Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trojan.Spyeyes, Taskmanager nicht mehr auffindbar, Acrobat Reader funktioniert nicht mehr (https://www.trojaner-board.de/104004-trojan-spyeyes-taskmanager-mehr-auffindbar-acrobat-reader-funktioniert-mehr.html)

reischa 09.10.2011 18:47
Trojan.Spyeyes, Taskmanager nicht mehr auffindbar, Acrobat Reader funktioniert nicht mehr
 
Hallo,

ich habe ein Problem. Ich habe mir scheinbar Trojaner gefangen.
Zunächst funktionierte (scheinbar?) mein Acrobat Reader nicht mehr. Nach Ctrl-Alt Entf war dann plötzlich mein Taskmanager nicht da.

Leider habe ich keine Ahnung wie ich damit umzugehen habe.

Zuerst habe ich Avira scannen lassen. Hier das Logfile:

**********************************************************************



Premium Security Suite
Erstellungsdatum der Reportdatei: Sonntag, 9. Oktober 2011 17:29

Es wird nach 3371019 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Reinhard Schauerte
Seriennummer : 2214943192-ISECE-0000001
Plattform : Windows Vista
Windowsversion : (Service Pack 2) [6.0.6002]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : REINHARD-PC

Versionsinformationen:
BUILD.DAT : 10.2.0.671 43196 Bytes 29.08.2011 16:02:00
AVSCAN.EXE : 10.3.0.7 484008 Bytes 09.07.2011 16:32:55
AVSCAN.DLL : 10.0.5.0 57192 Bytes 09.07.2011 16:32:55
LUKE.DLL : 10.3.0.5 45416 Bytes 09.07.2011 16:33:09
LUKERES.DLL : 10.0.0.0 13672 Bytes 09.07.2011 16:33:09
AVSCPLR.DLL : 10.3.0.7 119656 Bytes 09.07.2011 16:33:19
AVREG.DLL : 10.3.0.9 88833 Bytes 12.07.2011 18:37:50
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 06:35:52
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 17:13:52
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09.02.2011 18:07:19
VBASE003.VDF : 7.11.5.225 1980416 Bytes 07.04.2011 09:06:22
VBASE004.VDF : 7.11.8.178 2354176 Bytes 31.05.2011 18:47:42
VBASE005.VDF : 7.11.10.251 1788416 Bytes 07.07.2011 18:24:41
VBASE006.VDF : 7.11.13.60 6411776 Bytes 16.08.2011 15:40:35
VBASE007.VDF : 7.11.15.106 2389504 Bytes 05.10.2011 17:30:22
VBASE008.VDF : 7.11.15.107 2048 Bytes 05.10.2011 17:30:22
VBASE009.VDF : 7.11.15.108 2048 Bytes 05.10.2011 17:30:22
VBASE010.VDF : 7.11.15.109 2048 Bytes 05.10.2011 17:30:22
VBASE011.VDF : 7.11.15.110 2048 Bytes 05.10.2011 17:30:22
VBASE012.VDF : 7.11.15.111 2048 Bytes 05.10.2011 17:30:22
VBASE013.VDF : 7.11.15.144 161792 Bytes 07.10.2011 15:50:42
VBASE014.VDF : 7.11.15.145 2048 Bytes 07.10.2011 15:50:42
VBASE015.VDF : 7.11.15.146 2048 Bytes 07.10.2011 15:50:42
VBASE016.VDF : 7.11.15.147 2048 Bytes 07.10.2011 15:50:42
VBASE017.VDF : 7.11.15.148 2048 Bytes 07.10.2011 15:50:42
VBASE018.VDF : 7.11.15.149 2048 Bytes 07.10.2011 15:50:42
VBASE019.VDF : 7.11.15.150 2048 Bytes 07.10.2011 15:50:42
VBASE020.VDF : 7.11.15.151 2048 Bytes 07.10.2011 15:50:42
VBASE021.VDF : 7.11.15.152 2048 Bytes 07.10.2011 15:50:42
VBASE022.VDF : 7.11.15.153 2048 Bytes 07.10.2011 15:50:42
VBASE023.VDF : 7.11.15.154 2048 Bytes 07.10.2011 15:50:42
VBASE024.VDF : 7.11.15.155 2048 Bytes 07.10.2011 15:50:42
VBASE025.VDF : 7.11.15.156 2048 Bytes 07.10.2011 15:50:42
VBASE026.VDF : 7.11.15.157 2048 Bytes 07.10.2011 15:50:42
VBASE027.VDF : 7.11.15.158 2048 Bytes 07.10.2011 15:50:42
VBASE028.VDF : 7.11.15.159 2048 Bytes 07.10.2011 15:50:42
VBASE029.VDF : 7.11.15.160 2048 Bytes 07.10.2011 15:50:42
VBASE030.VDF : 7.11.15.161 2048 Bytes 07.10.2011 15:50:42
VBASE031.VDF : 7.11.15.169 61440 Bytes 07.10.2011 15:50:42
Engineversion : 8.2.6.80
AEVDF.DLL : 8.1.2.1 106868 Bytes 29.07.2010 18:26:09
AESCRIPT.DLL : 8.1.3.81 467322 Bytes 04.10.2011 18:33:20
AESCN.DLL : 8.1.7.2 127349 Bytes 22.11.2010 18:20:20
AESBX.DLL : 8.2.1.34 323957 Bytes 07.06.2011 17:57:50
AERDL.DLL : 8.1.9.15 639348 Bytes 10.09.2011 01:02:19
AEPACK.DLL : 8.2.10.11 684408 Bytes 26.09.2011 17:09:51
AEOFFICE.DLL : 8.1.2.15 201083 Bytes 18.09.2011 11:03:45
AEHEUR.DLL : 8.1.2.177 3744120 Bytes 08.10.2011 15:50:44
AEHELP.DLL : 8.1.17.7 254327 Bytes 30.07.2011 08:27:33
AEGEN.DLL : 8.1.5.9 401780 Bytes 28.08.2011 11:15:43
AEEMU.DLL : 8.1.3.0 393589 Bytes 22.11.2010 18:18:49
AECORE.DLL : 8.1.23.0 196983 Bytes 28.08.2011 11:15:43
AEBB.DLL : 8.1.1.0 53618 Bytes 30.04.2010 17:47:21
AVWINLL.DLL : 10.0.0.0 19304 Bytes 09.07.2011 16:32:46
AVPREF.DLL : 10.0.3.2 44904 Bytes 09.07.2011 16:32:55
AVREP.DLL : 10.0.0.10 174120 Bytes 09.07.2011 16:33:18
AVARKT.DLL : 10.0.26.1 255336 Bytes 09.07.2011 16:32:51
AVEVTLOG.DLL : 10.0.0.9 203112 Bytes 09.07.2011 16:32:52
SQLITE3.DLL : 3.6.19.0 355688 Bytes 09.07.2011 16:33:12
AVSMTP.DLL : 10.0.0.17 63848 Bytes 09.07.2011 16:32:56
NETNT.DLL : 10.0.0.0 11624 Bytes 09.07.2011 16:33:10
RCIMAGE.DLL : 10.0.0.33 2901352 Bytes 09.07.2011 16:32:47
RCTEXT.DLL : 10.0.63.0 98664 Bytes 09.07.2011 16:32:47

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +JOKE,+PCK,+PFS,

Beginn des Suchlaufs: Sonntag, 9. Oktober 2011 17:29

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'SearchFilterHost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'msiexec.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'AcroRd32.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'AcroRd32.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'AcroRd32.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'PKey_Pro.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'NclRSSrv.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'NclUSBSrv.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'AcroRd32.exe' - '125' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLUTrayNotifier.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnscfg.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'ServiceLayer.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPHelper.exe' - '13' Modul(e) wurden durchsucht
Durchsuche Prozess 'ouc.exe' - '4' Modul(e) wurden durchsucht
Durchsuche Prozess 'AVWEBGRD.EXE' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'avmailc.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'ONENOTEM.EXE' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleToolbarNotifier.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'p2phost.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchSettings.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'DataLayer.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'LaunchApplication.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'OpWareSE4.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'GrooveMonitor.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasySpeedUpManager.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasyBatteryMgr3.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'dmhkcore.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtHDVCpl.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'MagicDoctorKbdHk.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'DCSHelper.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '154' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'sqlwriter.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'sqlbrowser.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'RegSrvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'NASvc.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'IJPLMSVC.EXE' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'EvtEng.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'DCService.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'BcmSqlStartupSvc.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'ApplicationUpdater.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'avfwsvc.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '161' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD1
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '577' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\Users\Reinhard\AppData\Local\temp\wpbt0.dll
[FUND] Ist das Trojanische Pferd TR/FakeSysdef.506
Beginne mit der Suche in 'D:\'

Beginne mit der Desinfektion:
C:\Users\Reinhard\AppData\Local\temp\wpbt0.dll
[FUND] Ist das Trojanische Pferd TR/FakeSysdef.506
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4ba36a2b.qua' verschoben!


Ende des Suchlaufs: Sonntag, 9. Oktober 2011 18:37
Benötigte Zeit: 1:05:32 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

22515 Verzeichnisse wurden überprüft
360239 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
360238 Dateien ohne Befall
2862 Archive wurden durchsucht
0 Warnungen
1 Hinweise
630083 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden

**************************************************************************


Malwarebytes habe ich gerade laufen lassen. Hier das Logfile:



**************************************************************************

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7908

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

09.10.2011 19:39:17
mbam-log-2011-10-09 (19-39-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 297135
Laufzeit: 51 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 1
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4E3E0230AEBB4E96 (Trojan.SpyEyes) -> Value: 4E3E0230AEBB4E96 -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Recycle.Bin\config.bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.


**********************************************************

Was muss ich noch tun?
Vielen Dank schon mal für Eure Bemühungen!!!

