuch den mal...

Gruss BIOTEC

Leonora 02.07.2010 14:37
Hi,

erstmal danke für den Vorschlag,
aber mit Mozilla hatte ich schon versucht, da brauchte ich irgendwie sogar mehr Versuche.

Kann es Probleme verursachen, wenn man beide auf dem Laptop gespeichert hat und auch beide genutzt werden?

War nicht immer allein am Laptop im Gange, ich hatte eigentlich immer Mozilla, aber von anderen wurde IE genutzt (ich halte da auch nichts von).

Was kann denn noch so einen Fehler verursachen???
Bin echt ratlos...:confused:
HIIIILFEEEEEE!!

Leonora

cosinus 02.07.2010 14:39
Poste bitte die Logs von Malwarebytes und OTL

Leonora 02.07.2010 14:59
So, hier schon mal das Ergebnis von Malwarebytes, das andere folgt in ein paar Minuten.
Vielleicht kannst Du hier ja schon was erkennen:

Malwarebytes' Anti-Malware 1.46
http://www.trojaner-board.de/51187-anleitung-malwarebytes-anti-malware.html

Database version: 4260

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

02.07.2010 15:57:40
mbam-log-2010-07-02 (15-57-40).txt

Scan type: Quick scan
Objects scanned: 105196
Time elapsed: 8 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 33
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 6
Files Infected: 13

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hol5_vxiewer.full.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\dpcproxy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Golden Palace Casino PT (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Invictus (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslAgent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Secure Solutions (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\System\CurrentControlSet\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\System\CurrentControlSet\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\systemcheck2 (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\ProgramData\Secure Solutions (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\BASE (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\DELETED (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\LOG (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\SAVED (Rogue.Multiple) -> Quarantined and deleted successfully.

Files Infected:
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\BASE\vbase.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\BASE\vbase.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\LOG\20080801181123117.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\LOG\20080802092006725.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\LOG\20080802104054436.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\LOG\20080803133043426.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\LOG\20080804084522664.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\LOG\20080804110632689.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\LOG\20080804163949225.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\LOG\20080804173038022.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\Secure Solutions\Antispyware 2008 XP\LOG\20080804203638287.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Users\Anfänger\AppData\Local\Temp\dssc32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Anfänger\delself.bat (Malware.Trace) -> Quarantined and deleted successfully.


Bis gleich!!
Leonora

Leonora 02.07.2010 15:11
Und hier nun noch das Ergebnis von OTL:

