Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Langsames Internet-Trojaner? (https://www.trojaner-board.de/103214-langsames-internet-trojaner.html)

kekseloph 06.09.2011 20:43
Langsames Internet-Trojaner?
 
Hallo.

Ich habe nun seit einigen Tagen schon Probleme mit meinem Internet.
Es ist sehr langsam geworden, benötigt zum laden einer Seite oftmals fast eine Minute oder die Seite kann aufgrund der Zeitüberschreitung nicht gelesen werden. Dieses Problem kam von heute auf morgen.
Die Programme jedoch laufen ohne Probleme.
Installiert habe ich vorher nichts und deinstalliert auch nicht. Komisch finde ich auch das ich im Taskman. 67 Prozesse habe und die CPU auslastung bei rund 60% liegt.
Vor gut 4 Wochen hatte ich den Virus/Trojaner von der Bundespolizei drauf, dieser wurde jeoch von einem PC-Spezi entfernt.
Ich habe jetzt nicht groß die Ahnung von PC´s hoffe aber den Fehler mit eurer Hilfe korrigiert zu bekommen.

kira 07.09.2011 06:22
Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

2.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

3.
lade Dir HijackThis 2.0.4 von *von hier* herunter
HijackThis starten→ "Do a system scan and save a logfile" klicken→ das erhaltene Logfile "markieren" → "kopieren"→ hier in deinem Thread (rechte Maustaste) "einfügen"

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira

kekseloph 07.09.2011 19:26
Ich hoffe mal das ich alles richtig mache.
OTL-Scan

Code:
OTL logfile created on: 07.09.2011 19:51:34 - Run 1
OTL by OldTimer - Version 3.2.27.0    Folder = C:\Users\kekskuchen\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 52,35% Memory free
4,23 Gb Paging File | 3,20 Gb Available in Paging File | 75,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,50 Gb Total Space | 48,26 Gb Free Space | 34,11% Space Free | Partition Type: NTFS
Drive D: | 7,55 Gb Total Space | 2,28 Gb Free Space | 30,21% Space Free | Partition Type: NTFS
 
Computer Name: KEKSKUCHEN-PC | User Name: kekskuchen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\kekskuchen\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_FATIGAE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programme\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Programme\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Programme\HP\QuickPlay\Kernel\TV\CLSched.exe ()
PRC - C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLTinyDB.dll ()
MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLCapEngine.dll ()
MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLSchMgr.dll ()
MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll ()
MOD - C:\Programme\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll ()
MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Windows\System32\btwhidcs.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtCore4.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (LiveUpdate Notice Ex) --  File not found
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_2da1ebd.dll ()
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AdobeActiveFileMonitor8.0) -- C:\Programme\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MpKsl63e06685) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E39B3E32-378E-4AEE-BABB-AA66A1955E26}\MpKsl63e06685.sys (Microsoft Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBTTN.sys (Hewlett-Packard Company)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HdAudAddService) -- C:\Windows\System32\drivers\CHDART.sys (Conexant Systems Inc.)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (utblfilt) -- C:\Windows\System32\drivers\UTBLFILT.sys (Aiptek)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Plasmoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.52
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.1.0.01
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1.1
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=toolbar2&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.04 17:38:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.09.04 14:28:12 | 000,000,000 | ---D | M]
 