Reinhard

kira 10.10.2011 06:39
Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

2.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
gruß
kira

reischa 10.10.2011 17:13
Hallo, hier die Logfiles:

OTL.txt:

OTL Logfile:
Code:
OTL logfile created on: 10.10.2011 17:37:26 - Run 4
OTL by OldTimer - Version 3.2.29.1    Folder = C:\Users\Reinhard\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 57,03% Memory free
6,21 Gb Paging File | 4,78 Gb Available in Paging File | 77,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,09 Gb Total Space | 49,80 Gb Free Space | 49,76% Space Free | Partition Type: NTFS
Drive D: | 188,00 Gb Total Space | 148,13 Gb Free Space | 78,79% Space Free | Partition Type: NTFS
 
Computer Name: REINHARD-PC | User Name: Reinhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Reinhard\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\ProgramData\DatacardService\DCService.exe ()
PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Users\Reinhard\AppData\Roaming\T-Mobile Internet Manager\ouc.exe (Huawei Technologies Co., Ltd.)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe ()
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe ()
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe ()
PRC - C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe (WareCentral.com)
PRC - C:\Windows\System32\p2phost.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe ()
PRC - C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe (Nokia Mobile Phones Ltd.)
PRC - C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe ()
MOD - C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe ()
MOD - C:\Program Files\Samsung\Samsung PC Studio 7\PhoneBrowser.dll ()
MOD - C:\Program Files\Samsung\Samsung PC Studio 7\Lang\PhoneBrowser_ger.NLR ()
MOD - C:\Program Files\Common Files\PCSuite\DataLayer\Lang\DataLayer_ger.NLR ()
MOD - C:\Program Files\Samsung\Samsung PC Studio 7\PCSCM.dll ()
MOD - C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll ()
MOD - C:\Program Files\Samsung\EasySpeedUpManager\HookDllPS2.dll ()
MOD - C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (AntiVirFirewallService) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (DCService.exe) -- C:\ProgramData\DatacardService\DCService.exe ()
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (Samsung Update Plus) -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avfwot) -- C:\Windows\System32\drivers\avfwot.sys (Avira GmbH)
DRV - (avfwim) -- C:\Windows\System32\drivers\avfwim.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (huawei_cdcacm) -- C:\Windows\System32\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (tcpipBM) -- C:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (BMLoad) -- C:\Windows\system32\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (VMC302) -- C:\Windows\System32\drivers\vmc302.sys (Vimicro Corporation)
DRV - (iaNvStor) Intel(R) -- C:\Windows\system32\DRIVERS\iaNvStor.sys (Intel Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (TridVid) -- C:\Windows\System32\drivers\tridvid.sys (10moons Technologies Co.,Ltd)
DRV - (nmwcdsa) -- C:\Windows\System32\drivers\nmwcdsa.sys (Nokia)
DRV - (nmwcdsacm) -- C:\Windows\System32\drivers\nmwcdsacm.sys (Nokia)
DRV - (nmwcdsacj) -- C:\Windows\System32\drivers\nmwcdsacj.sys (Nokia)
DRV - (nmwcdsac) -- C:\Windows\System32\drivers\nmwcdsac.sys (Nokia)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (DSDrv4) -- C:\Program Files\DScaler\DSDrv4.sys ()
DRV - (MLPTDR_C) -- C:\Windows\System32\MLPTDR_C.SYS (Minolta Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://dict.leo.org/
IE - HKCU\..\URLSearchHook: {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files\FreeRIP Toolbar\IE\4.5\freeripToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2011.08.08 18:42:41 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2011.04.27 16:07:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files\FreeRIP Toolbar\IE\4.5\freeripToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files\FreeRIP Toolbar\IE\4.5\freeripToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe (Nokia Mobile Phones Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [S60TrayApplication] C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6EE64C0-691D-4DB2-B089-840E422C0194}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4261174-F54D-4EFC-90D8-D987931A9D54}: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.10.09 18:41:47 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\Malwarebytes
[2011.10.09 18:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.09 18:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.09 18:41:32 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.10.09 18:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.10.09 17:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintKey-Pro
[2011.10.09 17:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Warecentral
[2010.10.15 10:11:22 | 001,668,392 | ---- | C] (Microsoft Corporation) -- C:\Program Files\NM30.EXE
 
========== Files - Modified Within 30 Days ==========
 
[2011.10.10 17:39:13 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.10 17:37:35 | 000,704,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.10.10 17:37:35 | 000,650,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.10.10 17:37:35 | 000,127,188 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.10.10 17:37:34 | 000,156,174 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.10.10 17:35:38 | 000,031,909 | ---- | M] () -- C:\Users\Reinhard\Documents\85104-otl-otlogfile-oldtimer.htm
[2011.10.10 17:31:08 | 000,221,936 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.10.10 17:30:49 | 000,002,429 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrintKey-Pro.lnk
[2011.10.10 17:30:45 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011.10.10 17:30:43 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.10 17:30:35 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.10 17:30:34 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.10 17:30:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.10 17:30:24 | 3215,572,992 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.09 21:50:34 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.10.09 19:51:41 | 000,221,936 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.10.09 17:24:25 | 000,261,850 | ---- | M] () -- C:\Users\Reinhard\Documents\Schienennetzplan_69_03_2011.pdf
[2011.10.09 17:18:18 | 000,002,591 | ---- | M] () -- C:\Users\Reinhard\Desktop\Microsoft Office Word 2007.lnk
 
========== Files Created - No Company Name ==========
 
[2011.10.10 17:35:56 | 000,031,909 | ---- | C] () -- C:\Users\Reinhard\Documents\85104-otl-otlogfile-oldtimer.htm
[2011.10.09 17:24:28 | 000,261,850 | ---- | C] () -- C:\Users\Reinhard\Documents\Schienennetzplan_69_03_2011.pdf
[2011.10.09 17:17:22 | 000,002,429 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrintKey-Pro.lnk
[2011.07.17 11:25:44 | 000,004,479 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.07.17 11:25:25 | 000,001,492 | ---- | C] () -- C:\ProgramData\ss.ini
[2011.04.28 15:58:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.04.28 15:57:44 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.04.27 16:03:24 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.04.27 16:03:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.04.27 16:03:24 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.04.27 16:03:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.04.27 16:03:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.10.15 09:26:41 | 000,024,206 | ---- | C] () -- C:\Users\Reinhard\AppData\Roaming\UserTile.png
[2010.03.01 22:30:44 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.10.11 17:46:55 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\VendorCmdRW.dll
[2009.10.11 17:46:39 | 000,028,672 | ---- | C] () -- C:\Windows\System32\VendorCmdRW.dll
[2009.05.15 20:59:09 | 000,017,408 | ---- | C] () -- C:\Users\Reinhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.11 17:44:53 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009.03.22 12:55:16 | 000,000,617 | ---- | C] () -- C:\Windows\Emu48.ini
[2008.11.10 01:46:04 | 000,221,936 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.11.10 01:45:59 | 000,221,936 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.09.12 21:41:06 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.09.12 06:03:48 | 000,001,670 | ---- | C] () -- C:\Windows\HotFixList.ini
[2008.09.12 06:03:25 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2008.09.12 06:03:06 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2008.09.12 06:03:06 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2008.09.12 05:56:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe
[2008.09.12 05:56:00 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe
[2008.09.12 05:54:39 | 000,172,032 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2008.09.11 17:12:00 | 000,704,866 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.09.11 17:12:00 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.09.11 17:12:00 | 000,156,174 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.09.11 17:12:00 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.09.11 17:02:18 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.02.09 18:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe
[2007.02.26 09:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\System32\imagine digital freedom.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,377,048 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,650,552 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,127,188 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002.10.10 14:09:52 | 000,022,040 | ---- | C] () -- C:\Windows\MSTMON_C.INI
[2002.09.03 21:38:42 | 000,032,768 | ---- | C] () -- C:\Windows\System32\MCMM___C.DLL
[2002.09.03 17:38:02 | 000,010,242 | ---- | C] () -- C:\Windows\MSUMLT_C.INI
[2001.11.14 05:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:A5B56640
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:06A7F9ED

< End of report >
--- --- ---

[/code]

Extra.TXT:

OTL Logfile:
Code:
OTL Extras logfile created on: 10.10.2011 17:37:26 - Run 4
OTL by OldTimer - Version 3.2.29.1    Folder = C:\Users\Reinhard\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 57,03% Memory free
6,21 Gb Paging File | 4,78 Gb Available in Paging File | 77,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,09 Gb Total Space | 49,80 Gb Free Space | 49,76% Space Free | Partition Type: NTFS
Drive D: | 188,00 Gb Total Space | 148,13 Gb Free Space | 78,79% Space Free | Partition Type: NTFS
 