OTL Logfile:
Code:
OTL logfile created on: 02.07.2010 16:06:01 - Run 1
OTL by OldTimer - Version 3.2.7.0    Folder = C:\Users\Anfänger\Documents\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 36,58 Gb Free Space | 49,08% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 73,06 Gb Total Space | 72,84 Gb Free Space | 99,71% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: XXXXXXX
Current User Name: XXXXXXXXXX
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Anfänger\Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin)
PRC - C:\Programme\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
PRC - C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\ATK Hotkey\HControl.exe (ATK0100)
PRC - C:\Programme\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Programme\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Programme\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Programme\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Anfänger\Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (ACDaemon) --  File not found
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IGDCTRL) -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
SRV - (TNaviSrv) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (ASLDRService) -- C:\Programme\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ISPwdSvc) -- C:\Program Files\Norton Internet Security\isPwdSvc.exe (Symantec Corporation)
SRV - (comHost) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)
SRV - (LiveUpdate Notice Ex) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (SymAppCore) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)
SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                          )
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMFW) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS) -- C:\Windows\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMNDISV) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMDNS) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20070108.003\IDSvix86.sys (Symantec Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe]  File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} -  File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} -  File not found
O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Toshiba\Wallpapers\Wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\Toshiba\Wallpapers\Wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{db11b1ce-8d64-11dc-9f35-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{db11b1ce-8d64-11dc-9f35-806e6f6e6963}\Shell\AutoRun\command - "" = F:\FSetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.07.01 06:26:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.06.30 17:41:02 | 000,000,000 | ---D | C] -- C:\Programme\FRITZ!DSL
[2010.06.30 17:41:02 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\AVM
[2010.06.30 17:40:04 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard
[2010.06.30 14:56:32 | 000,000,000 | ---D | C] -- C:\Users\XXXXXXXXXX\AppData\Roaming\Malwarebytes
[2010.06.30 14:56:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.06.30 14:56:15 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.06.30 14:56:15 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.06.30 14:56:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.30 14:47:44 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.06.24 22:00:29 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.24 22:00:29 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.24 22:00:29 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.24 06:59:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.06.24 06:59:20 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.06.18 07:16:11 | 000,000,000 | ---D | C] -- C:\Users\XXXXXXXXXX\AppData\Roaming\Uniblue
[2010.06.18 07:15:48 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2010.06.17 10:55:28 | 000,000,000 | ---D | C] -- C:\Programme\QS
[2010.06.17 10:53:40 | 000,000,000 | ---D | C] -- C:\Users\XXXXXXXXXX\AppData\Roaming\TeamViewer
[2010.06.17 10:53:38 | 000,000,000 | ---D | C] -- C:\Users\XXXXXXXXXX\temp
[2010.06.13 13:22:48 | 000,000,000 | ---D | C] -- C:\Programme\Windows Portable Devices
[2010.06.13 00:01:47 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010.06.13 00:01:47 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010.06.13 00:01:46 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010.06.13 00:01:19 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010.06.13 00:01:18 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010.06.13 00:01:17 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010.06.13 00:01:17 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010.06.13 00:01:17 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010.06.13 00:01:17 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010.06.13 00:01:17 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010.06.13 00:01:17 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010.06.13 00:01:17 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010.06.13 00:01:17 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010.06.13 00:01:17 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010.06.13 00:01:17 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010.06.13 00:01:17 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010.06.13 00:01:17 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010.06.13 00:01:17 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010.06.13 00:01:17 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010.06.13 00:01:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010.06.13 00:01:16 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010.06.13 00:01:16 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010.06.13 00:01:16 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010.06.13 00:01:16 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010.06.13 00:01:16 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010.06.13 00:01:16 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010.06.13 00:01:16 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010.06.13 00:01:16 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010.06.13 00:00:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010.06.13 00:00:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010.06.13 00:00:49 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010.06.13 00:00:47 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010.06.13 00:00:47 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010.06.13 00:00:47 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010.06.13 00:00:47 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2010.06.13 00:00:47 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010.06.13 00:00:47 