[2011.05.19 16:33:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kekskuchen\AppData\Roaming\mozilla\Extensions
[2011.09.04 17:48:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kekskuchen\AppData\Roaming\mozilla\Firefox\Profiles\vs1ecur0.default\extensions
[2010.01.27 17:13:18 | 000,002,171 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\bing.xml
[2011.02.22 23:53:11 | 000,000,881 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\conduit.xml
[2011.09.06 16:07:37 | 000,000,950 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-1.xml
[2010.04.19 18:13:34 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-2.xml
[2010.07.31 15:12:22 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-3.xml
[2010.08.08 15:58:03 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-4.xml
[2010.09.17 19:09:20 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-5.xml
[2010.10.20 20:37:53 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-6.xml
[2010.10.29 20:16:47 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-7.xml
[2010.12.11 13:19:33 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-8.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin.xml
[2011.04.28 19:42:58 | 000,001,975 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\plasmoo.xml
[2011.03.23 14:24:21 | 000,005,529 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\SearchquWebSearch.xml
[2011.09.04 13:20:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.01.27 17:12:42 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.05.26 15:53:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.07.17 12:30:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.09.04 13:20:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\KEKSKUCHEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VS1ECUR0.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2010.01.21 22:54:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.09.04 17:38:21 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.07.19 05:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.03.23 14:24:21 | 000,005,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Programme\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON SX525WD Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - HKCU..\RunOnce: [KeApplet] C:\Users\kekskuchen\AppData\Local\Temp\ke64fvkpht.exe ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\kekskuchen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9874CA31-A143-4BAC-A28E-5B367B309BAB}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D72EC74E-6DD8-4550-9E65-78DC839AB8E4}: DhcpNameServer = 192.168.25.250 194.25.2.131 81.91.162.5
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) - C:\Programme\Windows iLivid Toolbar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) - C:\Programme\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\kekskuchen\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\kekskuchen\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{0f2b9f9d-be59-11df-9649-001b24da9ad0}\Shell - "" = AutoRun
O33 - MountPoints2\{0f2b9f9d-be59-11df-9649-001b24da9ad0}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.hta
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.09.07 19:48:17 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\kekskuchen\Desktop\OTL.exe
[2011.09.06 20:59:14 | 000,000,000 | ---D | C] -- C:\Users\kekskuchen\AppData\Local\{BECB29DE-3A72-4DD9-93FF-6BAFCBF26D09}
[2011.09.06 18:38:34 | 000,000,000 | ---D | C] -- C:\Users\kekskuchen\AppData\Roaming\Epson
[2011.09.06 18:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2011.09.06 18:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2011.09.06 18:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2011.09.06 17:58:35 | 000,000,000 | ---D | C] -- C:\Users\kekskuchen\AppData\Local\ABBYY
[2011.09.06 17:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
[2011.09.06 17:51:17 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 9.0 Sprint
[2011.09.06 17:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY
[2011.09.06 17:51:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ABBYY
[2011.09.06 17:48:53 | 000,474,892 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppmon.dll
[2011.09.06 17:48:53 | 000,457,611 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppui.dll
[2011.09.06 17:48:53 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enspres.dll
[2011.09.06 17:48:53 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enpres.dll
[2011.09.06 17:48:52 | 000,474,892 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppmon.dll
[2011.09.06 17:48:52 | 000,457,611 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppui.dll
[2011.09.06 17:48:37 | 000,000,000 | ---D | C] -- C:\Users\kekskuchen\AppData\Roaming\InstallShield
[2011.09.06 17:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2011.09.06 17:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet
[2011.09.06 17:45:33 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL
[2011.09.06 17:45:25 | 000,093,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBGAE.DLL
[2011.09.06 17:45:21 | 000,063,488 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BGAE.DLL
[2011.09.06 17:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2011.09.06 17:43:49 | 000,341,504 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esw2ud.dll
[2011.09.06 17:43:49 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esdevapp.exe
[2011.09.06 17:43:49 | 000,015,872 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\escdev.dll
[2011.09.06 17:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2011.09.06 17:43:46 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2011.09.05 10:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\Inkscape
[2011.09.04 21:32:15 | 000,571,392 | ---- | C] (Benjamin Tobias Franz) -- C:\Users\kekskuchen\Desktop\BTF-Sniffer.exe
[2011.09.04 13:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.09.04 13:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.09.04 13:20:54 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.09.04 13:20:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.09.04 13:20:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.09.03 13:07:25 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.08.25 20:40:40 | 000,000,000 | ---D | C] -- C:\Users\kekskuchen\AppData\Roaming\Help
[2011.08.24 15:08:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.08.13 13:04:41 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2011.08.13 12:55:06 | 001,419,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wdfcoinstaller01005.dll
[2011.08.13 12:55:06 | 000,015,872 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys
[2011.08.13 12:54:48 | 000,000,000 | ---D | C] -- C:\Windows\QLB
[2011.08.13 12:36:30 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.08.13 12:36:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.08.13 12:36:27 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.08.13 12:36:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.08.13 12:36:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.08.13 12:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.08.13 11:09:32 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.08.13 11:09:32 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.08.13 11:09:32 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.08.13 11:09:31 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.08.13 11:09:31 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.08.13 11:09:31 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.08.13 11:09:31 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.08.13 11:09:31 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.08.13 11:09:31 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.08.13 11:09:30 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.08.13 11:09:30 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.08.13 11:09:30 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.08.13 11:09:30 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.08.13 11:09:30 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.08.13 11:09:30 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.08.13 11:09:30 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.08.13 11:09:30 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.08.13 11:09:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.08.13 11:09:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.08.13 11:09:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.08.13 11:09:30 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.08.13 11:09:29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.08.13 11:09:27 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.08.13 11:09:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.08.13 11:09:27 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.08.13 11:09:27 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.08.13 11:09:27 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.08.13 11:09:26 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.08.13 11:09:26 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.08.13 11:09:26 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.08.13 11:09:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.08.13 11:09:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.08.12 16:02:31 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.08.12 13:53:04 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.08.12 13:52:43 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.08.12 13:52:43 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.08.12 13:38:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011.08.12 13:37:00 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
 