Computer Name: REINHARD-PC | User Name: Reinhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F4CFD2-E1DA-4321-8E38-E5A1C15B688F}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{07429F46-517D-4558-BB77-2102DF0AC4A6}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{12A22832-A60C-4D40-9B79-7CE446D414C3}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{13F24517-A679-480A-8281-4B94C8CFCC92}" = rport=139 | protocol=6 | dir=out | app=system |
"{14315AEE-9EDC-4179-AE23-992AEE7822A6}" = lport=139 | protocol=6 | dir=in | app=system |
"{14342C58-2D7D-4B98-9EE1-8BDFE096B036}" = rport=5358 | protocol=6 | dir=out | app=system |
"{17F32EB5-47EB-4A25-BC68-F53A0100A974}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{1901E616-DDFA-4B10-8BDD-3AED50F3E06F}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{2043F52E-C031-4B7D-9B7D-EBBC90302A4C}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{209EA8D2-253E-4B80-ADD4-0A5014455AD2}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{23E84EB8-EA38-4083-95F1-CD4453F9A02B}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{306F8DD5-045C-4967-8594-A703435FA82E}" = rport=138 | protocol=17 | dir=out | app=system |
"{43810252-DADC-485B-8827-E130BAE3733B}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{44A5D88A-21D7-4363-8AD4-FBDAE64E6ED0}" = lport=445 | protocol=6 | dir=in | app=system |
"{45472588-FAC0-47CB-AFD9-63D6BB69FAFD}" = lport=137 | protocol=17 | dir=in | app=system |
"{45491F36-811B-466A-A44D-4CFD2F792F23}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{484B02A4-7099-490F-A89D-F631DAAC5B96}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{4A7D91CE-11C1-4456-BD92-2D38DF8050DB}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{4BF367EB-4124-465C-8DB0-7DE190A817D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4D3C5B61-FB12-4C5A-826A-1B89894ADB02}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{4D62F391-020D-4945-8669-C3C5B55696B9}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{68EDB7CD-9198-4827-82CC-43C13D1607AB}" = lport=138 | protocol=17 | dir=in | app=system |
"{6D0970F8-EF4B-497A-B36E-B3DCAC03A14B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7282780A-3655-40D1-AA88-6F97B2EBDC66}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{7ADC6558-348E-431A-91C8-CBCD109AB739}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{8AB16911-0D7B-41C8-977D-44BC5C4BE206}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8B016B59-AE6A-4DD9-AE33-2BDB635F60FB}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{8CA2B3BF-01CF-4182-BDF1-89A96DA9BB0B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8EEA17F3-031A-48A3-9803-0AB37234ED96}" = rport=5357 | protocol=6 | dir=out | app=system |
"{8F0C27DC-B7FB-4E4C-A93D-B81AE62C55C1}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{A134E267-D1DC-4A49-9EF6-62F63F0A248A}" = lport=5358 | protocol=6 | dir=in | app=system |
"{C078CEAB-9E2C-4AA7-BF39-41191040A91F}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{CD97FB65-BE4A-4E4F-8670-A5511B9A207D}" = rport=137 | protocol=17 | dir=out | app=system |
"{DF35A2C2-F78B-4BD9-B318-DD07F89D9ADB}" = rport=445 | protocol=6 | dir=out | app=system |
"{DFD72D7D-8E3A-4845-B3FF-C8D14BA5D255}" = lport=5357 | protocol=6 | dir=in | app=system |
"{E248DC6D-01A3-4C13-8C37-CD4673FB0046}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{E5E99007-82B8-4FF4-87BA-352B2CAA4D60}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EAA3D75C-C09B-4919-B619-49A17907D068}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EFC56220-B481-4260-88A3-AD02CA29754B}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03187831-040B-44A4-9736-02C38C1175DD}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{06616141-AD25-4946-8AD7-22D796ED55F7}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{105FFEB6-74D9-4253-A6E8-EC096D00EE03}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1F1EE647-BE75-41B0-9974-24C120279376}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{342C74D2-36AE-455E-8FD9-C95AAD9757C2}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{3BF2DFFC-1A48-4DDC-A610-170290D25E3C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4330FEF9-005E-4ADA-AED6-9E051E805897}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{4D30629D-C6F5-47DC-8884-18EAF7FF2FDD}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{50143D51-CA3A-48A4-909D-B14410CDD2E6}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{5438BF79-A844-42C8-939B-645940C7F66D}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{5BE67C95-876A-4186-8A53-97723EF0EBA1}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{5E163527-D76A-4529-BC27-9474CF23F98D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6C0E090D-EE3D-48FF-A7D5-1391FFAA64B7}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{6C83C152-E86F-416B-A6D9-AFF1EBAFE1F5}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{7C3BA603-D923-4D24-B17E-7A67B5501C91}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{830E78B9-B9CD-4D48-8BFD-CE3F8FA024F3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{849076A7-8A1B-4429-BA29-B29387A77092}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{AD7B7FCA-4E93-47AF-A265-9F2049E21129}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{B0E7BF0A-24B4-4C0A-8DD8-E0F6648C7A3C}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{CA5CDCDB-FD58-4D93-971C-3C95AE247306}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{D9B572E9-452B-4917-B48D-8652376E6B01}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F04FB8FC-F1BD-4B04-8917-99E54A2B47BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{0384A7C1-0456-4656-8CE1-A258744A1B4B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{14A71445-7880-40EE-B82A-8CD05C450833}C:\program files\netmeeting\conf.exe" = protocol=6 | dir=in | app=c:\program files\netmeeting\conf.exe |
"TCP Query User{3D276480-86C2-4782-93AC-7DB73206E0B3}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{36026129-07A6-4219-813D-EF35855716C2}C:\program files\netmeeting\conf.exe" = protocol=17 | dir=in | app=c:\program files\netmeeting\conf.exe |
"UDP Query User{525DD375-282A-4C07-AF19-A23163D1EE0E}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{B3E18432-1B7C-481F-A5D8-3DCD48EB0FC7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FD5F102-362D-45A9-9173-D83189FFE1DA}" = MySQL Server 5.1
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{412AACB5-057F-465D-A542-A5A457106EE3}" = Driver Setup
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.6
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5EFA4EA3-0604-458C-A06D-485F6B2724C9}" = PrintKey-Pro v1.05
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F9C77FF-C017-4B12-BA71-A3A53BD52775}_is1" = AnyBizSoft PDF Converter (Build 2.5.0)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.0 - Deutsch
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Intel(R) PROSet/Wireless WiFi-Software
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C99A1F39-7A23-4BC9-BF0D-B41D4013CF37}" = Samsung PC Studio 7
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E46DA48B-B621-4D42-8E70-7D64E365F3D2}" = FreeRIP Toolbar v4.5
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira Premium Security Suite
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Canon MP520 series Benutzerregistrierung" = Canon MP520 series Benutzerregistrierung
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"DScaler 4.1.15_is1" = DScaler 4.1.15
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Emu48" = Emu48
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FFDia_is1" = FFDia 1.00
"FixFoto MultiProzessor_is1" = FixFoto 2.91
"InstallShield_{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MINOLTA-QMS PagePro 1200W" = MINOLTA-QMS PagePro 1200W
"MonochromiX_is1" = MonochromiX 1.31 MultiProzessor
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"NetMeeting" = NetMeeting 3.01
"NVIDIA Drivers" = NVIDIA Drivers
"PrintKey2000" = PrintKey2000
"ProInst" = Intel PROSet Wireless
"SQLyog Community" = SQLyog Community 8.12
"Surf & E-Mail-Stick" = Surf & E-Mail-Stick
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Internet Manager" = T-Mobile Internet Manager
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Acrobat Connect Add-in" = Adobe Acrobat Connect Add-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 08.08.2011 12:43:18 | Computer Name = Reinhard-PC | Source = System Restore | ID = 8193
Description =
 
Error - 08.08.2011 12:43:19 | Computer Name = Reinhard-PC | Source = VSS | ID = 39
Description =
 
Error - 08.08.2011 12:43:19 | Computer Name = Reinhard-PC | Source = VSS | ID = 8193
Description =
 
Error - 08.08.2011 12:43:19 | Computer Name = Reinhard-PC | Source = System Restore | ID = 8193
Description =
 
Error - 08.08.2011 12:51:55 | Computer Name = Reinhard-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 08.08.2011 12:51:58 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = listen() on TCP/IP failed with error 6    For more information, see Help
 and Support Center at hxxp://www.mysql.com.   
 
Error - 08.08.2011 12:51:58 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = Aborting    For more information, see Help and Support Center at hxxp://www.mysql.com.


 
Error - 11.08.2011 09:49:12 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = listen() on TCP/IP failed with error 6    For more information, see Help
 and Support Center at hxxp://www.mysql.com.   
 
Error - 11.08.2011 09:49:12 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = Aborting    For more information, see Help and Support Center at hxxp://www.mysql.com.


 
Error - 11.08.2011 09:49:41 | Computer Name = Reinhard-PC | Source = WinMgmt | ID = 10
Description =
 
[ OSession Events ]
Error - 17.06.2011 21:21:03 | Computer Name = Reinhard-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27858
 seconds with 420 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 30.07.2009 13:09:08 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 31.07.2009 04:55:01 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
 
Error - 31.07.2009 04:55:17 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 31.07.2009 04:56:23 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 31.07.2009 05:07:32 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
 
Error - 31.07.2009 05:08:06 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 31.07.2009 05:08:22 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 01.08.2009 15:44:51 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
 
Error - 01.08.2009 15:45:08 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 01.08.2009 15:46:01 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >
--- --- ---
[\code]


Hier die CCleaner Datei install.txt:

Code:

Activation Assistant for the 2007 Microsoft Office suites        Microsoft Corporation        09.11.2008        13,5MB       
Adobe Acrobat Connect Add-in                04.05.2010               
Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        13.07.2011                10.3.181.26
Adobe Reader 8.2.0 - Deutsch        Adobe Systems Incorporated        29.08.2010        102,0MB        8.2.0
Agere Systems HDA Modem        Agere Systems        11.09.2008               
AnyBizSoft PDF Converter (Build 2.5.0)        AnyBizSoft Software        28.05.2011        22,5MB       
Ask Toolbar        Ask.com        02.05.2011        2,11MB        1.11.3.0
Atheros WLAN Client                09.11.2008        0,86MB        1.00.000
Avira Premium Security Suite        Avira GmbH        01.10.2011        159,4MB        10.2.0.671
Business Contact Manager für Outlook 2007 SP2        Microsoft Corporation        19.02.2011        31,4MB        3.0.8619.1
Canon MP Navigator EX 1.0                10.05.2009        66,0MB       
Canon MP520 series                10.05.2009               
Canon MP520 series Benutzerregistrierung                10.05.2009        0,52MB       
Canon My Printer                10.05.2009        2,14MB       
Canon Utilities Easy-PhotoPrint EX                10.05.2009        209MB       
CCleaner        Piriform        09.10.2011        4,07MB        3.11
Driver Setup                10.10.2009        0,53MB        1.1
DScaler 4.1.15                10.10.2009        3.962MB       
Easy Battery Manager                09.11.2008        7,89MB        3.2.1.7
Easy Display Manager        Samsung        11.09.2008        12,4MB        2.0.0.0
Easy Network Manager 4.0        Samsung        11.09.2008        17,5MB        4.0.0.13
Easy SpeedUp Manager                09.11.2008        4,00MB        2.0.1.0
Emu48                21.03.2009        2,41MB        1.47
Feedback Tool        Microsoft Corporation        27.04.2011        2,28MB        1.2.0
FFDia 1.00        Joachim Koopmann Software        18.03.2009        23,9MB       
FixFoto 2.91        Joachim Koopmann Software        18.03.2009        23,9MB       
FreeRIP Toolbar v4.5        Spigot, Inc.        16.07.2011        1,68MB        4.5
FreeRIP v3.6        MGShareware        16.07.2011        5,96MB        3.6
Google Earth        Google        11.07.2011        84,7MB        6.0.3.2197
Google Toolbar for Internet Explorer        Google Inc.        17.08.2011        11,2MB        7.1.2003.1856
imagine digital freedom - Samsung        Samsung Electronics Co., LTD        11.09.2008        7,50MB        1.0.2.0
Intel(R) PROSet/Wireless WiFi-Software        Intel(R) Corporation        11.09.2008        78,3MB        12.00.2000
Intel® Matrix Storage Manager        Intel Corporation        09.11.2008        0,89MB       
Malwarebytes' Anti-Malware Version 1.51.2.1300        Malwarebytes Corporation        08.10.2011        6,76MB        1.51.2.1300
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU        Microsoft Corporation        01.03.2010        37,0MB       
Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        28.02.2010        37,0MB       
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        26.11.2010        120,3MB        4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        26.11.2010        24,5MB        4.0.30319
Microsoft Office 2003 Web Components        Microsoft Corporation        17.06.2011        21,7MB        11.0.8003.0
Microsoft Office 2007 Primary Interop Assemblies        Microsoft Corporation        11.05.2011        7,23MB        12.0.4518.1014
Microsoft Office Enterprise 2007        Microsoft Corporation        19.02.2011        615MB        12.0.6425.1000
Microsoft Office Small Business Connectivity Components        Microsoft Corporation        11.09.2008        0,15MB        2.0.7024.0
Microsoft Silverlight        Microsoft Corporation        17.06.2011        80,0MB        4.0.60531.0
Microsoft SQL Server 2005        Microsoft Corporation        11.09.2008        42,7MB       
Microsoft SQL Server Native Client        Microsoft Corporation        25.03.2011        2,63MB        9.00.5000.00
Microsoft SQL Server VSS Writer        Microsoft Corporation        25.03.2011        0,68MB        9.00.5000.00
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        17.06.2011        0,29MB        8.0.61001
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        19.02.2011        0,19MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        02.05.2011        0,58MB        9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        04.03.2010        0,58MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        17.06.2011        0,58MB        9.0.30729.6161
MINOLTA-QMS PagePro 1200W                10.07.2011               
MonochromiX 1.31 MultiProzessor        Joachim Koopmann Software        18.03.2009        23,9MB       
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        28.02.2010        35,00KB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        28.02.2010        1,34MB        4.20.9876.0
MySQL Server 5.1        MySQL AB        02.07.2009        145,8MB        5.1.35
Nero BurnLite 10        Nero AG        12.02.2011        56,4MB        10.0.10600
Nero Update        Nero AG        12.02.2011        1,44MB        1.0.0018
NetMeeting 3.01                14.10.2010        2,78MB       
NVIDIA Drivers                27.04.2011               
PC Connectivity Solution        Nokia        24.07.2009        11,0MB        8.47.7.0
PIXMA Extended Survey Program                10.05.2009        0,76MB       
PlayCamera                04.03.2009        260MB        1.0.1.7
PrintKey-Pro v1.05        WareCentral.com        08.10.2011        3,22MB        1.05
PrintKey2000                03.05.2010        0,99MB       
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        11.09.2008        11,4MB        6.0.1.5605
Samsung Magic Doctor        Samsung Electronics Co., LTD        09.11.2008        15,4MB        5.00
Samsung PC Studio 7        Samsung        24.07.2009        33,3MB        7.0.1
Samsung Recovery Solution III        Samsung        11.09.2008        36,5MB        3.0.0.6
Samsung Samples Installer        Samsung Electronics Co., Ltd.        24.07.2009        2,88MB        1.00.0000
Samsung Update Plus        Samsung Electronics Co., LTD        11.09.2008        5,64MB        1.3.0.11
SamsungConnectivityCableDriver        Samsung        18.03.2009        0,62MB        6.83.6.2
ScanSoft OmniPage SE 4        Nuance Communications, Inc.        10.05.2009        166,6MB        15.2.0020
SQLyog Community 8.12        Webyog Softworks Pvt. Ltd.        03.07.2009                8.12
Surf & E-Mail-Stick        Huawei Technologies Co.,Ltd        05.08.2011        38,5MB        11.301.08.00.35
Synaptics Pointing Device Driver        Synaptics        11.09.2008        13,6MB        10.1.2.0
T-Mobile Internet Manager        Huawei Technologies Co.,Ltd        07.08.2011        72,4MB        11.301.05.64.55
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)        Microsoft Corporation        25.03.2011        23,2MB        9.00.5000.00
User Guide                09.11.2008        158,8MB        1.0
Vimicro UVC Camera        Vimicro Corporation        11.09.2008        2,15MB        1.00.0000
WIDCOMM Bluetooth Software 6.0.1.6300        WIDCOMM, Inc.        11.09.2008        35,5MB        6.0.1.6300
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)        Nokia        24.07.2009                08/22/2008 7.0.0.0