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010.06.13 00:00:47 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010.06.13 00:00:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2010.06.13 00:00:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2010.06.12 23:59:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010.06.12 23:59:53 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010.06.12 22:38:03 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.06.12 14:51:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010.06.12 14:51:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010.06.12 14:51:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010.06.12 14:30:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010.06.11 09:46:13 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.06.11 09:46:10 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.06.11 09:46:09 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.06.11 09:45:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.06.11 09:45:25 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.06.11 09:45:24 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.06.11 09:45:24 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.06.11 09:45:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.06.11 09:45:24 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.06.11 09:45:24 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.06.11 09:45:23 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.06.11 09:45:23 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.06.11 09:45:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.06.11 09:45:23 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.06.11 09:45:23 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.06.11 09:45:23 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.06.11 09:45:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.06.11 09:45:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.06.11 09:39:10 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.07.02 16:05:14 | 001,310,720 | -HS- | M] () -- C:\Users\XXXXXXXXXX\ntuser.dat
[2010.07.02 16:05:04 | 000,524,288 | -HS- | M] () -- C:\Users\XXXXXXXXXX\ntuser.dat{94ac1fa0-d513-11de-bc47-bbe150981532}.TMContainer00000000000000000001.regtrans-ms
[2010.07.02 16:05:04 | 000,065,536 | -HS- | M] () -- C:\Users\XXXXXXXXXX\ntuser.dat{94ac1fa0-d513-11de-bc47-bbe150981532}.TM.blf
[2010.07.02 16:05:04 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C228F376-96A0-42AD-8ABB-A47BCFA4B0AD}.job
[2010.07.02 16:04:59 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5B5373C0-3DCD-421B-A722-922E84BAB85C}.job
[2010.07.02 15:26:43 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.02 15:26:43 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.02 15:26:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.02 11:09:33 | 001,432,288 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.02 11:09:33 | 000,623,280 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.02 11:09:33 | 000,591,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.02 11:09:33 | 000,125,184 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.02 11:09:33 | 000,103,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.02 11:02:52 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.07.02 11:02:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.02 11:02:31 | 2138,300,416 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.01 06:26:22 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.06.30 17:41:22 | 000,002,455 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
[2010.06.30 17:41:22 | 000,002,437 | ---- | M] () -- C:\Users\Public\Desktop\FRITZ!DSL Startcenter.lnk
[2010.06.30 15:58:46 | 000,271,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.06.30 14:54:02 | 000,000,206 | ---- | M] () -- C:\Users\XXXXXXXXXX\Documents\cc_20100630_145359.reg
[2010.06.30 14:53:42 | 000,003,106 | ---- | M] () -- C:\Users\XXXXXXXXXX\Documents\cc_20100630_145331.reg
[2010.06.18 08:34:17 | 000,000,894 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010.06.18 08:26:20 | 000,000,919 | ---- | M] () -- C:\Users\XXXXXXXXXX\Desktop\System Tweaker.lnk
[2010.06.17 11:24:52 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\MetaTrader - ActivTrades.lnk
[2010.06.13 13:22:28 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010.06.13 13:22:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010.06.12 14:49:57 | 001,282,342 | -H-- | M] () -- C:\Users\XXXXXXXXXX\AppData\Local\IconCache.db
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.07.01 06:26:22 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.06.30 17:41:03 | 000,002,455 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
[2010.06.30 17:41:03 | 000,002,437 | ---- | C] () -- C:\Users\Public\Desktop\FRITZ!DSL Startcenter.lnk
[2010.06.30 14:54:00 | 000,000,206 | ---- | C] () -- C:\Users\XXXXXXXXXX\Documents\cc_20100630_145359.reg
[2010.06.30 14:53:36 | 000,003,106 | ---- | C] () -- C:\Users\XXXXXXXXXX\Documents\cc_20100630_145331.reg
[2010.06.18 08:34:17 | 000,000,894 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010.06.18 08:26:20 | 000,000,919 | ---- | C] () -- C:\Users\XXXXXXXXXX\Desktop\System Tweaker.lnk
[2010.06.17 11:24:52 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\MetaTrader - ActivTrades.lnk
[2010.06.13 13:22:28 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010.06.13 13:22:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010.05.21 07:47:45 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008.08.04 18:41:13 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2007.08.13 14:20:38 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.08.13 13:52:05 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007.08.13 13:52:05 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007.08.13 13:52:05 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007.08.13 13:52:05 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007.08.13 13:52:05 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007.08.13 13:52:05 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.08.13 13:44:38 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.08.13 13:30:56 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.08.13 13:30:56 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.08.13 13:30:56 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.08.13 13:30:56 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.08.13 12:06:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.08.13 12:06:09 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007.08.13 12:06:09 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007.08.13 12:06:09 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1283.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
========== LOP Check ==========
 