========== Files - Modified Within 30 Days ==========
 
[2011.09.07 19:48:32 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\kekskuchen\Desktop\OTL.exe
[2011.09.07 19:43:06 | 000,032,346 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.09.07 19:43:06 | 000,032,346 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.09.07 19:43:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.07 18:01:02 | 000,000,148 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2011.09.07 17:59:57 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.07 17:59:57 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.07 17:59:46 | 2146,357,248 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.06 22:17:50 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.09.06 22:17:15 | 000,000,000 | ---- | M] () -- C:\Users\kekskuchen\defogger_reenable
[2011.09.06 18:39:50 | 000,002,631 | ---- | M] () -- C:\Users\kekskuchen\Desktop\Microsoft Office Word 2007.lnk
[2011.09.06 18:30:38 | 000,630,842 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.09.06 18:30:38 | 000,598,096 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.06 18:30:38 | 000,127,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.09.06 18:30:38 | 000,105,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.09.06 18:04:43 | 000,001,948 | ---- | M] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
[2011.09.06 18:03:03 | 000,000,306 | ---- | M] () -- C:\Windows\setup.iss
[2011.09.06 17:46:54 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\EPSON SX525WD Series Netzwerk-Handbuch.lnk
[2011.09.06 17:46:44 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\EPSON SX525WD Series Handbuch.lnk
[2011.09.06 17:43:49 | 000,000,765 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011.09.06 16:00:36 | 007,447,416 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.05 11:29:55 | 000,000,218 | ---- | M] () -- C:\Users\kekskuchen\.recently-used.xbel
[2011.09.05 10:50:42 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\Inkscape.lnk
[2011.09.05 10:21:33 | 000,012,693 | ---- | M] () -- C:\Users\kekskuchen\Desktop\fotolia_21844900.jpg
[2011.09.05 08:53:41 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.09.04 21:41:19 | 238,910,012 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.09.04 13:26:52 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.27 22:22:51 | 000,045,568 | ---- | M] () -- C:\Users\kekskuchen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.13 13:07:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011.08.13 13:06:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011.08.13 12:23:22 | 000,027,810 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\nvModes.001
[2011.08.13 11:09:44 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.08.13 11:09:44 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.08.13 11:09:32 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.08.13 11:09:32 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.08.13 11:09:32 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.08.13 11:09:32 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.08.13 11:09:31 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.08.13 11:09:31 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.08.13 11:09:31 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.08.13 11:09:31 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.08.13 11:09:31 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.08.13 11:09:30 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.08.13 11:09:30 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.08.13 11:09:30 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.08.13 11:09:30 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.08.13 11:09:30 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.08.13 11:09:30 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.08.13 11:09:30 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.08.13 11:09:30 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.08.13 11:09:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.08.13 11:09:30 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.08.13 11:09:30 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.08.13 11:09:30 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.08.13 11:09:30 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.08.13 11:09:29 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.08.13 11:09:27 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.08.13 11:09:27 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.08.13 11:09:27 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.08.13 11:09:27 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.08.13 11:09:27 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.08.13 11:09:26 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.08.13 11:09:26 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.08.13 11:09:26 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.08.13 11:09:26 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.08.13 11:09:26 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.08.13 03:14:12 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.08.12 13:35:35 | 000,027,810 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\nvModes.dat
 