Viele Grüße

Reinhard

kira 10.10.2011 19:55
1.
deinstalliere falls unter `Systemsteuerung -->Software -->Ändern/Entfernen...` existieren:
Code:
Adware -Toolbars:
Ask Toolbar
Bestandteile der Standardinstallation vieler Freeware-Programme und teilweise sogar von kostenpflichtigen Programmen. Daher:
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
Bei Installation bitte die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen bzw gesetzten Haken belassen, weil damit stimmt man nämlich zu, dass andere "Fremdprogramm", oder sogar Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert.
in diese Kategorie gehören noch einige, wie z.B: -> Unerwünschte Toolbars deinstallieren

2.
Adobe Reader aktualisieren :
- Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus")
Adobe Reader
Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..."

3.
reinige dein System mit Ccleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

4.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

5.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

6.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

► Wie ist den aktuellen Zustand des Rechners? Auffälligkeiten, Probleme?

reischa 10.10.2011 21:52
Hallo,

bis Punkt 4 bin ich gekommen. Hier das Logfile:

Code:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 10/10/2011 at 10:39 PM

Application Version : 5.0.1128

Core Rules Database Version : 7776
Trace Rules Database Version: 5588

Scan type      : Complete Scan
Total Scan Time : 00:36:53

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator

Memory items scanned      : 751
Memory threats detected  : 0
Registry items scanned    : 37909
Registry threats detected : 0
File items scanned        : 33398
File threats detected    : 2

Adware.Tracking Cookie
        C:\Users\Reinhard\AppData\Roaming\Microsoft\Windows\Cookies\29T6R481.txt [ /doubleclick.net ]
        C:\USERS\REINHARD\Cookies\29T6R481.txt [ Cookie:reinhard@doubleclick.net/ ]

jetzt mache ich Schluss für heute (um 5 ist die Nacht vorbei)
Den Rest mache ich wahrscheinlich erst am Mitwoch.

Viele Grüße und bis hierhin schon mal vielen Dank

Reinhard

reischa 15.10.2011 10:18
Hallo,

hier die restlichen Ergebnisse:

Ergebnis ESET Onlinescan:

Code:

C:\Program Files\Application Updater\ApplicationUpdater.exe        probably a variant of Win32/Adware.Toolbar.Dealio application        cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe        a variant of Win32/Adware.Toolbar.Dealio application        cleaned by deleting - quarantined
C:\Program Files\FreeRIP Toolbar\IE\4.5\freeripToolbarIE.dll        a variant of Win32/Adware.Toolbar.Dealio application        cleaned by deleting - quarantined
und hier die OTL logfiles:

OTL.txt

OTL Logfile:
Code:
OTL logfile created on: 15.10.2011 10:58:59 - Run 5
OTL by OldTimer - Version 3.2.29.1    Folder = C:\Users\Reinhard\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 53,91% Memory free
6,20 Gb Paging File | 4,43 Gb Available in Paging File | 71,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,09 Gb Total Space | 49,94 Gb Free Space | 49,89% Space Free | Partition Type: NTFS
Drive D: | 188,00 Gb Total Space | 148,15 Gb Free Space | 78,80% Space Free | Partition Type: NTFS
Drive F: | 7,66 Gb Total Space | 7,58 Gb Free Space | 98,97% Space Free | Partition Type: FAT32
Drive G: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,53% Space Free | Partition Type: FAT
 
Computer Name: REINHARD-PC | User Name: Reinhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.10.11 14:52:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 14:52:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 14:52:28 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.10.11 14:52:27 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2011.10.11 14:52:26 | 000,616,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2011.10.11 14:52:26 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 14:52:26 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.10.10 17:36:30 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Reinhard\Downloads\OTL.exe
PRC - [2011.09.14 21:04:59 | 004,611,456 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011.07.30 10:27:50 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.08.19 10:52:14 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.08.19 10:52:04 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2009.12.31 14:13:52 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Reinhard\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.10 23:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.02.23 12:48:50 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.09.19 08:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.06.03 08:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.05.23 07:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.05.23 06:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.05.22 10:33:54 | 000,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008.05.13 02:13:28 | 000,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
PRC - [2008.04.25 14:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2008.04.17 08:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
PRC - [2008.04.17 04:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.23 09:02:48 | 002,146,840 | ---- | M] (WareCentral.com) -- C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
PRC - [2008.01.21 04:25:26 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
PRC - [2007.07.05 00:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
PRC - [2007.04.13 08:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.03.14 16:47:00 | 000,237,568 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe
PRC - [2007.02.22 16:04:44 | 000,851,968 | ---- | M] (Nokia Mobile Phones Ltd.) -- C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
PRC - [2007.02.04 12:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.10.15 09:42:27 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011.10.15 09:42:27 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011.10.10 22:01:18 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011.10.10 22:01:18 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2009.02.14 06:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2008.05.13 02:13:28 | 000,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
MOD - [2007.03.14 16:47:00 | 000,237,568 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe
MOD - [2007.03.13 09:35:00 | 000,569,344 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\PhoneBrowser.dll
MOD - [2007.03.04 22:45:08 | 000,028,160 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\Lang\PhoneBrowser_ger.NLR
MOD - [2007.03.04 22:31:10 | 000,045,056 | ---- | M] () -- C:\Program Files\Common Files\PCSuite\DataLayer\Lang\DataLayer_ger.NLR
MOD - [2007.02.23 10:22:50 | 000,552,960 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\PCSCM.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\EasySpeedUpManager\HookDllPS2.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.10.11 14:52:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 14:52:28 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.10.11 14:52:27 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011.10.11 14:52:26 | 000,616,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2011.10.11 14:52:26 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.08.19 10:52:04 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009.02.23 12:48:50 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.05.23 07:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.05.23 06:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.05.13 01:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.13 08:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.10.11 14:52:55 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:52:55 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:52:55 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.10.11 14:52:53 | 000,111,160 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avfwot.sys -- (avfwot)
DRV - [2011.10.11 14:52:53 | 000,091,096 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avfwim.sys -- (avfwim)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.04.09 15:24:18 | 000,069,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2010.04.09 15:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.03.25 10:08:38 | 000,105,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.03.20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2009.12.15 10:46:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009.12.15 10:46:18 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2008.09.12 06:01:15 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.05 20:29:26 | 000,044,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.07.26 21:24:00 | 007,548,000 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.06.05 09:30:28 | 000,242,048 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302)
DRV - [2008.05.08 11:51:18 | 000,226,328 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel(R)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007.09.13 08:17:58 | 000,755,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.06.06 13:22:26 | 000,168,576 | ---- | M] (10moons Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tridvid.sys -- (TridVid)
DRV - [2007.05.02 16:32:34 | 000,135,680 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsa.sys -- (nmwcdsa)
DRV - [2007.05.02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsacm.sys -- (nmwcdsacm)
DRV - [2007.05.02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsacj.sys -- (nmwcdsacj)
DRV - [2007.05.02 16:31:54 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsac.sys -- (nmwcdsac)
DRV - [2006.11.28 09:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005.12.18 20:42:12 | 000,008,801 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\DScaler\DSDrv4.sys -- (DSDrv4)
DRV - [2002.09.03 19:31:12 | 000,019,296 | ---- | M] (Minolta Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\MLPTDR_C.SYS -- (MLPTDR_C)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://dict.leo.org/
IE - HKCU\..\URLSearchHook: {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\InprocServer32 File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2011.08.08 18:42:41 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2011.04.27 16:07:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O3 - HKLM\..\Toolbar: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe (Nokia Mobile Phones Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [S60TrayApplication] C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe ()
O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6EE64C0-691D-4DB2-B089-840E422C0194}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4261174-F54D-4EFC-90D8-D987931A9D54}: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.10.15 09:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.10.15 09:36:53 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\Avira
[2011.10.15 09:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.10.15 09:35:27 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.10.15 09:35:27 | 000,111,160 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys
[2011.10.15 09:35:27 | 000,091,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys
[2011.10.15 09:35:27 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.10.15 09:35:27 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.10.15 09:35:27 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.10.15 09:35:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.10.15 09:35:21 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.10.10 22:01:13 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\SUPERAntiSpyware.com
[2011.10.10 22:00:47 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.10.10 22:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011.10.10 22:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011.10.10 21:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.10.10 21:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.10.10 21:10:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.10.10 18:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.10.10 18:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.10.09 18:41:47 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\Malwarebytes
[2011.10.09 18:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.09 18:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.09 18:41:32 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.10.09 18:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.10.09 17:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintKey-Pro
[2011.10.09 17:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Warecentral
[2010.10.15 10:11:22 | 001,668,392 | ---- | C] (Microsoft Corporation) -- C:\Program Files\NM30.EXE
 
