Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   PUP.FunWebProducts und Adware.MyWebSearch beseitigen (https://www.trojaner-board.de/105459-pup-funwebproducts-adware-mywebsearch-beseitigen.html)

@Martin@ 26.11.2011 21:41
PUP.FunWebProducts und Adware.MyWebSearch beseitigen
 
Hallo Zusammen,

cosinus - Arne hat mir super geholfen, meinen Laptop zu entseuchen. Nun habe ich den meiner Frau gecheckt. Und wieder was gefunden...

Ich brauche also nochmal Eure Hilfe.

Ich habe wieder mit Defogger gestartet, dann OTL und GMER gemacht. Habe auch gleich Malwarebytes Vollscan und Eset gemacht, so wie beim letzten Mal...

Ich hoffe es hilft.

Anbei die Posts:OTL Logfile:
Code:
OTL logfile created on: 26.11.2011 21:06:47 - Run 3
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Documents and Settings\Martin\My Documents\trojaner-board
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,54% Memory free
3,33 Gb Paging File | 2,70 Gb Available in Paging File | 81,20% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 663,25 Gb Total Space | 577,55 Gb Free Space | 87,08% Space Free | Partition Type: NTFS
Drive F: | 30,71 Gb Total Space | 30,64 Gb Free Space | 99,79% Space Free | Partition Type: NTFS
 