========== Files Created - No Company Name ==========
 
[2011.09.06 21:46:02 | 000,000,000 | ---- | C] () -- C:\Users\kekskuchen\defogger_reenable
[2011.09.06 18:04:43 | 000,001,948 | ---- | C] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
[2011.09.06 18:02:48 | 000,000,306 | ---- | C] () -- C:\Windows\setup.iss
[2011.09.06 17:46:54 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\EPSON SX525WD Series Netzwerk-Handbuch.lnk
[2011.09.06 17:46:44 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\EPSON SX525WD Series Handbuch.lnk
[2011.09.06 17:43:49 | 000,000,765 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011.09.05 11:29:55 | 000,000,218 | ---- | C] () -- C:\Users\kekskuchen\.recently-used.xbel
[2011.09.05 10:51:19 | 000,000,848 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
[2011.09.05 10:50:42 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\Inkscape.lnk
[2011.09.05 10:21:52 | 000,012,693 | ---- | C] () -- C:\Users\kekskuchen\Desktop\fotolia_21844900.jpg
[2011.09.04 21:41:19 | 238,910,012 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.09.04 13:26:52 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.13 13:07:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011.08.13 13:06:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011.08.13 13:04:51 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011.08.13 12:35:18 | 000,032,346 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011.08.13 12:35:17 | 000,032,346 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011.08.13 11:09:30 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.08.12 13:39:47 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.08.12 13:38:26 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2010.10.26 20:12:02 | 000,049,152 | ---- | C] () -- C:\Windows\System32\tblmouse.exe
[2010.10.26 20:11:59 | 000,049,152 | ---- | C] () -- C:\Windows\System32\Funckey.dll
[2010.10.26 20:11:56 | 000,002,962 | ---- | C] () -- C:\Windows\aiptbl.ini
[2010.08.15 22:19:45 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.08.15 21:49:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.08.15 21:49:25 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.03.27 22:48:58 | 000,008,402 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2010.01.19 17:35:12 | 000,146,187 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010.01.19 17:34:59 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010.01.18 20:56:09 | 000,002,648 | ---- | C] () -- C:\Users\kekskuchen\AppData\Roaming\wklnhst.dat
[2010.01.16 15:22:15 | 000,027,810 | ---- | C] () -- C:\Users\kekskuchen\AppData\Roaming\nvModes.dat
[2010.01.16 15:22:15 | 000,027,810 | ---- | C] () -- C:\Users\kekskuchen\AppData\Roaming\nvModes.001
[2010.01.16 15:16:15 | 000,045,568 | ---- | C] () -- C:\Users\kekskuchen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.16 14:57:06 | 000,007,592 | ---- | C] () -- C:\Users\kekskuchen\AppData\Local\d3d9caps.dat
[2009.01.22 19:15:42 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007.08.21 19:33:05 | 000,111,045 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007.08.21 18:21:17 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2007.03.29 13:42:38 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.02.27 22:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006.12.14 08:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006.12.14 08:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006.11.02 17:33:31 | 000,630,842 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,127,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 007,447,416 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,598,096 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,105,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.10 02:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005.05.07 14:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2005.04.03 22:30:00 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll
[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1998.05.07 03:10:00 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll

< End of report >
Hier die txt Datei von CCleaner


Code:
ABBYY FineReader 9.0 Sprint        ABBYY        05.09.2011        174,6MB        9.01.513.58212
Acrobat.com        Adobe Systems Incorporated        18.05.2011        1,70MB        1.2.443
Activation Assistant for the 2007 Microsoft Office suites        Microsoft Corporation        21.01.2009        14,0MB       
Adobe AIR        Adobe Systems Inc.        25.10.2010        30,7MB        1.5.3.9120
Adobe Community Help        Adobe Systems Incorporated        25.10.2010        2,52MB        3.0.0.400
Adobe Creative Suite 4 Master Collection        Adobe Systems Incorporated        18.05.2011        236MB        4.0
Adobe Flash Player 10 ActiveX        Adobe Systems, Inc.        18.05.2011        1,96MB        10.0.2.54
Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        04.09.2011                10.3.183.7
Adobe Flash Player 9 ActiveX        Adobe Systems Incorporated        21.01.2009                9
Adobe Media Player        Adobe Systems Incorporated        25.10.2010        2,70MB        1.8
Adobe Photoshop Elements 8.0        Adobe Systems Incorporated        18.11.2010        1.527MB        8.0
Adobe Photoshop.com Inspiration Browser        Adobe Systems Incorporated        18.11.2010        2,54MB        3.04
Adobe Reader 8 - Deutsch        Adobe Systems Incorporated        20.08.2007        90,9MB        8.0.0
Akamai NetSession Interface                22.08.2010        4,35MB       
Apple Software Update        Apple Inc.        21.12.2010        2,26MB        2.1.2.120
CCleaner        Piriform        03.09.2011        4,02MB        3.10
Conexant HD Audio        Conexant        12.08.2011        0,98MB        4.36.7.61
Die ersten 10 Jahre                29.03.2010        4.313MB        1.00.0000
DVDVideoSoftTB Toolbar                21.02.2011        2,49MB       
Epson Easy Photo Print 2        SEIKO EPSON CORPORATION        05.09.2011        128,6MB        2.2.3.0
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)        SEIKO EPSON CORPORATION        05.09.2011        0,36MB        1.00.0000
Epson Event Manager        SEIKO EPSON CORPORATION        05.09.2011        38,8MB        2.40.0001
EPSON Scan        Seiko Epson Corporation        05.09.2011        18,9MB       
EPSON SX525WD Series Handbuch                05.09.2011        10,9MB       
EPSON SX525WD Series Netzwerk-Handbuch                05.09.2011        10,9MB       
EPSON SX525WD Series Printer Uninstall        SEIKO EPSON Corporation        05.09.2011               
EpsonNet Print        SEIKO EPSON CORPORATION        05.09.2011        4,33MB        2.4i
EpsonNet Setup 3.3        SEIKO EPSON CORPORATION        05.09.2011        32,7MB        3.3a
ESU for Microsoft Vista        Hewlett-Packard        20.08.2007        3,50MB        2.0.5.1
Free Audio CD Burner version 1.4.8        DVDVideoSoft Limited.        27.05.2011        3,02MB       
Free Studio version 4.2        DVDVideoSoft Limited.        17.01.2010        68,5MB       
Free YouTube to MP3 Converter version 3.9.38.517        DVDVideoSoft Limited.        27.05.2011        3,48MB       
HDAUDIO Soft Data Fax Modem with SmartCP                12.08.2011        0,76MB       
HP Customer Experience Enhancements        Hewlett-Packard        20.08.2007        0,98MB        5.1.0.2278
HP Easy Setup - Frontend        Hewlett-Packard        20.08.2007        1,94MB        5.1.0.2279
HP Integrated Module with Bluetooth wireless technology 6.0.1.4900        HP        21.01.2009        40,8MB        6.0.1.4900
HP Photosmart Essential        HP        18.01.2010        10,2MB        1.12.0.46
HP Photosmart Essential 2.0        HP        21.01.2009        1,37MB        2.0
HP Quick Launch Buttons        Hewlett-Packard Company        12.08.2011        16,8MB        6.50.14.1
HP QuickPlay 3.2                21.01.2009        7,67MB       
HP Update        Hewlett-Packard        20.08.2007        3,57MB        4.000.005.007
HP Wireless Assistant        Hewlett-Packard        20.08.2007        3,94MB        3.00 F1
HPSSupply        Ihr Firmenname        18.01.2010        0,96MB        2.1.3.0000
Inkscape 0.48.1                05.09.2011                0.48.1
Java(TM) 6 Update 27        Sun Microsystems, Inc.        25.05.2010        94,5MB        6.0.270