========== Files - Modified Within 30 Days ==========
 
[2011.10.15 10:56:44 | 000,002,591 | ---- | M] () -- C:\Users\Reinhard\Desktop\Microsoft Office Word 2007.lnk
[2011.10.15 10:39:05 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.15 09:55:29 | 000,704,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.10.15 09:55:29 | 000,650,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.10.15 09:55:29 | 000,156,174 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.10.15 09:55:29 | 000,127,188 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.10.15 09:40:51 | 000,221,936 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.10.15 09:40:51 | 000,221,936 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.10.15 09:40:21 | 000,002,429 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrintKey-Pro.lnk
[2011.10.15 09:40:14 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011.10.15 09:40:05 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.15 09:40:00 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.15 09:40:00 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.15 09:39:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.15 09:39:27 | 3215,572,992 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.15 09:38:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.10.15 09:36:38 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.10.11 14:52:55 | 000,134,344 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.10.11 14:52:55 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.10.11 14:52:55 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.10.11 14:52:53 | 000,111,160 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys
[2011.10.11 14:52:53 | 000,091,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys
[2011.10.10 22:00:47 | 000,001,760 | ---- | M] () -- C:\Users\Reinhard\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.10.10 21:52:56 | 000,158,638 | ---- | M] () -- C:\Users\Reinhard\Documents\cc_20111010_215241.reg
[2011.10.10 21:14:17 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.10.10 21:10:40 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.10.10 18:07:15 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.10 17:35:38 | 000,031,909 | ---- | M] () -- C:\Users\Reinhard\Documents\85104-otl-otlogfile-oldtimer.htm
[2011.10.09 17:24:25 | 000,261,850 | ---- | M] () -- C:\Users\Reinhard\Documents\Schienennetzplan_69_03_2011.pdf
 
========== Files Created - No Company Name ==========
 
[2011.10.15 09:36:38 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.10.10 22:00:47 | 000,001,760 | ---- | C] () -- C:\Users\Reinhard\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.10.10 21:52:47 | 000,158,638 | ---- | C] () -- C:\Users\Reinhard\Documents\cc_20111010_215241.reg
[2011.10.10 21:14:17 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.10.10 21:14:17 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.10.10 21:10:40 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.10.10 18:07:15 | 000,000,764 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.10 17:35:56 | 000,031,909 | ---- | C] () -- C:\Users\Reinhard\Documents\85104-otl-otlogfile-oldtimer.htm
[2011.10.09 17:24:28 | 000,261,850 | ---- | C] () -- C:\Users\Reinhard\Documents\Schienennetzplan_69_03_2011.pdf
[2011.10.09 17:17:22 | 000,002,429 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrintKey-Pro.lnk
[2011.07.17 11:25:44 | 000,004,479 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.07.17 11:25:25 | 000,001,492 | ---- | C] () -- C:\ProgramData\ss.ini
[2011.04.28 15:58:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.04.28 15:57:44 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.04.27 16:03:24 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.04.27 16:03:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.04.27 16:03:24 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.04.27 16:03:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.04.27 16:03:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.10.15 09:26:41 | 000,024,206 | ---- | C] () -- C:\Users\Reinhard\AppData\Roaming\UserTile.png
[2010.03.01 22:30:44 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.10.11 17:46:55 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\VendorCmdRW.dll
[2009.10.11 17:46:39 | 000,028,672 | ---- | C] () -- C:\Windows\System32\VendorCmdRW.dll
[2009.05.15 20:59:09 | 000,017,408 | ---- | C] () -- C:\Users\Reinhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.11 17:44:53 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009.03.22 12:55:16 | 000,000,617 | ---- | C] () -- C:\Windows\Emu48.ini
[2008.11.10 01:46:04 | 000,221,936 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.11.10 01:45:59 | 000,221,936 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.09.12 21:41:06 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.09.12 06:03:48 | 000,001,670 | ---- | C] () -- C:\Windows\HotFixList.ini
[2008.09.12 06:03:25 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2008.09.12 06:03:06 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2008.09.12 06:03:06 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2008.09.12 05:56:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe
[2008.09.12 05:56:00 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe
[2008.09.12 05:54:39 | 000,172,032 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2008.09.11 17:12:00 | 000,704,866 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.09.11 17:12:00 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.09.11 17:12:00 | 000,156,174 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.09.11 17:12:00 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.09.11 17:02:18 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.02.09 18:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe
[2007.02.26 09:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\System32\imagine digital freedom.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,377,048 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,650,552 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,127,188 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002.10.10 14:09:52 | 000,022,040 | ---- | C] () -- C:\Windows\MSTMON_C.INI
[2002.09.03 21:38:42 | 000,032,768 | ---- | C] () -- C:\Windows\System32\MCMM___C.DLL
[2002.09.03 17:38:02 | 000,010,242 | ---- | C] () -- C:\Windows\MSUMLT_C.INI
[2001.11.14 05:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2010.09.27 20:59:18 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\Canon
[2011.08.04 09:54:46 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\Datalayer
[2009.07.25 13:59:23 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\PC Suite
[2010.10.15 09:26:41 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\PeerNetworking
[2011.08.04 11:49:18 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\Samsung
[2009.05.11 17:44:45 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\ScanSoft
[2010.09.20 20:44:34 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\SQLyog
[2011.08.08 18:44:19 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\T-Mobile
[2011.10.09 18:41:01 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\T-Mobile Internet Manager
[2011.10.15 09:38:43 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:A5B56640
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:06A7F9ED

< End of report >
--- --- ---


und die Extras.txt

OTL Logfile:
Code:
OTL Extras logfile created on: 15.10.2011 10:58:59 - Run 5
OTL by OldTimer - Version 3.2.29.1    Folder = C:\Users\Reinhard\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 53,91% Memory free
6,20 Gb Paging File | 4,43 Gb Available in Paging File | 71,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,09 Gb Total Space | 49,94 Gb Free Space | 49,89% Space Free | Partition Type: NTFS
Drive D: | 188,00 Gb Total Space | 148,15 Gb Free Space | 78,80% Space Free | Partition Type: NTFS
Drive F: | 7,66 Gb Total Space | 7,58 Gb Free Space | 98,97% Space Free | Partition Type: FAT32
Drive G: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,53% Space Free | Partition Type: FAT
 
Computer Name: REINHARD-PC | User Name: Reinhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F4CFD2-E1DA-4321-8E38-E5A1C15B688F}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{07429F46-517D-4558-BB77-2102DF0AC4A6}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{12A22832-A60C-4D40-9B79-7CE446D414C3}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{13F24517-A679-480A-8281-4B94C8CFCC92}" = rport=139 | protocol=6 | dir=out | app=system |
"{14315AEE-9EDC-4179-AE23-992AEE7822A6}" = lport=139 | protocol=6 | dir=in | app=system |
"{14342C58-2D7D-4B98-9EE1-8BDFE096B036}" = rport=5358 | protocol=6 | dir=out | app=system |
"{17F32EB5-47EB-4A25-BC68-F53A0100A974}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{1901E616-DDFA-4B10-8BDD-3AED50F3E06F}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{2043F52E-C031-4B7D-9B7D-EBBC90302A4C}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{209EA8D2-253E-4B80-ADD4-0A5014455AD2}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{23E84EB8-EA38-4083-95F1-CD4453F9A02B}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{306F8DD5-045C-4967-8594-A703435FA82E}" = rport=138 | protocol=17 | dir=out | app=system |
"{43810252-DADC-485B-8827-E130BAE3733B}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{44A5D88A-21D7-4363-8AD4-FBDAE64E6ED0}" = lport=445 | protocol=6 | dir=in | app=system |
"{45472588-FAC0-47CB-AFD9-63D6BB69FAFD}" = lport=137 | protocol=17 | dir=in | app=system |
"{45491F36-811B-466A-A44D-4CFD2F792F23}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{484B02A4-7099-490F-A89D-F631DAAC5B96}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{4A7D91CE-11C1-4456-BD92-2D38DF8050DB}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{4BF367EB-4124-465C-8DB0-7DE190A817D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4D3C5B61-FB12-4C5A-826A-1B89894ADB02}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{4D62F391-020D-4945-8669-C3C5B55696B9}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{68EDB7CD-9198-4827-82CC-43C13D1607AB}" = lport=138 | protocol=17 | dir=in | app=system |
"{6D0970F8-EF4B-497A-B36E-B3DCAC03A14B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7282780A-3655-40D1-AA88-6F97B2EBDC66}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{7ADC6558-348E-431A-91C8-CBCD109AB739}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{8AB16911-0D7B-41C8-977D-44BC5C4BE206}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8B016B59-AE6A-4DD9-AE33-2BDB635F60FB}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{8CA2B3BF-01CF-4182-BDF1-89A96DA9BB0B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8EEA17F3-031A-48A3-9803-0AB37234ED96}" = rport=5357 | protocol=6 | dir=out | app=system |
"{8F0C27DC-B7FB-4E4C-A93D-B81AE62C55C1}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{A134E267-D1DC-4A49-9EF6-62F63F0A248A}" = lport=5358 | protocol=6 | dir=in | app=system |
"{C078CEAB-9E2C-4AA7-BF39-41191040A91F}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{CD97FB65-BE4A-4E4F-8670-A5511B9A207D}" = rport=137 | protocol=17 | dir=out | app=system |
"{DF35A2C2-F78B-4BD9-B318-DD07F89D9ADB}" = rport=445 | protocol=6 | dir=out | app=system |
"{DFD72D7D-8E3A-4845-B3FF-C8D14BA5D255}" = lport=5357 | protocol=6 | dir=in | app=system |
"{E248DC6D-01A3-4C13-8C37-CD4673FB0046}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{E5E99007-82B8-4FF4-87BA-352B2CAA4D60}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EAA3D75C-C09B-4919-B619-49A17907D068}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EFC56220-B481-4260-88A3-AD02CA29754B}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03187831-040B-44A4-9736-02C38C1175DD}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{06616141-AD25-4946-8AD7-22D796ED55F7}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{105FFEB6-74D9-4253-A6E8-EC096D00EE03}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1F1EE647-BE75-41B0-9974-24C120279376}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{342C74D2-36AE-455E-8FD9-C95AAD9757C2}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{3BF2DFFC-1A48-4DDC-A610-170290D25E3C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4330FEF9-005E-4ADA-AED6-9E051E805897}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{4D30629D-C6F5-47DC-8884-18EAF7FF2FDD}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{50143D51-CA3A-48A4-909D-B14410CDD2E6}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{5438BF79-A844-42C8-939B-645940C7F66D}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{5BE67C95-876A-4186-8A53-97723EF0EBA1}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{5E163527-D76A-4529-BC27-9474CF23F98D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6C0E090D-EE3D-48FF-A7D5-1391FFAA64B7}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{6C83C152-E86F-416B-A6D9-AFF1EBAFE1F5}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{7C3BA603-D923-4D24-B17E-7A67B5501C91}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{830E78B9-B9CD-4D48-8BFD-CE3F8FA024F3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{849076A7-8A1B-4429-BA29-B29387A77092}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{AD7B7FCA-4E93-47AF-A265-9F2049E21129}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{B0E7BF0A-24B4-4C0A-8DD8-E0F6648C7A3C}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{CA5CDCDB-FD58-4D93-971C-3C95AE247306}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{D9B572E9-452B-4917-B48D-8652376E6B01}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F04FB8FC-F1BD-4B04-8917-99E54A2B47BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{0384A7C1-0456-4656-8CE1-A258744A1B4B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{14A71445-7880-40EE-B82A-8CD05C450833}C:\program files\netmeeting\conf.exe" = protocol=6 | dir=in | app=c:\program files\netmeeting\conf.exe |
"TCP Query User{3D276480-86C2-4782-93AC-7DB73206E0B3}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{36026129-07A6-4219-813D-EF35855716C2}C:\program files\netmeeting\conf.exe" = protocol=17 | dir=in | app=c:\program files\netmeeting\conf.exe |
"UDP Query User{525DD375-282A-4C07-AF19-A23163D1EE0E}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{B3E18432-1B7C-481F-A5D8-3DCD48EB0FC7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FD5F102-362D-45A9-9173-D83189FFE1DA}" = MySQL Server 5.1
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{412AACB5-057F-465D-A542-A5A457106EE3}" = Driver Setup
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.6
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5EFA4EA3-0604-458C-A06D-485F6B2724C9}" = PrintKey-Pro v1.05
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F9C77FF-C017-4B12-BA71-A3A53BD52775}_is1" = AnyBizSoft PDF Converter (Build 2.5.0)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Intel(R) PROSet/Wireless WiFi-Software
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C99A1F39-7A23-4BC9-BF0D-B41D4013CF37}" = Samsung PC Studio 7
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E46DA48B-B621-4D42-8E70-7D64E365F3D2}" = FreeRIP Toolbar v4.5
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira Internet Security 2012
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Canon MP520 series Benutzerregistrierung" = Canon MP520 series Benutzerregistrierung
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"DScaler 4.1.15_is1" = DScaler 4.1.15
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Emu48" = Emu48
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FFDia_is1" = FFDia 1.00
"FixFoto MultiProzessor_is1" = FixFoto 2.91
"Google Chrome" = Google Chrome
"InstallShield_{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MINOLTA-QMS PagePro 1200W" = MINOLTA-QMS PagePro 1200W
"MonochromiX_is1" = MonochromiX 1.31 MultiProzessor
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"NetMeeting" = NetMeeting 3.01
"NVIDIA Drivers" = NVIDIA Drivers
"PrintKey2000" = PrintKey2000
"ProInst" = Intel PROSet Wireless
"SQLyog Community" = SQLyog Community 8.12
"Surf & E-Mail-Stick" = Surf & E-Mail-Stick
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Internet Manager" = T-Mobile Internet Manager
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Acrobat Connect Add-in" = Adobe Acrobat Connect Add-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 08.08.2011 12:43:19 | Computer Name = Reinhard-PC | Source = System Restore | ID = 8193
Description =
 