Computer Name: MARTINS-DELL | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.11.25 21:11:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martin\My Documents\trojaner-board\OTL.exe
PRC - [2011.11.10 08:45:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Internet\Mozilla Firefox\firefox.exe
PRC - [2011.09.21 10:26:30 | 015,759,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
PRC - [2011.08.24 20:18:44 | 000,129,304 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2011.06.22 10:17:08 | 000,846,056 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.04.19 15:12:22 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2010.06.19 05:26:13 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2010.04.02 15:19:36 | 000,091,456 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010.04.02 15:19:32 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2009.12.06 09:33:41 | 000,207,360 | ---- | M] (AVM Berlin) -- C:\Documents and Settings\Martin\Local Settings\Apps\2.0\C9EHGLLQ.C4N\ALC2LRRR.CLG\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe
PRC - [2009.11.16 13:00:54 | 000,163,144 | ---- | M] (TuneUp Software GmbH) -- C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
PRC - [2008.12.20 12:50:34 | 002,656,528 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008.12.20 12:46:58 | 000,558,864 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2008.12.17 02:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.07.21 21:54:34 | 000,169,312 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
PRC - [2008.07.21 21:53:04 | 000,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.13 18:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\ActiveSync\wcescomm.exe
PRC - [2006.11.13 18:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\ActiveSync\rapimgr.exe
PRC - [2005.11.17 04:35:16 | 000,397,312 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.11.10 08:45:08 | 001,989,592 | ---- | M] () -- C:\Program Files\Internet\Mozilla Firefox\mozjs.dll
MOD - [2011.10.14 02:16:15 | 000,089,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\e4ecfb1a3e829096c44c540ce05a02b6\Vodafone.Base.Internals.ni.dll
MOD - [2011.10.14 02:16:15 | 000,019,968 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\a12c3f3477aae3dfd7bfb61d75e0c5c7\Vodafone.Base.Factory.ni.dll
MOD - [2011.10.14 02:16:05 | 000,080,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\10951a1e27cab7664bf4b602fdcf3903\Vodafone.SmsProfileManager.ni.dll
MOD - [2011.10.14 02:16:05 | 000,056,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\18e3ac2ead3b694e53768e163ac90e06\Vodafone.SettingsManager.ni.dll
MOD - [2011.10.14 02:16:04 | 000,327,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\972b82c5ef1f7a4326db2221b86e7334\Vodafone.DataAccessor.ni.dll
MOD - [2011.10.14 02:16:03 | 000,074,240 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.NtServiceM#\21f6c34c32d7bfaef7bde711fbae6cf1\Vodafone.NtServiceMessaging.ni.dll
MOD - [2011.10.14 02:16:02 | 002,002,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\84416f6d8785323ced68168e300ef24e\MobileBroadbandResources.ni.dll
MOD - [2011.10.14 02:16:01 | 000,321,024 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\0171b99272bbf05b8aa4fa0579d8e2e3\Vodafone.Base.Win32.ni.dll
MOD - [2011.10.14 02:16:01 | 000,181,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\a2ae04e3ccc0f4da0c8c32300e8710e4\Vodafone.Common.ni.dll
MOD - [2011.10.14 02:16:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011.10.14 02:15:40 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\6f65a852f367748d2d1f12acc67b0c71\Vodafone.MobileBroadband.CallbackHandler.ni.dll
MOD - [2011.10.14 02:15:36 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
MOD - [2011.10.14 02:15:35 | 000,158,208 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\afe812e99282bac2e3b8b5016ef0e2b1\Vodafone.Base.Contracts.ni.dll
MOD - [2011.10.14 02:15:34 | 000,673,280 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\0c93ac096f16afd41c31254cab43f3e7\Vodafone.Data.ni.dll
MOD - [2011.10.14 02:15:33 | 001,368,064 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\84fdff774b00359bca0374d1bd162472\Vodafone.Platform.ni.dll
MOD - [2011.10.14 02:15:31 | 000,094,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\d9f26a4527ccbaad91d7f9e60aff06ae\Vodafone.LogEngine.ni.dll
MOD - [2011.10.14 02:15:30 | 001,801,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll
MOD - [2011.10.14 02:15:24 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.14 02:13:02 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.14 02:12:56 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.14 02:12:41 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.14 02:12:07 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\23c5852ff8ed973ff9b63ce9ba7f91f0\PresentationFramework.Royale.ni.dll
MOD - [2011.10.14 02:12:00 | 014,328,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll
MOD - [2011.10.14 02:11:33 | 012,215,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll
MOD - [2011.10.14 02:11:15 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll
MOD - [2011.10.14 02:11:02 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.14 02:10:51 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.08.24 20:17:56 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
MOD - [2011.08.24 20:17:56 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
MOD - [2011.03.15 06:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010.09.22 20:12:20 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2010.04.02 15:19:36 | 000,091,456 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
MOD - [2010.02.28 02:55:42 | 001,040,736 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010.02.05 19:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009.12.06 09:33:32 | 000,368,640 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Apps\2.0\C9EHGLLQ.C4N\ALC2LRRR.CLG\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\managedupnp.dll
MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2008.12.20 12:50:34 | 002,656,528 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
MOD - [2008.12.20 12:46:58 | 000,558,864 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2008.04.14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005.12.19 22:08:30 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2003.07.30 02:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBCPP5C.DLL
MOD - [2002.11.26 19:43:18 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\BrMuSNMP.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.08.24 20:17:56 | 000,200,632 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV - [2011.06.22 10:17:08 | 000,846,056 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.06.12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011.04.19 15:12:22 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2010.06.19 05:26:13 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010.06.19 05:26:09 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.04.02 15:19:36 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009.11.16 12:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008.12.17 02:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.07.21 21:53:04 | 000,193,888 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2007.03.07 20:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.08.24 20:18:04 | 000,205,072 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2011.08.24 20:18:04 | 000,171,280 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tmnciesc.sys -- (tmnciesc)
DRV - [2011.08.24 20:18:04 | 000,092,432 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2011.08.24 20:18:04 | 000,084,752 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmeext.sys -- (tmeext)
DRV - [2011.08.24 20:18:04 | 000,081,168 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2011.08.24 20:18:04 | 000,068,368 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2011.08.18 18:00:36 | 000,601,408 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2011.08.18 18:00:26 | 000,125,472 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\vididr.sys -- (vididr)
DRV - [2011.08.18 18:00:22 | 000,083,392 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\vsflt53.sys -- (vidsflt53) Acronis Disk Storage Filter (53)
DRV - [2011.08.18 18:00:07 | 000,169,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2011.04.18 14:43:36 | 000,114,688 | R--- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2011.04.18 14:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2011.04.18 14:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2011.04.18 14:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2011.04.18 14:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2011.04.18 14:43:36 | 000,009,216 | R--- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2011.04.18 14:43:26 | 000,072,832 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.09.01 13:33:12 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV - [2010.07.20 17:59:06 | 000,044,928 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dvdfab.sys -- (dvdfab)
DRV - [2010.03.11 08:36:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2010.03.11 08:36:24 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2010.03.10 16:25:58 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2009.12.18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009.12.06 09:33:32 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avmaura.sys -- (avmaura)
DRV - [2009.11.18 20:41:08 | 000,024,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NinjaUSB.sys -- (NinjaUSB)
DRV - [2009.10.27 11:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2008.12.17 07:02:06 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008.12.17 07:01:42 | 006,364,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam Pro for Notebooks(UVC)
DRV - [2008.12.17 07:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008.12.17 07:00:12 | 000,768,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008.12.17 02:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007.11.02 20:51:28 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2007.10.12 02:59:12 | 001,920,920 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007.07.23 10:34:12 | 000,069,776 | ---- | M] (FarStone Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fvxscsi.sys -- (FVXSCSI)
DRV - [2007.05.03 18:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2007.03.02 12:48:42 | 000,017,840 | ---- | M] (FarStone Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fcdabus.sys -- (fcdabus)
DRV - [2007.02.25 17:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006.10.05 21:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005.11.17 04:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005.11.03 02:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005.10.14 22:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005.10.14 22:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005.10.14 22:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005.08.12 23:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005.08.05 23:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005.07.22 10:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.07.22 10:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005.07.22 10:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004.02.13 23:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2002.08.07 15:00:10 | 000,083,360 | ---- | M] (Generic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\stlth317.sys -- (Stlth317)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://www.google.com/ig/dell?hl=en&client=dell
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.ask.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}:0.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPWMDRMWrapper: C:\Program Files\Videoload Manager\NPWMDRMWrapper.dll ( )
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2011.07.06 07:44:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\firefoxextension [2011.10.25 11:50:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2011.10.25 11:50:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2011.09.10 12:24:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Internet\Mozilla Firefox\components [2011.11.10 08:45:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Internet\Mozilla Firefox\plugins [2011.06.16 21:08:27 | 000,000,000 | ---D | M]
 
[2008.08.28 12:34:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Extensions
[2011.10.16 06:26:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\7fe24t93.default\extensions
[2010.07.10 22:53:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\7fe24t93.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7FE24T93.DEFAULT\EXTENSIONS\{6D96BB5E-1175-4EBF-8AB5-5F56F1C79F65}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7FE24T93.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7FE24T93.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
 