Java(TM) SE Runtime Environment 6        Sun Microsystems, Inc.        20.08.2007        115,2MB        1.6.0.0
Linotype FontExplorer X Public Beta        Linotype Gmbh        09.12.2010        39,0MB        0.9.1.2250
LiveUpdate 3.2 (Symantec Corporation)        Symantec Corporation        16.01.2010        13,7MB        3.2.0.68
LiveUpdate Notice (Symantec Corporation)        Symantec Corporation        16.01.2010        7,59MB        1.4.5
LucasArts' Curse of Monkey Island                15.01.2010        1,80MB       
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU        Microsoft Corporation        20.01.2010        37,0MB       
Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        19.01.2010        37,0MB       
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        31.08.2010        120,3MB        4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        31.08.2010        24,5MB        4.0.30319
Microsoft Office Enterprise 2007        Microsoft Corporation        12.05.2010        643MB        12.0.6425.1000
Microsoft Office File Validation Add-In        Microsoft Corporation        12.08.2011        7,92MB        14.0.5130.5003
Microsoft Security Essentials        Microsoft Corporation        12.08.2011        17,9MB        2.1.1116.0
Microsoft Silverlight        Microsoft Corporation        11.08.2011        40,2MB        4.0.60531.0
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        05.09.2011        0,33MB        8.0.59193
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        13.06.2011        0,58MB        9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        17.03.2011        0,23MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        10.04.2010        0,58MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        14.06.2011        0,58MB        9.0.30729.6161
Microsoft Visual Studio Tools for Applications 2.0 - ENU        Microsoft Corporation        14.06.2011        213MB        9.0.30729
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU        Microsoft Corporation        31.08.2010        96,0MB        9.0.30729
Microsoft Visual Studio Tools for Applications 2.0 Runtime        Microsoft Corporation        31.08.2010        0,15MB        9.0.30729
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU        Microsoft Corporation        31.08.2010        0,22MB        9.0.30729
Mozilla Firefox 6.0.1 (x86 de)        Mozilla        03.09.2011        35,6MB        6.0.1
MSCU for Microsoft Vista        Hewlett-Packard        20.08.2007        72,9MB        1.0.1.3
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        17.01.2010        35,00KB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        17.01.2010        1,34MB        4.20.9876.0
NVIDIA Drivers        NVIDIA Corporation        12.08.2011                1.10
Pad 9570 Driver                25.10.2010        4,00KB       
Pando Media Booster        Pando Networks Inc.        18.01.2011        7,14MB        2.3.5.2
Pidgin                18.11.2010        51,0MB        2.7.5
Roxio Creator Audio        Roxio        20.08.2007        3,79MB        3.4.0
Roxio Creator Basic v9        Roxio        20.08.2007        25,9MB        3.4.0
Roxio Creator Copy        Roxio        20.08.2007        0,65MB        3.4.0
Roxio Creator Data        Roxio        20.08.2007        0,88MB        3.4.0
Roxio Creator EasyArchive        Roxio        20.08.2007        1,50MB        3.4.0
Roxio Creator Tools        Roxio        20.08.2007        0,35MB        3.4.0
Roxio Express Labeler 3        Roxio        20.08.2007        18,1MB        3.2.1
Roxio MyDVD Basic v9        Roxio        20.08.2007        302MB        9.0.551
Softonic_Deutsch Toolbar                18.04.2010        2,44MB       
Synaptics Pointing Device Driver        Synaptics Incorporated        12.08.2011        12,8MB        15.0.17.4
Uninstall 1.0.0.1                27.05.2011        42,2MB       
VLC media player 1.0.3        VideoLAN Team        23.01.2010        73,1MB        1.0.3
Windows iLivid Toolbar        Bandoo Media, Inc        18.05.2011        8,46MB        2.5.0.103268
Windows Live Essentials        Microsoft Corporation        05.08.2011                15.4.3538.0513
WinRAR                17.03.2010        3,79MB