Error - 08.08.2011 12:51:55 | Computer Name = Reinhard-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 08.08.2011 12:51:58 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = listen() on TCP/IP failed with error 6    For more information, see Help
 and Support Center at hxxp://www.mysql.com.   
 
Error - 08.08.2011 12:51:58 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = Aborting    For more information, see Help and Support Center at hxxp://www.mysql.com.


 
Error - 11.08.2011 09:49:12 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = listen() on TCP/IP failed with error 6    For more information, see Help
 and Support Center at hxxp://www.mysql.com.   
 
Error - 11.08.2011 09:49:12 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = Aborting    For more information, see Help and Support Center at hxxp://www.mysql.com.


 
Error - 11.08.2011 09:49:41 | Computer Name = Reinhard-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 11.08.2011 21:27:03 | Computer Name = Reinhard-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 11.08.2011 21:27:07 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = listen() on TCP/IP failed with error 6    For more information, see Help
 and Support Center at hxxp://www.mysql.com.   
 
Error - 11.08.2011 21:27:07 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = Aborting    For more information, see Help and Support Center at hxxp://www.mysql.com.


 
[ OSession Events ]
Error - 17.06.2011 21:21:03 | Computer Name = Reinhard-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27858
 seconds with 420 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 30.07.2009 13:09:08 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 31.07.2009 04:55:01 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
 
Error - 31.07.2009 04:55:17 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 31.07.2009 04:56:23 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 31.07.2009 05:07:32 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
 
Error - 31.07.2009 05:08:06 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 31.07.2009 05:08:22 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 01.08.2009 15:44:51 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
 
Error - 01.08.2009 15:45:08 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 01.08.2009 15:46:01 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >
--- --- ---


Bei der Benutzung des Rechners ist mir derzeit nichts ungewöhnliches aufgefallen.

Muss ich noch was tun?

Viele Grüße

Reinhard

kira 16.10.2011 04:57
1.
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
:OTL
O3 - HKLM\..\Toolbar: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2011.10.15 10:39:05 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.15 09:40:05 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

:Commands
[purity]
[emptytemp]

2.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

reischa 16.10.2011 12:20
Hallo,

hier die TXT von OTL:

Code:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E634228A-03CF-4BC8-B0AB-668257F1FD8C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: Reinhard
->Temp folder emptied: 4798260 bytes
->Temporary Internet Files folder emptied: 350563782 bytes
->Flash cache emptied: 794 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9255708 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 348,00 mb
 
 
OTL by OldTimer - Version 3.2.29.1 log created on 10162011_131124

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Und hier die Logfiles des Scan:
OTL Logfile:
Code:
OTL logfile created on: 16.10.2011 13:21:48 - Run 6
OTL by OldTimer - Version 3.2.29.1    Folder = C:\Users\Reinhard\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 58,71% Memory free
6,21 Gb Paging File | 4,70 Gb Available in Paging File | 75,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,09 Gb Total Space | 49,08 Gb Free Space | 49,04% Space Free | Partition Type: NTFS
Drive D: | 188,00 Gb Total Space | 148,14 Gb Free Space | 78,80% Space Free | Partition Type: NTFS
Drive F: | 7,66 Gb Total Space | 7,58 Gb Free Space | 98,97% Space Free | Partition Type: FAT32
Drive G: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,53% Space Free | Partition Type: FAT
 
Computer Name: REINHARD-PC | User Name: Reinhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.10.15 12:03:01 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11c_ActiveX.exe
PRC - [2011.10.11 14:52:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 14:52:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 14:52:28 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.10.11 14:52:27 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2011.10.11 14:52:26 | 000,616,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2011.10.11 14:52:26 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 14:52:26 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.10.10 17:36:30 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Reinhard\Downloads\OTL.exe
PRC - [2011.09.14 21:04:59 | 004,611,456 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011.07.30 10:27:50 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.08.19 10:52:14 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.08.19 10:52:04 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2009.12.31 14:13:52 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Reinhard\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
PRC - [2009.04.10 23:28:16 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.23 12:48:50 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.09.19 08:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.06.03 08:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.05.23 07:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.05.23 06:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.05.22 10:33:54 | 000,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008.05.13 02:13:28 | 000,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
PRC - [2008.04.25 14:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2008.04.17 08:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
PRC - [2008.04.17 04:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.23 09:02:48 | 002,146,840 | ---- | M] (WareCentral.com) -- C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
PRC - [2008.01.21 04:25:26 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
PRC - [2007.07.05 00:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
PRC - [2007.04.13 08:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.03.14 16:47:00 | 000,237,568 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe
PRC - [2007.02.22 16:04:44 | 000,851,968 | ---- | M] (Nokia Mobile Phones Ltd.) -- C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
PRC - [2007.02.04 12:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.10.16 13:18:34 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011.10.16 13:18:34 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011.10.10 22:01:18 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011.10.10 22:01:18 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2008.05.13 02:13:28 | 000,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
MOD - [2007.03.14 16:47:00 | 000,237,568 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe
MOD - [2007.03.13 09:35:00 | 000,569,344 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\PhoneBrowser.dll
MOD - [2007.03.04 22:45:08 | 000,028,160 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\Lang\PhoneBrowser_ger.NLR
MOD - [2007.03.04 22:31:10 | 000,045,056 | ---- | M] () -- C:\Program Files\Common Files\PCSuite\DataLayer\Lang\DataLayer_ger.NLR
MOD - [2007.02.23 10:22:50 | 000,552,960 | ---- | M] () -- C:\Program Files\Samsung\Samsung PC Studio 7\PCSCM.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\EasySpeedUpManager\HookDllPS2.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.10.11 14:52:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 14:52:28 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.10.11 14:52:27 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011.10.11 14:52:26 | 000,616,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2011.10.11 14:52:26 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.08.19 10:52:04 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009.02.23 12:48:50 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.05.23 07:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.05.23 06:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.05.13 01:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.13 08:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.10.11 14:52:55 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:52:55 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:52:55 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.10.11 14:52:53 | 000,111,160 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avfwot.sys -- (avfwot)
DRV - [2011.10.11 14:52:53 | 000,091,096 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avfwim.sys -- (avfwim)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.04.09 15:24:18 | 000,069,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2010.04.09 15:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.03.25 10:08:38 | 000,105,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.03.20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2009.12.15 10:46:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009.12.15 10:46:18 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2008.09.12 06:01:15 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.05 20:29:26 | 000,044,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.07.26 21:24:00 | 007,548,000 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.06.05 09:30:28 | 000,242,048 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302)
DRV - [2008.05.08 11:51:18 | 000,226,328 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel(R)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007.09.13 08:17:58 | 000,755,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.06.06 13:22:26 | 000,168,576 | ---- | M] (10moons Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tridvid.sys -- (TridVid)
DRV - [2007.05.02 16:32:34 | 000,135,680 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsa.sys -- (nmwcdsa)
DRV - [2007.05.02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsacm.sys -- (nmwcdsacm)
DRV - [2007.05.02 16:31:54 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsacj.sys -- (nmwcdsacj)
DRV - [2007.05.02 16:31:54 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdsac.sys -- (nmwcdsac)
DRV - [2006.11.28 09:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005.12.18 20:42:12 | 000,008,801 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\DScaler\DSDrv4.sys -- (DSDrv4)
DRV - [2002.09.03 19:31:12 | 000,019,296 | ---- | M] (Minolta Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\MLPTDR_C.SYS -- (MLPTDR_C)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://dict.leo.org/
IE - HKCU\..\URLSearchHook: {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2011.08.08 18:42:41 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2011.04.27 16:07:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe (Nokia Mobile Phones Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [S60TrayApplication] C:\Program Files\Samsung\Samsung PC Studio 7\LaunchApplication.exe ()
O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6EE64C0-691D-4DB2-B089-840E422C0194}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4261174-F54D-4EFC-90D8-D987931A9D54}: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.10.16 13:11:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.10.15 21:16:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.10.15 21:15:09 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.10.15 21:15:07 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.10.15 21:15:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.10.15 21:15:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.10.15 21:15:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.10.15 09:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.10.15 09:53:03 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.10.15 09:52:58 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.10.15 09:52:58 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.10.15 09:52:58 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011.10.15 09:52:57 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011.10.15 09:52:42 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011.10.15 09:52:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011.10.15 09:36:53 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\Avira
[2011.10.15 09:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.10.15 09:35:27 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.10.15 09:35:27 | 000,111,160 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys
[2011.10.15 09:35:27 | 000,091,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys
[2011.10.15 09:35:27 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.10.15 09:35:27 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.10.15 09:35:27 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.10.15 09:35:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.10.15 09:35:21 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.10.10 22:01:13 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\SUPERAntiSpyware.com
[2011.10.10 22:00:47 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.10.10 22:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011.10.10 22:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011.10.10 21:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.10.10 21:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.10.10 21:10:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.10.10 18:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.10.10 18:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.10.09 18:41:47 | 000,000,000 | ---D | C] -- C:\Users\Reinhard\AppData\Roaming\Malwarebytes
[2011.10.09 18:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.09 18:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.09 18:41:32 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.10.09 18:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.10.09 17:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintKey-Pro
[2011.10.09 17:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Warecentral
[2010.10.15 10:11:22 | 001,668,392 | ---- | C] (Microsoft Corporation) -- C:\Program Files\NM30.EXE
 