O1 HOSTS File: ([2004.08.10 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.0.1086\7.0.1086\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [AVMUSBRemoteConnection] C:\Documents and Settings\Martin\Local Settings\Apps\2.0\C9EHGLLQ.C4N\ALC2LRRR.CLG\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\AVMAutoStart.exe (AVM Berlin)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft Office\ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [TuneUp MemOptimizer] C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe (TuneUp Software GmbH)
O4 - HKLM..\RunOnceEx: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft Office\ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft Office\ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} hxxp://www.creative.com/su/ocx/15026/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} hxxp://www.kodakgallery.de/downloads/BUM/BUM_WIN_IE_2/axofupld.cab (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22584E28-E4A5-486D-B1A5-3F42A6176450}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.0.1086\7.0.1086\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Martin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Dell.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.08.16 11:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\##fritz.box#Maxtor-OneTouch-01\Shell - "" = AutoRun
O33 - MountPoints2\##fritz.box#Maxtor-OneTouch-01\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\##fritz.box#Maxtor-OneTouch-01\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{7cb2e07a-cb02-11df-94cc-0015c50001a0}\Shell\AutoRun\command - "" = F1\X1\trx.exe
O33 - MountPoints2\{7cb2e07a-cb02-11df-94cc-0015c50001a0}\Shell\open\command - "" = F1\X1\trx.exe
O33 - MountPoints2\{b837b4e3-a7a3-11e0-951a-0015c50001a0}\Shell - "" = AutoRun
O33 - MountPoints2\{b837b4e3-a7a3-11e0-951a-0015c50001a0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b837b4e3-a7a3-11e0-951a-0015c50001a0}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066)
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067)
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.11.26 10:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.11.26 06:52:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Martin\Application Data\Malwarebytes
[2011.11.26 06:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.26 06:51:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011.11.26 06:51:39 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.11.26 06:51:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.11.25 21:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Martin\My Documents\trojaner-board
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.11.26 21:00:01 | 000,000,502 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2011.11.26 20:46:14 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.26 12:08:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011.11.26 08:44:51 | 009,699,328 | ---- | M] () -- C:\Documents and Settings\Martin\NTUSER.DAT
[2011.11.26 08:21:28 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.26 08:21:24 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011.11.26 08:21:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.26 08:21:14 | 2137,456,640 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.26 08:21:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011.11.26 08:20:35 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Martin\ntuser.ini
[2011.11.26 06:51:45 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.25 21:10:53 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Martin\defogger_reenable
[2011.11.20 20:22:24 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011.11.15 08:08:33 | 000,544,700 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011.11.15 08:08:33 | 000,457,672 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.15 08:08:33 | 000,077,218 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.11.10 07:50:41 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.11.07 13:10:04 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Martin\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.11.26 06:51:45 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.25 21:10:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Martin\defogger_reenable
[2011.08.30 20:39:37 | 006,525,994 | -H-- | C] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\IconCache.db
[2011.08.30 20:34:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\dvdcreator.INI
[2011.08.24 20:21:23 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\SupportTool.exe.bat
[2011.04.18 14:39:56 | 000,226,364 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2010.10.02 20:10:32 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll
[2010.09.16 21:27:54 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2010.08.08 10:22:43 | 000,014,496 | ---- | C] () -- C:\WINDOWS\System32\VDI08X.dat
[2010.08.08 09:39:48 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\DVC.dll
[2010.06.24 10:09:16 | 002,393,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009.12.06 09:36:35 | 000,000,438 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2009.11.18 20:41:08 | 000,024,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\NinjaUSB.sys
[2009.10.12 05:04:04 | 000,004,876 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.04.04 06:47:12 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.03.28 20:47:14 | 000,081,110 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009.01.18 00:37:06 | 000,038,457 | ---- | C] () -- C:\Documents and Settings\Martin\Application Data\Microsoft Excel.ADR
[2009.01.05 05:22:41 | 000,000,619 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2008.12.17 02:58:54 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008.12.17 02:50:56 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLgFT.dll
[2008.04.03 02:16:41 | 000,000,099 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2007.07.28 21:50:17 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
[2007.06.04 02:01:15 | 000,000,918 | ---- | C] () -- C:\WINDOWS\cPVAS.INI
[2007.04.09 01:24:26 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD7820N.dat
[2007.04.09 01:23:59 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2007.04.09 01:23:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2007.04.09 01:19:14 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007.03.17 08:01:03 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2007.03.11 16:56:30 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Martin\Application Data\$_hpcst$.hpc
[2007.03.11 00:30:40 | 000,000,055 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2007.03.11 00:30:40 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2007.03.03 13:33:53 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.03.03 05:34:19 | 000,081,272 | ---- | C] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2007.03.03 05:33:55 | 000,006,580 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007.03.03 05:33:55 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\7EF6AC01EC.sys
[2007.03.02 12:48:44 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\OpenExplor.exe
[2007.03.02 03:47:28 | 000,003,069 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.03.02 03:08:10 | 000,001,158 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2007.03.02 03:08:10 | 000,000,825 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2007.03.02 03:08:10 | 000,000,152 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2007.03.02 03:08:10 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007.03.02 03:07:39 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2007.02.28 20:05:59 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007.02.28 17:41:46 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\fusioncache.dat
[2006.09.18 13:20:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\VDExt800.dll
[2006.09.18 13:20:58 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\VDExt712.dll
[2006.09.18 13:20:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\GDExt800.dll
[2006.09.15 12:55:04 | 000,016,384 | ---- | C] () -- C:\WINDOWS\FSRunCmd.exe
[2006.08.07 17:03:20 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\GDExt712.dll
[2006.03.11 17:58:08 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.03.11 17:50:44 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006.03.11 17:47:39 | 000,000,452 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.03.11 17:46:23 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006.03.11 17:43:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.03.11 17:40:08 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006.03.11 17:16:00 | 000,000,200 | ---- | C] () -- C:\WINDOWS\System32\dlbcplc.ini