[2010.06.17 10:53:40 | 000,000,000 | ---D | M] -- C:\Users\XXXXXXXXXX\AppData\Roaming\TeamViewer
[2007.11.08 19:51:42 | 000,000,000 | ---D | M] -- C:\Users\XXXXXXXXXX\AppData\Roaming\TOSHIBA
[2010.06.18 07:16:11 | 000,000,000 | ---D | M] -- C:\Users\XXXXXXXXXX\AppData\Roaming\Uniblue
[2007.08.21 02:59:57 | 000,000,016 | -H-- | M] () -- C:\Windows\Tasks\mxfilerelatedcache.mxc2
[2010.07.02 09:43:36 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.07.02 16:04:59 | 000,000,428 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5B5373C0-3DCD-421B-A722-922E84BAB85C}.job
[2010.07.02 16:05:04 | 000,000,428 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{C228F376-96A0-42AD-8ABB-A47BCFA4B0AD}.job
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---

Leonora 02.07.2010 15:26
Und hier noch das 2. Ergebnis von OTL:

OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 02.07.2010 16:06:02 - Run 1
OTL by OldTimer - Version 3.2.7.0    Folder = C:\Users\Anfänger\Documents\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 36,58 Gb Free Space | 49,08% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 73,06 Gb Total Space | 72,84 Gb Free Space | 99,71% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: XXXXXXXX
Current User Name: XXXXXXXXXX
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{30A27A1E-4387-4C8D-BB4E-8490D2BA2EB2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4F0A110F-1E43-4448-A9E2-E11EA8AD9738}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{659DAA76-CC73-4B2C-A804-4348F1EC0668}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{851C14C3-5A1F-41B1-9634-8A32DCB1FFEF}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{AF480318-C7B2-4C09-B7EB-306D8F5E32AD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B3EA0C03-6FD2-43B3-856E-CEE62DC3F2E7}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C21BA3CC-7C28-4639-94B9-47A3602BE329}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CFB7050F-31ED-4776-BF6A-C35D96DC9428}" = rport=2869 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04C3A4B9-7DA2-44C1-80DF-CF818F0C5500}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\fboxupd.exe |
"{06FA9FC6-3ECE-44B5-B40A-011C1988F33B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1EAE0AB1-6ECC-4F62-9328-CD2A18C9E3F2}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\igdctrl.exe |
"{597B80CB-5308-4ECE-A759-CF1551745CB3}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\webwaigd.exe |
"{6142F96D-91E4-4E84-9DC9-6AB5188D5B07}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\igdctrl.exe |
"{A6FC1ABA-5C64-42D6-B53E-AF1743A4EA4B}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\fboxupd.exe |
"{B58AA94E-6A87-4455-9F1E-742FA2B12F23}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C3F79C64-2AD0-4DB8-AD95-EECA092C202C}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{C9496FE5-8217-4386-83C2-DA92D799F6DE}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\webwaigd.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024D66E9-D50C-44A7-92B4-2DFDDD95D228}" = SaxoTrader 2
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2457326B-C110-40C3-89B0-889CC913871A}" = AVM FRITZ!DSL
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2C544254-39F2-4ACA-B779-ABF7297C96CF}" = Accessibility
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = MetaTrader 4.00
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{56995235-B76E-44A6-BA17-8FF13D3F907A}" = TOSHIBA Benutzerhandbücher
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Media Driver Vista x86 Ver.3.33.03
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{62653245-3DC5-4019-AF6B-4E62D6150D9E}" = F4200_Help
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67DFCE0D-BBA9-43AC-90B3-548390ECE522}" = F4200
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC5E101F-8D42-406B-BFC0-7B906879F705}" = CFX Trader
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CCleaner" = CCleaner
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"myphotobook" = myphotobook 3.1
"Shop for HP Supplies" = Shop for HP Supplies
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"System Tweaker_is1" = Uniblue System Tweaker
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 01.06.2010 09:30:38 | Computer Name = XXXXXXXX | Source = Windows Search Service | ID = 3013
Description =
 
Error - 02.06.2010 05:28:44 | Computer Name = XXXXXXXX | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 12.06.2010 08:29:25 | Computer Name = XXXXXXXX | Source = ESENT | ID = 215
Description = WinMail (3612) WindowsMail0: Die Sicherung wurde abgebrochen, weil
 sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
 wurde.
 