========== Files - Modified Within 30 Days ==========
 
[2011.10.16 13:23:09 | 000,704,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.10.16 13:23:09 | 000,650,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.10.16 13:23:09 | 000,156,174 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.10.16 13:23:09 | 000,127,188 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.10.16 13:18:11 | 000,221,936 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.10.16 13:15:52 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011.10.16 13:15:42 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.16 13:15:42 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.16 13:15:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.16 13:14:19 | 3215,572,992 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.16 13:13:31 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.10.16 12:59:31 | 000,377,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.10.15 15:40:43 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.10.15 12:03:01 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.10.15 11:54:54 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011.10.15 10:56:44 | 000,002,591 | ---- | M] () -- C:\Users\Reinhard\Desktop\Microsoft Office Word 2007.lnk
[2011.10.15 09:40:51 | 000,221,936 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.10.15 09:40:21 | 000,002,429 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrintKey-Pro.lnk
[2011.10.15 09:36:38 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.10.11 14:52:55 | 000,134,344 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.10.11 14:52:55 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.10.11 14:52:55 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011.10.11 14:52:53 | 000,111,160 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys
[2011.10.11 14:52:53 | 000,091,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys
[2011.10.10 22:00:47 | 000,001,760 | ---- | M] () -- C:\Users\Reinhard\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.10.10 21:52:56 | 000,158,638 | ---- | M] () -- C:\Users\Reinhard\Documents\cc_20111010_215241.reg
[2011.10.10 21:14:17 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.10.10 18:07:15 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.10 17:35:38 | 000,031,909 | ---- | M] () -- C:\Users\Reinhard\Documents\85104-otl-otlogfile-oldtimer.htm
[2011.10.09 17:24:25 | 000,261,850 | ---- | M] () -- C:\Users\Reinhard\Documents\Schienennetzplan_69_03_2011.pdf
 
========== Files Created - No Company Name ==========
 
[2011.10.15 11:54:54 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.10.15 09:36:38 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.10.10 22:00:47 | 000,001,760 | ---- | C] () -- C:\Users\Reinhard\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.10.10 21:52:47 | 000,158,638 | ---- | C] () -- C:\Users\Reinhard\Documents\cc_20111010_215241.reg
[2011.10.10 21:14:17 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.10.10 21:14:17 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.10.10 21:10:40 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.10.10 18:07:15 | 000,000,764 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.10 17:35:56 | 000,031,909 | ---- | C] () -- C:\Users\Reinhard\Documents\85104-otl-otlogfile-oldtimer.htm
[2011.10.09 17:24:28 | 000,261,850 | ---- | C] () -- C:\Users\Reinhard\Documents\Schienennetzplan_69_03_2011.pdf
[2011.10.09 17:17:22 | 000,002,429 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrintKey-Pro.lnk
[2011.07.17 11:25:44 | 000,004,479 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.07.17 11:25:25 | 000,001,492 | ---- | C] () -- C:\ProgramData\ss.ini
[2011.04.28 15:58:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.04.28 15:57:44 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.04.27 16:03:24 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.04.27 16:03:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.04.27 16:03:24 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.04.27 16:03:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.04.27 16:03:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.10.15 09:26:41 | 000,024,206 | ---- | C] () -- C:\Users\Reinhard\AppData\Roaming\UserTile.png
[2010.03.01 22:30:44 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.10.11 17:46:55 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\VendorCmdRW.dll
[2009.10.11 17:46:39 | 000,028,672 | ---- | C] () -- C:\Windows\System32\VendorCmdRW.dll
[2009.05.15 20:59:09 | 000,017,408 | ---- | C] () -- C:\Users\Reinhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.11 17:44:53 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009.03.22 12:55:16 | 000,000,617 | ---- | C] () -- C:\Windows\Emu48.ini
[2008.11.10 01:46:04 | 000,221,936 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.11.10 01:45:59 | 000,221,936 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.09.12 21:41:06 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.09.12 06:03:48 | 000,001,670 | ---- | C] () -- C:\Windows\HotFixList.ini
[2008.09.12 06:03:25 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2008.09.12 06:03:06 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2008.09.12 06:03:06 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2008.09.12 05:56:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe
[2008.09.12 05:56:00 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe
[2008.09.12 05:54:39 | 000,172,032 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2008.09.11 17:12:00 | 000,704,866 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.09.11 17:12:00 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.09.11 17:12:00 | 000,156,174 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.09.11 17:12:00 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.09.11 17:02:18 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.02.09 18:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe
[2007.02.26 09:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\System32\imagine digital freedom.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,377,048 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,650,552 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,127,188 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002.10.10 14:09:52 | 000,022,040 | ---- | C] () -- C:\Windows\MSTMON_C.INI
[2002.09.03 21:38:42 | 000,032,768 | ---- | C] () -- C:\Windows\System32\MCMM___C.DLL
[2002.09.03 17:38:02 | 000,010,242 | ---- | C] () -- C:\Windows\MSUMLT_C.INI
[2001.11.14 05:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2010.09.27 20:59:18 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\Canon
[2011.08.04 09:54:46 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\Datalayer
[2009.07.25 13:59:23 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\PC Suite
[2010.10.15 09:26:41 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\PeerNetworking
[2011.08.04 11:49:18 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\Samsung
[2009.05.11 17:44:45 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\ScanSoft
[2010.09.20 20:44:34 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\SQLyog
[2011.08.08 18:44:19 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\T-Mobile
[2011.10.09 18:41:01 | 000,000,000 | ---D | M] -- C:\Users\Reinhard\AppData\Roaming\T-Mobile Internet Manager
[2011.10.16 13:13:31 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:A5B56640
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:06A7F9ED

< End of report >
--- --- ---

[/code]

und die Extras:
OTL Logfile:
Code:
OTL Extras logfile created on: 16.10.2011 13:21:48 - Run 6
OTL by OldTimer - Version 3.2.29.1    Folder = C:\Users\Reinhard\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 58,71% Memory free
6,21 Gb Paging File | 4,70 Gb Available in Paging File | 75,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,09 Gb Total Space | 49,08 Gb Free Space | 49,04% Space Free | Partition Type: NTFS
Drive D: | 188,00 Gb Total Space | 148,14 Gb Free Space | 78,80% Space Free | Partition Type: NTFS
Drive F: | 7,66 Gb Total Space | 7,58 Gb Free Space | 98,97% Space Free | Partition Type: FAT32
Drive G: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,53% Space Free | Partition Type: FAT
 
Computer Name: REINHARD-PC | User Name: Reinhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F4CFD2-E1DA-4321-8E38-E5A1C15B688F}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{07429F46-517D-4558-BB77-2102DF0AC4A6}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{12A22832-A60C-4D40-9B79-7CE446D414C3}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{13F24517-A679-480A-8281-4B94C8CFCC92}" = rport=139 | protocol=6 | dir=out | app=system |
"{14315AEE-9EDC-4179-AE23-992AEE7822A6}" = lport=139 | protocol=6 | dir=in | app=system |
"{14342C58-2D7D-4B98-9EE1-8BDFE096B036}" = rport=5358 | protocol=6 | dir=out | app=system |
"{17F32EB5-47EB-4A25-BC68-F53A0100A974}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{1901E616-DDFA-4B10-8BDD-3AED50F3E06F}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{2043F52E-C031-4B7D-9B7D-EBBC90302A4C}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{209EA8D2-253E-4B80-ADD4-0A5014455AD2}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{23E84EB8-EA38-4083-95F1-CD4453F9A02B}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{306F8DD5-045C-4967-8594-A703435FA82E}" = rport=138 | protocol=17 | dir=out | app=system |
"{43810252-DADC-485B-8827-E130BAE3733B}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{44A5D88A-21D7-4363-8AD4-FBDAE64E6ED0}" = lport=445 | protocol=6 | dir=in | app=system |
"{45472588-FAC0-47CB-AFD9-63D6BB69FAFD}" = lport=137 | protocol=17 | dir=in | app=system |
"{45491F36-811B-466A-A44D-4CFD2F792F23}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{484B02A4-7099-490F-A89D-F631DAAC5B96}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{4A7D91CE-11C1-4456-BD92-2D38DF8050DB}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{4BF367EB-4124-465C-8DB0-7DE190A817D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4D3C5B61-FB12-4C5A-826A-1B89894ADB02}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{4D62F391-020D-4945-8669-C3C5B55696B9}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{68EDB7CD-9198-4827-82CC-43C13D1607AB}" = lport=138 | protocol=17 | dir=in | app=system |
"{6D0970F8-EF4B-497A-B36E-B3DCAC03A14B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7282780A-3655-40D1-AA88-6F97B2EBDC66}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{7ADC6558-348E-431A-91C8-CBCD109AB739}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{8AB16911-0D7B-41C8-977D-44BC5C4BE206}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8B016B59-AE6A-4DD9-AE33-2BDB635F60FB}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{8CA2B3BF-01CF-4182-BDF1-89A96DA9BB0B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8EEA17F3-031A-48A3-9803-0AB37234ED96}" = rport=5357 | protocol=6 | dir=out | app=system |
"{8F0C27DC-B7FB-4E4C-A93D-B81AE62C55C1}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{A134E267-D1DC-4A49-9EF6-62F63F0A248A}" = lport=5358 | protocol=6 | dir=in | app=system |
"{C078CEAB-9E2C-4AA7-BF39-41191040A91F}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{CD97FB65-BE4A-4E4F-8670-A5511B9A207D}" = rport=137 | protocol=17 | dir=out | app=system |
"{DF35A2C2-F78B-4BD9-B318-DD07F89D9ADB}" = rport=445 | protocol=6 | dir=out | app=system |
"{DFD72D7D-8E3A-4845-B3FF-C8D14BA5D255}" = lport=5357 | protocol=6 | dir=in | app=system |
"{E248DC6D-01A3-4C13-8C37-CD4673FB0046}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{E5E99007-82B8-4FF4-87BA-352B2CAA4D60}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EAA3D75C-C09B-4919-B619-49A17907D068}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EFC56220-B481-4260-88A3-AD02CA29754B}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03187831-040B-44A4-9736-02C38C1175DD}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{06616141-AD25-4946-8AD7-22D796ED55F7}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{105FFEB6-74D9-4253-A6E8-EC096D00EE03}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1F1EE647-BE75-41B0-9974-24C120279376}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{342C74D2-36AE-455E-8FD9-C95AAD9757C2}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{3BF2DFFC-1A48-4DDC-A610-170290D25E3C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4330FEF9-005E-4ADA-AED6-9E051E805897}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{4D30629D-C6F5-47DC-8884-18EAF7FF2FDD}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{50143D51-CA3A-48A4-909D-B14410CDD2E6}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{5438BF79-A844-42C8-939B-645940C7F66D}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{5BE67C95-876A-4186-8A53-97723EF0EBA1}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{5E163527-D76A-4529-BC27-9474CF23F98D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6C0E090D-EE3D-48FF-A7D5-1391FFAA64B7}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{6C83C152-E86F-416B-A6D9-AFF1EBAFE1F5}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{7C3BA603-D923-4D24-B17E-7A67B5501C91}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{830E78B9-B9CD-4D48-8BFD-CE3F8FA024F3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{849076A7-8A1B-4429-BA29-B29387A77092}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{AD7B7FCA-4E93-47AF-A265-9F2049E21129}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{B0E7BF0A-24B4-4C0A-8DD8-E0F6648C7A3C}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{CA5CDCDB-FD58-4D93-971C-3C95AE247306}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{D9B572E9-452B-4917-B48D-8652376E6B01}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F04FB8FC-F1BD-4B04-8917-99E54A2B47BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{0384A7C1-0456-4656-8CE1-A258744A1B4B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{14A71445-7880-40EE-B82A-8CD05C450833}C:\program files\netmeeting\conf.exe" = protocol=6 | dir=in | app=c:\program files\netmeeting\conf.exe |
"TCP Query User{3D276480-86C2-4782-93AC-7DB73206E0B3}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{36026129-07A6-4219-813D-EF35855716C2}C:\program files\netmeeting\conf.exe" = protocol=17 | dir=in | app=c:\program files\netmeeting\conf.exe |
"UDP Query User{525DD375-282A-4C07-AF19-A23163D1EE0E}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{B3E18432-1B7C-481F-A5D8-3DCD48EB0FC7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FD5F102-362D-45A9-9173-D83189FFE1DA}" = MySQL Server 5.1
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{412AACB5-057F-465D-A542-A5A457106EE3}" = Driver Setup
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.6
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5EFA4EA3-0604-458C-A06D-485F6B2724C9}" = PrintKey-Pro v1.05
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F9C77FF-C017-4B12-BA71-A3A53BD52775}_is1" = AnyBizSoft PDF Converter (Build 2.5.0)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Intel(R) PROSet/Wireless WiFi-Software
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C99A1F39-7A23-4BC9-BF0D-B41D4013CF37}" = Samsung PC Studio 7
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E46DA48B-B621-4D42-8E70-7D64E365F3D2}" = FreeRIP Toolbar v4.5
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira Internet Security 2012
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Canon MP520 series Benutzerregistrierung" = Canon MP520 series Benutzerregistrierung
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"DScaler 4.1.15_is1" = DScaler 4.1.15
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Emu48" = Emu48
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FFDia_is1" = FFDia 1.00
"FixFoto MultiProzessor_is1" = FixFoto 2.91
"Google Chrome" = Google Chrome
"InstallShield_{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MINOLTA-QMS PagePro 1200W" = MINOLTA-QMS PagePro 1200W
"MonochromiX_is1" = MonochromiX 1.31 MultiProzessor
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"NetMeeting" = NetMeeting 3.01
"NVIDIA Drivers" = NVIDIA Drivers
"PrintKey2000" = PrintKey2000
"ProInst" = Intel PROSet Wireless
"SQLyog Community" = SQLyog Community 8.12
"Surf & E-Mail-Stick" = Surf & E-Mail-Stick
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Internet Manager" = T-Mobile Internet Manager
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Acrobat Connect Add-in" = Adobe Acrobat Connect Add-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 17.08.2011 16:27:25 | Computer Name = Reinhard-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung wmplayer.exe, Version 11.0.6002.18311, Zeitstempel
 0x4c8e2d72, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
 Ausnahmecode 0xc0000005, Fehleroffset 0xd86102c7,  Prozess-ID 0x156c, Anwendungsstartzeit
 01cc5c0c6203d110.
 