[2006.03.11 17:15:58 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2006.03.11 17:15:58 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2006.03.11 17:15:40 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006.03.11 17:15:34 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006.03.11 17:15:22 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006.03.11 17:15:22 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006.03.11 17:15:18 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006.03.11 17:15:12 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.08.16 11:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005.08.16 11:43:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2005.08.16 11:40:59 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2005.08.16 11:40:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2005.08.16 11:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005.08.16 11:38:33 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2005.08.16 11:38:33 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2005.08.16 11:37:25 | 000,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2005.08.16 11:37:25 | 000,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2005.08.16 11:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.08.16 11:33:39 | 000,544,700 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2005.08.16 11:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005.08.16 11:27:59 | 003,610,592 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005.08.16 11:19:02 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll
[2005.08.16 11:19:02 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll
[2005.08.16 11:18:50 | 000,069,886 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2005.08.16 11:18:44 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2005.08.16 11:18:43 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2005.08.16 11:18:43 | 000,000,603 | ---- | C] () -- C:\WINDOWS\win.ini
[2005.08.16 11:18:41 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2005.08.16 11:18:41 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2005.08.16 11:18:36 | 000,011,753 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2005.08.16 11:18:36 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2005.08.16 11:18:35 | 000,291,840 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2005.08.16 11:18:35 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2005.08.16 11:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005.08.16 11:18:34 | 000,012,082 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2005.08.16 11:18:34 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2005.08.16 11:18:33 | 001,291,776 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll
[2005.08.16 11:18:33 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2005.08.16 11:18:33 | 000,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll
[2005.08.16 11:18:33 | 000,457,672 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005.08.16 11:18:33 | 000,386,048 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll
[2005.08.16 11:18:33 | 000,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll
[2005.08.16 11:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005.08.16 11:18:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll
[2005.08.16 11:18:33 | 000,077,218 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005.08.16 11:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005.08.16 11:18:33 | 000,006,877 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2005.08.16 11:18:33 | 000,003,458 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2005.08.16 11:18:33 | 000,002,891 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2005.08.16 11:18:33 | 000,002,732 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2005.08.16 11:18:33 | 000,001,152 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2005.08.16 11:18:33 | 000,000,343 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2005.08.16 11:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005.08.16 11:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005.08.16 11:18:30 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2005.08.16 11:18:29 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2005.08.16 11:18:29 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2005.08.16 11:18:29 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2005.08.16 11:18:29 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2005.08.16 11:18:29 | 000,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2005.08.16 11:18:29 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2005.08.16 11:18:29 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2005.08.16 11:18:29 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2005.08.16 11:18:29 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2005.08.16 11:18:29 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2005.08.16 11:18:28 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2005.08.16 11:18:28 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2005.08.16 11:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.08.16 11:18:25 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2005.08.16 11:18:25 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2005.08.16 11:18:25 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2005.08.16 11:18:25 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2005.08.16 11:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005.08.16 11:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005.08.16 11:18:23 | 000,010,110 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2005.08.16 11:18:22 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2005.08.16 11:18:22 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2005.08.16 11:18:22 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2005.08.16 11:18:22 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll
[2005.08.16 11:18:22 | 000,001,131 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2005.08.16 11:18:20 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2005.08.16 11:18:20 | 000,014,710 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2005.08.16 11:18:19 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2005.08.16 11:18:18 | 000,019,694 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2005.08.16 11:18:17 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2005.08.16 11:18:16 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2005.08.16 11:18:16 | 000,456,192 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2005.08.16 11:18:16 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2005.08.16 11:18:16 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2005.08.16 11:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005.08.16 11:18:08 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll
[2005.08.16 11:18:08 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2005.08.16 11:18:08 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2005.08.16 11:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005.08.16 11:18:07 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2005.08.16 11:18:05 | 000,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2005.08.16 11:18:05 | 000,050,620 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2005.08.16 11:18:04 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2005.08.16 11:18:04 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2005.08.16 11:18:03 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2005.08.16 11:18:03 | 000,009,029 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2005.08.05 21:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.05.12 13:25:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002.03.19 16:30:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\PowerCalc.exe
[2002.03.04 15:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2001.08.18 05:36:42 | 000,055,296 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001.08.18 05:36:28 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2007.03.09 04:05:06 | 000,000,000 | ---D | M] -- C:\2579ec4595d0905378ce3436aae6
[2009.05.01 10:48:16 | 000,000,000 | ---D | M] -- C:\a532cce3b92c59136bcc1e7b9dc1
[2011.08.18 19:38:06 | 000,000,000 | RHSD | M] -- C:\acroldr
[2007.07.28 22:11:20 | 000,000,000 | ---D | M] -- C:\BlueByte
[2007.04.09 01:23:52 | 000,000,000 | ---D | M] -- C:\Brother
[2007.03.02 03:38:33 | 000,000,000 | ---D | M] -- C:\CNYSELPHYCP
[2011.11.10 08:06:24 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2007.02.28 19:22:15 | 000,000,000 | ---D | M] -- C:\ddf82f6c36ebce02e9af81f67f6e
[2010.08.12 14:10:19 | 000,000,000 | ---D | M] -- C:\dell
[2007.02.28 17:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings
[2006.03.11 17:15:58 | 000,000,000 | ---D | M] -- C:\drivers
[2010.09.16 21:26:19 | 000,000,000 | ---D | M] -- C:\gs
[2007.03.02 03:26:18 | 000,000,000 | ---D | M] -- C:\i386
[2010.08.08 09:17:36 | 000,000,000 | ---D | M] -- C:\MediaphorAG
[2011.01.27 20:10:10 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.11.26 10:12:31 | 000,000,000 | ---D | M] -- C:\Program Files
[2007.02.28 17:54:21 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011.09.16 21:40:13 | 000,000,000 | ---D | M] -- C:\SIERRA
[2007.02.28 17:41:27 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.08.16 21:04:37 | 000,000,000 | ---D | M] -- C:\temp
[2011.11.26 08:22:22 | 000,000,000 | ---D | M] -- C:\WINDOWS
 