Error - 14.06.2010 07:25:26 | Computer Name = XXXXXXXX | Source = .NET Runtime Optimization Service | ID = 1101
Description =
 
Error - 15.06.2010 00:12:04 | Computer Name = XXXXXXXX | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 17.06.2010 09:37:03 | Computer Name = XXXXXXXX | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18928, Zeitstempel
 0x4bdfa327, fehlerhaftes Modul Flash10a.ocx, Version 10.0.12.36, Zeitstempel 0x48e83175,
 Ausnahmecode 0xc0000005, Fehleroffset 0x001b3b57,  Prozess-ID 0xabc, Anwendungsstartzeit
 01cb0e1c6bca5fcf.
 
Error - 30.06.2010 08:52:54 | Computer Name = XXXXXXXX | Source = Windows Search Service | ID = 3024
Description =
 
Error - 30.06.2010 10:43:20 | Computer Name = XXXXXXXX | Source = RasClient | ID = 20227
Description =
 
Error - 30.06.2010 11:39:04 | Computer Name = XXXXXXXX | Source = MsiInstaller | ID = 1013
Description =
 
Error - 30.06.2010 11:40:45 | Computer Name = XXXXXXXX | Source = MsiInstaller | ID = 11704
Description =
 
[ System Events ]
Error - 01.07.2010 23:46:50 | Computer Name = XXXXXXXX | Source = Service Control Manager | ID = 7022
Description =
 
Error - 01.07.2010 23:57:31 | Computer Name = XXXXXXXX | Source = Service Control Manager | ID = 7000
Description =
 
Error - 01.07.2010 23:57:31 | Computer Name = XXXXXXXX | Source = Service Control Manager | ID = 7000
Description =
 
Error - 01.07.2010 23:57:31 | Computer Name = XXXXXXXX | Source = Service Control Manager | ID = 7000
Description =
 
Error - 01.07.2010 23:57:47 | Computer Name = XXXXXXXX | Source = Service Control Manager | ID = 7022
Description =
 
Error - 02.07.2010 01:31:31 | Computer Name = XXXXXXXX | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 02.07.2010 05:04:18 | Computer Name = XXXXXXXX | Source = Service Control Manager | ID = 7000
Description =
 
Error - 02.07.2010 05:04:18 | Computer Name = XXXXXXXX | Source = Service Control Manager | ID = 7000
Description =
 
Error - 02.07.2010 05:04:18 | Computer Name = XXXXXXXX | Source = Service Control Manager | ID = 7000
Description =
 
Error - 02.07.2010 05:04:24 | Computer Name = XXXXXXXX | Source = Service Control Manager | ID = 7022
Description =
 
 
< End of report >
--- --- ---


Kannst Du mir bei meinem Problem weiter helfen? Kann man aus diesen Berichten etwas erkennen??

Schon mal vielen Dank im voraus!!!
Leonora

Leonora 03.07.2010 13:03
Hallo!?
Kann mir keiner helfen??
Habe eben x-mal neu gestartet, bis ich endlich ins Internet kam, nicht dass er bald gar nicht mehr will, dann hab ich echt ein riesen Problem...

Kann jemand in den Ergebnissen etwas finden, was die Ursache dafür sein könnte?
Oder soll ich noch andere Programme durchchecken lassen??

Leonora

cosinus 03.07.2010 14:35
Zitat:
Hallo!?
Kann mir keiner helfen??
Gehts noch?? :mad:
Du bist hier nich bei einer teuren Hotline, hier gibts kostenlose Hilfe und wir machen das freiwillig in unserer Freizeit also hör auf zu drängeln!! :koch:

Starte Malwarebytes, aktualisiere es und mach einen Vollscan!

Leonora 03.07.2010 14:59
Hey, tut mir leid, wenn Du das falsch verstehst, aber ich bin nun mal kein Genie am PC und auf die Hilfe anderer angewiesen.
Hab eben Torschluss-Panik, dass auf einmal nix mehr geht und ich noch nicht mal ins Netz komme, um zu sehen, was ich noch machen kann!...
Dauert mit jedem Tag immer länger bis ich reinkomme...