Error - 19.08.2011 07:27:18 | Computer Name = Reinhard-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 19.08.2011 07:27:18 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = listen() on TCP/IP failed with error 6    For more information, see Help
 and Support Center at hxxp://www.mysql.com.   
 
Error - 19.08.2011 07:27:18 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = Aborting    For more information, see Help and Support Center at hxxp://www.mysql.com.


 
Error - 20.08.2011 11:38:18 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = listen() on TCP/IP failed with error 6    For more information, see Help
 and Support Center at hxxp://www.mysql.com.   
 
Error - 20.08.2011 11:38:18 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = Aborting    For more information, see Help and Support Center at hxxp://www.mysql.com.


 
Error - 20.08.2011 11:39:36 | Computer Name = Reinhard-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 20.08.2011 12:56:13 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = listen() on TCP/IP failed with error 6    For more information, see Help
 and Support Center at hxxp://www.mysql.com.   
 
Error - 20.08.2011 12:56:13 | Computer Name = Reinhard-PC | Source = MySQL | ID = 100
Description = Aborting    For more information, see Help and Support Center at hxxp://www.mysql.com.


 
Error - 20.08.2011 12:57:29 | Computer Name = Reinhard-PC | Source = WinMgmt | ID = 10
Description =
 
[ OSession Events ]
Error - 17.06.2011 21:21:03 | Computer Name = Reinhard-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27858
 seconds with 420 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 30.07.2009 13:09:08 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 31.07.2009 04:55:01 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
 
Error - 31.07.2009 04:55:17 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 31.07.2009 04:56:23 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 31.07.2009 05:07:32 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
 
Error - 31.07.2009 05:08:06 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 31.07.2009 05:08:22 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 01.08.2009 15:44:51 | Computer Name = Reinhard-PC | Source = HTTP | ID = 15016
Description =
 
Error - 01.08.2009 15:45:08 | Computer Name = Reinhard-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 01.08.2009 15:46:01 | Computer Name = Reinhard-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >
--- --- ---

[/code]

viele Grüße

Reinhard

kira 17.10.2011 05:44
1.
Programme deinstallieren/entfernen, die wir verwendet haben und nicht brauchst, bis auf:
Code:
CCleaner -> Zeitweise laufen lassen:-> Anleitung
2.
Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
  • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
  • Speichere es auf Deinem Desktop.
  • Doppelklick auf OTL.exe um das Programm auszuführen.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Klicke auf den Button "Bereinigung"
  • OTL fragt eventuell nach einem Neustart.
    Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

3.
reinige dein System mit Ccleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

4.
wenn alles gut verlaufen ist und dein System läuft stabil, mache folgendes:
Erstelle manuell einen Wiederherstellungspunkt: Aktivieren und Deaktivieren der Systemwiederherstellung

4.
Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern
z.B. Login-, Mail- oder Website-Passwörter
Tipps:
Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

Lesestoff Nr.1:
  • Wie erstelle ich ein eingeschränktes Benutzerkonto?
  • Software immer auf dem neuesten Stand halten!:
    ALLE auf dem System installierten Programme und Treiber, sollten regelmäßig upgedatet werden um Sicherheitslücken zu vermeiden und um das reibungslose Arbeitsabläufe zu erreichen!
  • Ein sicherer Browser als IE z.B. *Ein Wechsel des Standardbrowsers zu...von SETI@home* - Firefox - FirefoxWiki/Einstellungen - Erweiterungen für Firefox - Standardbrowser
  • Sichere eMail Clients z.B. Thunderbird-->Erweiterungen für Mozilla Thunderbird
  • Sichere Paswort - Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
    auch noch hier unter: Sicheres Kennwort (Password)
    Die fünf häufigsten Passwort-Fehler[/b[
  • "Never accept software from strangers" - Installiere grundsätzlich immer nur Programme, die Du auch wirklich benötigst und von denen Du überzeugt bist, dass sie seriös sind.
    Du hast die Wahl!, welche zusätzlichen Komponenten noch installiert werden sollen? -> Bei der Installation immer mitlesen, Sponsoren und Partnerprogramme, Toolbars oder eventuell noch andere extra angebotene Programme möglichst abwählen!
  • NICHT irgendwelche Programme aus dem Netz laden, wenn nicht zu 100% fest steht, dass es sich dabei um saubere Software handelt. Nette Versprechen der Hersteller garantieren noch lange keine einwandfreie Funktionsweise, also vorher blättere die Seiten bei GOOGLE, da kannst Du Dir wertvolle Informationen holen!!!
  • Vorsicht bei der Nutzung fremder Computer und anschliessbare Externe Speichermedien wie Festplatte, USB Sticks, Speicherkarten usw![/color] - IT-Betrüger machen keinen Urlaub!/bsi-fuer-buerger.de - auch zeitweise anschließen und scannen lassen (sehe unter `kostenlose Online-Viren-Scanner`)
  • Webseiten ohne Gültiges Impressum nicht besuchen
  • Lizenzkosten sparen? - Vorsicht bei Dateien/Programmen aus nicht vertrauenswürdigen Quellen! - "full Keygen, Crack, Serial, Warez, keygenerators" etc.
    Sind immer verseucht mit diverse Malware/Schadprogramme/Code, es gibt keine seite wo Viren frei ist. (Man sollte nicht absitlich der Teufel holen;)) Eine weitere höchst unsichere Quelle ist das File-Sharing der sog. (Musik-)Tauschbörsen.
    ► Ausserdem machst Du dich damit strafbar!
  • Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!
    Das Installieren von `zuviel` Software beeinträchtigt die Systemleistung und Sicherheit, verlangsamt den Start-Vorgang enorm und belastet den Arbeitsspeicher (weil laufen ja die Programme nebeneinander gleichzeitig, die viel Performance fressen, aber wenig Qualität bringen). Im Laufe der Zeit wird der rechner durch zu viel unnötigen Ballast immer langsamer, und unsicherer. Um so mehr Programme installiert sind, um so häufiger treten Probleme auf, die dann unter Umständen nur schwer lösen können. Dazu kommt noch, das einige Programme große Sicherheitsrisiken mit sich bringen;)
  • Virenscanner
  • BSI für Bürger
  • SETI@home - [Sicherheit] Sicherheitskonzept
  • Entwicklung schädlicher Websites/viruslist.com
  • Brennpunkt: Bilder und Töne
    Gefährliche Bilder, schräge Töne/BSI

** Der gesunde Menschenverstand, Windows und Internet-Software sicher konfigurieren ist der beste Weg zur Sicherheit im Webverkehr ist !!
Zitat:
Da der Bestand der Datenbank wird täglich ergänzt und erweitert bzw werden mit der aktuellen Virendefinition die Informationen über den betroffenen Virus aufgenommen, empfehle ich dir mindestens einmal pro Woche (später genügt es sicherlich einmal im Monat) dein System Online Scannen lassen (immer mit einen anderen Scanner), um eine zweite Meinung einzuholen - Die auf dem Speichermedium gesicherten Daten sollten auch mit einbezogen werden!
(benutzen meist ActiveX und/oder Java): Kostenlose Online Scanner -
Lesestoff Nr.2:
► Kann sich auf Dauer eine Menge Datenmüll ansammeln, sich Fehlermeldungen häufen, der PC ist wahrscheinlich nicht mehr so schnell, wie früher:wünsch Dir alles Gute:)

Wenn Du uns unterstützen möchtest→ Spendekonto


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:22 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19