< %PROGRAMFILES%\*.exe >
 
Invalid Environment Variable: LOCALAPPDATA
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.manifest /3 >
[10 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
 
< MD5 for: EXPLORER.EXE  >
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007.06.13 12:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 11:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.10 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2008.04.14 01:12:32 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\regedit.exe
[2008.04.14 01:12:32 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
[2008.04.14 01:12:32 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\system32\dllcache\regedit.exe
[2004.08.10 12:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=783AFC80383C176B22DBF8333343992D -- C:\i386\REGEDIT.EXE
[2004.08.10 12:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=783AFC80383C176B22DBF8333343992D -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2004.08.10 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004.08.10 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.10 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004.08.10 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2011.09.06 14:20:51 | 001,858,944 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-12 07:59:40

< End of report >
--- --- ---

Vielen Dank!

Martin

Larusso 26.11.2011 21:53
:hallo:

Mein Name ist Daniel und ich werde dir mit deinem Malware Relvanten Problemen helfen.

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen erst einmal durch. Sollte irgendetwas unklar sein, Frage bevor du beginnst.
  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden
  • Sollte ich innerhalb der nächsten 3 Tage keine Antwort von dir erhalten, werde ich das Thema aus meinen Abonnements löschen.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst und Installiere / Deinstalliere keine Software ohne Aufforderung.
  • Poste die Logfiles direkt in deinen Thread und nicht als Anhang, ausser du wurdest dazu aufgefordert. Erschwert mir das Auswerten.


Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.


Schritt 1

Deinstalliere bitte TuneUp. Dieses Ding hat schon mehr geschrottet als wieder zum laufen gebracht.



Schritt 2

Viewpoint wird als Foistware eingestuft. Es installiert sich ohne deinem Wissen. Es macht zwar nichts böses, würde dir aber denoch raten die Finger davon zu lassen und folgendes zu deinstallieren (falls vorhanden)
Viewpoint, Viewpoint Manager, Viewpoint Media Player.



Schritt 3

Lass bitte Malwarebytes erneut laufen ( Quick Scan ). Gehe sicher, dass alle Funde angehakt sind und drücke auf Entferne Auswahl



Schritt 4

Starte bitte OTL.exe und drücke den Quick Scan Button.
Poste die OTL.txt hier in deinen Thread.



Bitte poste in deiner nächsten Antwort
MBAM Log
OTL.txt

@Martin@ 26.11.2011 23:29
Hallo Daniel,

:dankeschoen:

Danke, dass Du übernimmst!

Schritt 1 - done
Schritt 2 - done

beides über Windows - Software hinzufügen/entfernen

Schritt 3 -
ich habe 2 posts, denn ich hatte schon einen Vollscan mit Entfernen am Laufen. Ich habe noch den Qick-Scan nachgeschoben - also hast Du 2x mbam.
Mbam hat beim 2. Mal nichts mehr gefunden.

Schritt 4 - done

Anbei die Posts.

Viele Grüße
MartinOTL Logfile:
Code:
OTL logfile created on: 26.11.2011 23:08:14 - Run 4
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Documents and Settings\Martin\My Documents\trojaner-board
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 59,38% Memory free
3,33 Gb Paging File | 2,67 Gb Available in Paging File | 80,37% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 663,25 Gb Total Space | 577,53 Gb Free Space | 87,08% Space Free | Partition Type: NTFS
Drive F: | 30,71 Gb Total Space | 30,64 Gb Free Space | 99,79% Space Free | Partition Type: NTFS
 