Leonora 03.07.2010 18:09
Hallo!
Hat bißchen gedauert, hier nun das Ergebnis vom kompletten Scan:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4260

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

03.07.2010 19:00:58
mbam-log-2010-07-03 (19-00-58).txt

Scan type: Full scan (C:\|E:\|)
Objects scanned: 223565
Time elapsed: 1 hour(s), 7 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Kann man hier etwas erkennen, oder soll ich noch irgendetwas durchlaufen lassen??
Vielen Dank schon mal für die Hilfe.

Leonora

cosinus 04.07.2010 18:42
Zitat:
Database version: 4260

Du hast Malwarebytes vorher nicht aktualisiert.Und ich hab noch extra drauf hingewiesen... :balla:
Bitte updaten und den Vollscan wiederholen!

Leonora 05.07.2010 16:27
Hi!
So, habe jetzt nochmal den Voll-Scan gemacht.
Hatte gelesen, dass ich aktualisieren sollte, aber das ließ sich nicht anklicken, war dann davon ausgegangen, dass es die aktuelle Version ist... Naja, jeder darf in irgendwas doof sein, ich zieh dann mal hier meinen Joker, ok? :crazy:

Hier das Ergebnis:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4277

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

05.07.2010 17:21:28
mbam-log-2010-07-05 (17-21-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Durchsuchte Objekte: 253152
Laufzeit: 1 Stunde(n), 33 Minute(n), 38 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


Ich hoffe, diesmal war alles richtig gemacht.
Noch eine Frage zu Windows-Mail: wenn viele Mails gespeichert sind, kann das stören oder den Rechner langsam machen?

Vielen Dank nochmal für Deine Hilfe,

Leonora

cosinus 05.07.2010 18:52
Zitat:
Noch eine Frage zu Windows-Mail: wenn viele Mails gespeichert sind, kann das stören oder den Rechner langsam machen?
E-Mails machen den PC nicht langsamer. Worauf willst Du hinaus?
Systembremsen sind eher unnötige bis wirkungslose "Schutzprogramme", eigentlich alles was sich Internet Security bzw. Personal Firewall nennt. Und Du hast da was installiert => Norton Internet Security - am besten gleich weg damit, schnell deinstallieren! :kloppen:

Es ist sowieso eine ganz schlechte Idee, mehrere (herkömmliche) Virenscanner parallel zu betreiben. Also sowas wie Symantec/Norton und Avira AntiVir zusammen.
Eine Ausnahme bilden da Malwarebytes und SASW aber auch da wäre ich eher vorsichtiger.

Sag Bescheid wenn Du soweit bist, sprich wenn Norton komplett deinstalliert wurde.

Leonora 07.07.2010 13:22
Hallo!
Das Programm Norton war glaub ich beim Kauf des Laptop schon drauf, ein Jahr konnte man das gratis nutzen. Nach Ablauf sollte es auch runter, habe dann ja Avira runtergeladen.
Habe eben versucht es zu deinstallieren, geht irgendwie nicht.
Er schreibt dann konnte nicht ausgeführt werden, Fehlerinformationen werden gesammelt, kann einige Minuten dauern.
Aber kommt irgendwie kein Ergebnis, Fenster lässt sich auch nur über Task-Manager schliessen.
Krieg ich das Programm noch irgendwie anders weg?

Und wegen den Mails: es sind hier eine Menge drauf, etliche auch mit Anhängen, Grafiken, etc.
Und das läuft bei mir links unter über Start -> Windows Mail. Ich weiß nicht, ob er die jedesmal beim starten hochlädt (sozusagen), oder ob das nur der schnelle Zugriff auf gespeicherte Daten ist.
(Hoffentlich verstehst Du meine Frage, kann mich da nicht so gut ausdrücken...)

Bis dann, Leonora.


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:11 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19