Zu HijackThis 2.0.4. Wie kann ich dort makieren oder mache ich was falsch?

Gruß

kira 08.09.2011 05:36
Zitat:
Zitat von kekseloph (Beitrag 700363)
Zu HijackThis 2.0.4. Wie kann ich dort makieren oder mache ich was falsch?
HijackThis starten→ "Do a system scan and save a logfile" klicken (dann ein bisschen warten) → das erhaltene Logfile ...eine Textdatei (Logdatei) wird automatisch erstellt, die in Deinem Fall im Desktop liegen sollte. Inhalt markieren [STRG]+[A] -> [STRG]+[C] (Kopieren) oder Rechtsklick "Kopieren" wählen-> mit Rechtsklick hier in deinem Thread "Einfügen"

kekseloph 08.09.2011 15:16
Komisch, neulich konnte ich nix kopieren. Naja egal jetzt ging es :)
HijackThis v2.0.4

Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:14:01, on 08.09.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIGAE.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Users\kekskuchen\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\ToolBar\searchqudtx.dll
O2 - BHO: UrlHelper Class - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\ToolBar\searchqudtx.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON SX525WD Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGAE.EXE /FU "C:\Windows\TEMP\E_SD126.tmp" /EF "HKCU"
O4 - HKCU\..\RunOnce: [KeApplet] C:\Users\kekskuchen\AppData\Local\Temp\ke64fvkpht.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\kekskuchen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10791 bytes

kira 09.09.2011 10:42
1.
deinstalliere wenn nicht absichtlich installiert hast bzw nicht benötigst (Browserbremser):
Zitat:
DVDVideoSoftTB Toolbar
Softonic_Deutsch Toolbar
2.
Du hast MSE als Virenschutz, Symantec/Norton (Reste?) benötigst nicht mehr denke ich:
Zitat:
LiveUpdate 3.2 (Symantec Corporation) Symantec Corporation 16.01.2010 13,7MB 3.2.0.68
LiveUpdate Notice (Symantec Corporation) Symantec Corporation 16.01.2010 7,59MB 1.4.5
►[U] Removal Tools oder Deinstallationsanleitungen für diverse Antiviren Software :
-> Removal Tools oder Deinstallationsanleitungen für diverse Antiviren Software
AV Deinstallations Hinweise

3.
Adobe Reader aktualisieren :
- Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus")
Adobe Reader
Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..."

4.
reinige dein System mit Ccleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

5.
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
:OTL
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultenginename: "Plasmoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "http://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.1.0.01
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=toolbar2&q="
[2010.01.27 17:13:18 | 000,002,171 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\bing.xml
[2011.02.22 23:53:11 | 000,000,881 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\conduit.xml
[2010.04.19 18:13:34 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-2.xml
[2010.07.31 15:12:22 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-3.xml
[2010.08.08 15:58:03 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-4.xml
[2010.09.17 19:09:20 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-5.xml
[2010.10.20 20:37:53 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-6.xml
[2010.10.29 20:16:47 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-7.xml
[2010.12.11 13:19:33 | 000,000,961 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin-8.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\icqplugin.xml
[2011.04.28 19:42:58 | 000,001,975 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\plasmoo.xml
[2011.03.23 14:24:21 | 000,005,529 | ---- | M] () -- C:\Users\kekskuchen\AppData\Roaming\Mozilla\Firefox\Profiles\vs1ecur0.default\searchplugins\SearchquWebSearch.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.03.23 14:24:21 | 000,005,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Programme\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O4 - HKCU..\RunOnce: [KeApplet] C:\Users\kekskuchen\AppData\Local\Temp\ke64fvkpht.exe ()
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0f2b9f9d-be59-11df-9649-001b24da9ad0}\Shell - "" = AutoRun
O33 - MountPoints2\{0f2b9f9d-be59-11df-9649-001b24da9ad0}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.hta

:Commands
[purity]
[emptytemp]

6.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:11 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131