Computer Name: MARTINS-DELL | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.11.25 21:11:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martin\My Documents\trojaner-board\OTL.exe
PRC - [2011.11.10 08:45:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Internet\Mozilla Firefox\firefox.exe
PRC - [2011.08.24 20:18:44 | 001,006,864 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2011.08.24 20:18:44 | 000,129,304 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2011.08.24 20:17:56 | 000,200,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
PRC - [2011.08.24 20:17:56 | 000,142,952 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
PRC - [2011.06.22 10:17:08 | 000,846,056 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.04.19 15:12:22 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2010.04.02 15:19:36 | 000,091,456 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010.04.02 15:19:32 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2009.12.06 09:33:41 | 000,207,360 | ---- | M] (AVM Berlin) -- C:\Documents and Settings\Martin\Local Settings\Apps\2.0\C9EHGLLQ.C4N\ALC2LRRR.CLG\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe
PRC - [2008.12.20 12:50:34 | 002,656,528 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008.12.20 12:46:58 | 000,558,864 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2008.12.17 02:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.07.21 21:54:34 | 000,169,312 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
PRC - [2008.07.21 21:53:04 | 000,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.13 18:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\ActiveSync\wcescomm.exe
PRC - [2006.11.13 18:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\ActiveSync\rapimgr.exe
PRC - [2005.11.17 04:35:16 | 000,397,312 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.11.10 08:45:08 | 001,989,592 | ---- | M] () -- C:\Program Files\Internet\Mozilla Firefox\mozjs.dll
MOD - [2011.10.14 02:16:15 | 000,089,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\e4ecfb1a3e829096c44c540ce05a02b6\Vodafone.Base.Internals.ni.dll
MOD - [2011.10.14 02:16:15 | 000,019,968 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\a12c3f3477aae3dfd7bfb61d75e0c5c7\Vodafone.Base.Factory.ni.dll
MOD - [2011.10.14 02:16:05 | 000,080,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\10951a1e27cab7664bf4b602fdcf3903\Vodafone.SmsProfileManager.ni.dll
MOD - [2011.10.14 02:16:05 | 000,056,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\18e3ac2ead3b694e53768e163ac90e06\Vodafone.SettingsManager.ni.dll
MOD - [2011.10.14 02:16:04 | 000,327,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\972b82c5ef1f7a4326db2221b86e7334\Vodafone.DataAccessor.ni.dll
MOD - [2011.10.14 02:16:03 | 000,074,240 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.NtServiceM#\21f6c34c32d7bfaef7bde711fbae6cf1\Vodafone.NtServiceMessaging.ni.dll
MOD - [2011.10.14 02:16:02 | 002,002,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\84416f6d8785323ced68168e300ef24e\MobileBroadbandResources.ni.dll
MOD - [2011.10.14 02:16:01 | 000,321,024 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\0171b99272bbf05b8aa4fa0579d8e2e3\Vodafone.Base.Win32.ni.dll
MOD - [2011.10.14 02:16:01 | 000,181,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\a2ae04e3ccc0f4da0c8c32300e8710e4\Vodafone.Common.ni.dll
MOD - [2011.10.14 02:16:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011.10.14 02:15:40 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\6f65a852f367748d2d1f12acc67b0c71\Vodafone.MobileBroadband.CallbackHandler.ni.dll
MOD - [2011.10.14 02:15:36 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
MOD - [2011.10.14 02:15:35 | 000,158,208 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\afe812e99282bac2e3b8b5016ef0e2b1\Vodafone.Base.Contracts.ni.dll
MOD - [2011.10.14 02:15:34 | 000,673,280 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\0c93ac096f16afd41c31254cab43f3e7\Vodafone.Data.ni.dll
MOD - [2011.10.14 02:15:33 | 001,368,064 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\84fdff774b00359bca0374d1bd162472\Vodafone.Platform.ni.dll
MOD - [2011.10.14 02:15:31 | 000,094,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\d9f26a4527ccbaad91d7f9e60aff06ae\Vodafone.LogEngine.ni.dll
MOD - [2011.10.14 02:15:30 | 001,801,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll
MOD - [2011.10.14 02:15:24 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.14 02:13:02 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.14 02:12:56 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.14 02:12:41 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.14 02:12:07 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\23c5852ff8ed973ff9b63ce9ba7f91f0\PresentationFramework.Royale.ni.dll
MOD - [2011.10.14 02:12:00 | 014,328,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll
MOD - [2011.10.14 02:11:33 | 012,215,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll
MOD - [2011.10.14 02:11:15 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll
MOD - [2011.10.14 02:11:02 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.14 02:10:51 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.08.24 20:18:45 | 000,174,624 | ---- | M] () -- C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
MOD - [2011.08.24 20:18:02 | 000,442,368 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\sqlite3.dll
MOD - [2011.08.24 20:17:58 | 001,081,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
MOD - [2011.08.24 20:17:56 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
MOD - [2011.08.24 20:17:56 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
MOD - [2011.08.24 20:17:56 | 000,012,288 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_system-vc80-mt-1_36.dll
MOD - [2011.03.15 06:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010.04.02 15:19:36 | 000,091,456 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
MOD - [2010.02.05 19:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009.12.06 09:33:32 | 000,368,640 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Apps\2.0\C9EHGLLQ.C4N\ALC2LRRR.CLG\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\managedupnp.dll
MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2008.12.20 12:50:34 | 002,656,528 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
MOD - [2008.12.20 12:46:58 | 000,558,864 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2008.04.14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005.12.19 22:08:30 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2003.07.30 02:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBCPP5C.DLL
MOD - [2002.11.26 19:43:18 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\BrMuSNMP.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.08.24 20:17:56 | 000,200,632 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV - [2011.06.22 10:17:08 | 000,846,056 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.06.12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011.04.19 15:12:22 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2010.04.02 15:19:36 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2008.12.17 02:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.07.21 21:53:04 | 000,193,888 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2007.03.07 20:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.08.24 20:18:04 | 000,205,072 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2011.08.24 20:18:04 | 000,171,280 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tmnciesc.sys -- (tmnciesc)
DRV - [2011.08.24 20:18:04 | 000,092,432 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2011.08.24 20:18:04 | 000,084,752 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmeext.sys -- (tmeext)
DRV - [2011.08.24 20:18:04 | 000,081,168 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2011.08.24 20:18:04 | 000,068,368 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2011.08.18 18:00:36 | 000,601,408 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2011.08.18 18:00:26 | 000,125,472 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\vididr.sys -- (vididr)
DRV - [2011.08.18 18:00:22 | 000,083,392 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\vsflt53.sys -- (vidsflt53) Acronis Disk Storage Filter (53)
DRV - [2011.08.18 18:00:07 | 000,169,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2011.04.18 14:43:36 | 000,114,688 | R--- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2011.04.18 14:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2011.04.18 14:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2011.04.18 14:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2011.04.18 14:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2011.04.18 14:43:36 | 000,009,216 | R--- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2011.04.18 14:43:26 | 000,072,832 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.09.01 13:33:12 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV - [2010.07.20 17:59:06 | 000,044,928 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dvdfab.sys -- (dvdfab)
DRV - [2010.03.11 08:36:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2010.03.11 08:36:24 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2010.03.10 16:25:58 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2009.12.18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009.12.06 09:33:32 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avmaura.sys -- (avmaura)
DRV - [2009.11.18 20:41:08 | 000,024,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NinjaUSB.sys -- (NinjaUSB)
DRV - [2009.10.27 11:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2008.12.17 07:02:06 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008.12.17 07:01:42 | 006,364,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam Pro for Notebooks(UVC)
DRV - [2008.12.17 07:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008.12.17 07:00:12 | 000,768,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008.12.17 02:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007.11.02 20:51:28 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2007.10.12 02:59:12 | 001,920,920 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007.07.23 10:34:12 | 000,069,776 | ---- | M] (FarStone Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fvxscsi.sys -- (FVXSCSI)
DRV - [2007.05.03 18:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2007.03.02 12:48:42 | 000,017,840 | ---- | M] (FarStone Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fcdabus.sys -- (fcdabus)
DRV - [2007.02.25 17:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006.10.05 21:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005.11.17 04:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005.11.03 02:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005.10.14 22:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005.10.14 22:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005.10.14 22:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005.08.12 23:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005.08.05 23:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005.07.22 10:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.07.22 10:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005.07.22 10:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004.02.13 23:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2002.08.07 15:00:10 | 000,083,360 | ---- | M] (Generic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\stlth317.sys -- (Stlth317)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://www.google.com/ig/dell?hl=en&client=dell
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.ask.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}:0.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPWMDRMWrapper: C:\Program Files\Videoload Manager\NPWMDRMWrapper.dll ( )
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2011.07.06 07:44:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\firefoxextension [2011.10.25 11:50:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2011.10.25 11:50:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2011.09.10 12:24:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Internet\Mozilla Firefox\components [2011.11.10 08:45:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Internet\Mozilla Firefox\plugins [2011.06.16 21:08:27 | 000,000,000 | ---D | M]
 
[2008.08.28 12:34:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Extensions
[2011.10.16 06:26:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\7fe24t93.default\extensions
[2010.07.10 22:53:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\7fe24t93.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7FE24T93.DEFAULT\EXTENSIONS\{6D96BB5E-1175-4EBF-8AB5-5F56F1C79F65}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7FE24T93.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7FE24T93.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
 
O1 HOSTS File: ([2004.08.10 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.0.1086\7.0.1086\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [AVMUSBRemoteConnection] C:\Documents and Settings\Martin\Local Settings\Apps\2.0\C9EHGLLQ.C4N\ALC2LRRR.CLG\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\AVMAutoStart.exe (AVM Berlin)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft Office\ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart File not found
O4 - HKLM..\RunOnceEx: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft Office\ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft Office\ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} hxxp://www.creative.com/su/ocx/15026/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} hxxp://www.kodakgallery.de/downloads/BUM/BUM_WIN_IE_2/axofupld.cab (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22584E28-E4A5-486D-B1A5-3F42A6176450}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.0.1086\7.0.1086\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Martin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Dell.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.08.16 11:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\##fritz.box#Maxtor-OneTouch-01\Shell - "" = AutoRun
O33 - MountPoints2\##fritz.box#Maxtor-OneTouch-01\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\##fritz.box#Maxtor-OneTouch-01\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{7cb2e07a-cb02-11df-94cc-0015c50001a0}\Shell\AutoRun\command - "" = F1\X1\trx.exe
O33 - MountPoints2\{7cb2e07a-cb02-11df-94cc-0015c50001a0}\Shell\open\command - "" = F1\X1\trx.exe
O33 - MountPoints2\{b837b4e3-a7a3-11e0-951a-0015c50001a0}\Shell - "" = AutoRun
O33 - MountPoints2\{b837b4e3-a7a3-11e0-951a-0015c50001a0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b837b4e3-a7a3-11e0-951a-0015c50001a0}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.11.26 10:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.11.26 06:52:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Martin\Application Data\Malwarebytes
[2011.11.26 06:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.26 06:51:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011.11.26 06:51:39 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.11.26 06:51:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.11.25 21:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Martin\My Documents\trojaner-board
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.11.26 22:51:19 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.26 22:51:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.26 22:51:05 | 2137,456,640 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.26 22:46:01 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.26 12:08:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011.11.26 08:21:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011.11.26 06:51:45 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.25 21:10:53 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Martin\defogger_reenable
[2011.11.20 20:22:24 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011.11.15 08:08:33 | 000,457,672 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.15 08:08:33 | 000,077,218 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.11.10 07:50:41 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.11.07 13:10:04 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Martin\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.11.26 06:51:45 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.25 21:10:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Martin\defogger_reenable
[2011.08.30 20:34:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\dvdcreator.INI
[2011.08.24 20:21:23 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\SupportTool.exe.bat
[2011.04.18 14:39:56 | 000,226,364 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2010.10.02 20:10:32 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll
[2010.09.16 21:27:54 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2010.08.08 10:22:43 | 000,014,496 | ---- | C] () -- C:\WINDOWS\System32\VDI08X.dat
[2010.08.08 09:39:48 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\DVC.dll
[2010.06.24 10:09:16 | 002,393,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009.12.06 09:36:35 | 000,000,438 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2009.11.18 20:41:08 | 000,024,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\NinjaUSB.sys
[2009.10.12 05:04:04 | 000,004,876 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.04.04 06:47:12 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.03.28 20:47:14 | 000,081,110 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009.01.18 00:37:06 | 000,038,457 | ---- | C] () -- C:\Documents and Settings\Martin\Application Data\Microsoft Excel.ADR
[2009.01.05 05:22:41 | 000,000,619 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2008.12.17 02:58:54 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008.12.17 02:50:56 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLgFT.dll
[2008.04.03 02:16:41 | 000,000,099 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2007.07.28 21:50:17 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
[2007.06.04 02:01:15 | 000,000,918 | ---- | C] () -- C:\WINDOWS\cPVAS.INI
[2007.04.09 01:24:26 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD7820N.dat
[2007.04.09 01:23:59 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2007.04.09 01:23:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2007.04.09 01:19:14 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007.03.11 16:56:30 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Martin\Application Data\$_hpcst$.hpc
[2007.03.11 00:30:40 | 000,000,055 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2007.03.11 00:30:40 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2007.03.03 13:33:53 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.03.03 05:33:55 | 000,006,580 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007.03.03 05:33:55 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\7EF6AC01EC.sys
[2007.03.02 12:48:44 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\OpenExplor.exe
[2007.03.02 03:47:28 | 000,003,069 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.03.02 03:08:10 | 000,001,158 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2007.03.02 03:08:10 | 000,000,825 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2007.03.02 03:08:10 | 000,000,152 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2007.03.02 03:08:10 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007.03.02 03:07:39 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2007.02.28 20:05:59 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007.02.28 17:41:46 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\fusioncache.dat
[2006.09.18 13:20:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\VDExt800.dll
[2006.09.18 13:20:58 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\VDExt712.dll
[2006.09.18 13:20:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\GDExt800.dll
[2006.09.15 12:55:04 | 000,016,384 | ---- | C] () -- C:\WINDOWS\FSRunCmd.exe
[2006.08.07 17:03:20 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\GDExt712.dll
[2006.03.11 17:58:08 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.03.11 17:50:44 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006.03.11 17:47:39 | 000,000,452 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.03.11 17:46:23 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006.03.11 17:43:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.03.11 17:40:08 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006.03.11 17:16:00 | 000,000,200 | ---- | C] () -- C:\WINDOWS\System32\dlbcplc.ini
[2006.03.11 17:15:58 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2006.03.11 17:15:58 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2006.03.11 17:15:40 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006.03.11 17:15:34 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006.03.11 17:15:22 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006.03.11 17:15:22 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006.03.11 17:15:18 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006.03.11 17:15:12 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.08.16 11:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005.08.16 11:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005.08.16 11:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.08.16 11:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005.08.16 11:27:59 | 003,610,592 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005.08.16 11:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005.08.16 11:18:33 | 000,457,672 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005.08.16 11:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005.08.16 11:18:33 | 000,077,218 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005.08.16 11:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005.08.16 11:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005.08.16 11:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005.08.16 11:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.08.16 11:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005.08.16 11:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005.08.16 11:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005.08.16 11:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005.08.05 21:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.05.12 13:25:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002.03.19 16:30:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\PowerCalc.exe
[2002.03.04 15:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
 
========== LOP Check ==========
 
[2011.08.18 19:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2008.08.27 23:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2007.10.02 02:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eday2day02
[2010.08.08 11:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\farstone
[2010.03.10 20:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fluxDVD
[2007.12.09 13:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2010.03.10 20:18:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\mpDRM
[2011.06.06 10:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010.09.15 15:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2007.04.09 01:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2011.03.03 22:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010.02.13 11:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011.07.06 08:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone
[2011.01.30 20:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010.02.13 11:00:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2011.08.18 19:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Acronis
[2010.12.23 20:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Amazon
[2010.10.03 09:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\BOM
[2007.04.13 15:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Bytemobile
[2010.10.16 15:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2007.09.29 19:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Cuttermaran
[2011.01.30 21:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\DVDFab
[2007.10.29 00:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Eday2day02
[2010.08.08 10:27:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\FarStone
[2007.05.26 00:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Leadertech
[2009.02.18 03:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Learn2.com
[2011.03.03 19:09:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\PCDr
[2007.04.09 01:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\ScanSoft
[2011.08.17 21:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\SystemRequirementsLab
[2011.02.11 10:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\TeamViewer
[2010.02.13 11:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\TuneUp Software
[2011.07.06 08:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Vodafone
[2011.07.06 08:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Vodafone Mobile Broadband
[2011.11.20 20:22:24 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

Larusso 26.11.2011 23:39
Noch Probleme ?

@Martin@ 26.11.2011 23:44
Im Moment nicht. Ich werde es beobachten.

Gruß
Martin

Larusso 26.11.2011 23:45
Starte bitte OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.



Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.


Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

@Martin@ 26.11.2011 23:52
Ok, mache ich - aber nicht mehr heute Nacht. Sieht nach etwas Arbeit aus.

Vielen Dank für Deine Tips. Ich hoffe, ich fange mir nicht gleich wieder was ein...:killpc:

Gruß
Martin

Larusso 27.11.2011 00:04
Ich behalte das Thema noch 2-3 Tage in meinen Abos, falls doch noch Fragen auftreten :)

@Martin@ 28.11.2011 06:40
Guten Morgen Daniel,

ich bin immer noch dabei,alles etsprechend umzusetzen.

Leider habe ich ein Problem mit Secunia. Es wird als tray icon angezeigt, zeigt auch den Status. Aber wenn ich es öffnen will, geht das Fenster immer gleich wieder zu, ohne dass etwas angezeigt wird.

Hast Du vielleicht eine Idee, was falsch läuft?

Danke und Gruß
Martin

Larusso 28.11.2011 15:47
Neu Installation von Secunia könnte helfen :)

Larusso 01.12.2011 16:44
Froh das wir helfen konnten :abklatsch:

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:47 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131