Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Problem mit Mediashifting (https://www.trojaner-board.de/107973-problem-mediashifting.html)

Marzipan 11.01.2012 22:46
Problem mit Mediashifting
 
Hallo! Ich habe auch das "Mediashifting" -Problem. Ich habe bereits über das Thema hier im Forum gelesen, jedoch kann ich in diesen Themen nicht "antworten".
So wie ich das bis jetzt verstanden habe, muss ich den Text, der mir nach einem Scan angezeigt wird hier posten. Was habe ich dann zu tun? Ich bitte um eure Hilfe! :)

Das ist der Text, der mir angezeigt wird, nachdem ich einen Scan mit dem Programm "OTL" durchgeführt habe:

1. Extra.Txt

OTL Extras logfile created on: 11.01.2012 22:28:12 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\The Killer Flower\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 46,61% Memory free
6,21 Gb Paging File | 4,69 Gb Available in Paging File | 75,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,91 Gb Total Space | 71,47 Gb Free Space | 51,45% Space Free | Partition Type: NTFS

Computer Name: LUISAS-PC | User Name: The Killer Flower | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004840FA-F3ED-482C-B2B4-D56B52889A0E}" = lport=139 | protocol=6 | dir=in | app=system |
"{033BEA0D-8058-4141-84B5-1E6178D33901}" = lport=138 | protocol=17 | dir=in | app=system |
"{05D773DA-6EC1-41A3-B48B-9D40C56FF2E7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0AA6F1EE-0845-4F75-B15D-F854EF7B1D56}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{195CAE6C-581F-4E8E-932A-57A6F5743C2E}" = rport=138 | protocol=17 | dir=out | app=system |
"{3DB9B721-25C8-44B5-AA0E-FED5B1A859C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4FC91C24-A1C7-4281-BC75-3643F392B9EC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5353F40F-ECC5-4234-96E5-F5679051BDDA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{539435D7-583F-42D2-8F07-C70AB9433074}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5E901BB4-CD70-4628-875B-F8F3E2D60B45}" = lport=10243 | protocol=6 | dir=in | app=system |
"{677465DB-5D1F-4D5B-9538-3A57B78089DE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7E673F70-1508-4DB7-B892-747DA99B19F2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{96B30827-09F7-456D-8B8D-B1506A535BF9}" = rport=445 | protocol=6 | dir=out | app=system |
"{A0D1A508-6B22-4BF7-91FA-4F9F20C97EA8}" = rport=137 | protocol=17 | dir=out | app=system |
"{B2901C74-7BA7-42BC-9B71-0AD5A570D83A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C47E733F-94E4-4599-81A9-C5F6533395D6}" = lport=137 | protocol=17 | dir=in | app=system |
"{C73249EF-0FF6-4E42-8AB4-44E24D769D8F}" = lport=445 | protocol=6 | dir=in | app=system |
"{CB2466CB-4F33-4834-8D82-479E8AD95DE2}" = rport=139 | protocol=6 | dir=out | app=system |
"{E9D42B87-6638-40C1-90BA-3A27F55C95DB}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16B5D002-C457-4B91-B605-D1D04DE788D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{173AA285-9D6D-49A1-8CD5-D060D752BC75}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{239BDB82-FA0B-4AEC-97B7-CB5D67488FB3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{40942E56-AB64-4D98-A3B6-BFD9A5473A3D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{443F9757-E0BB-4A7D-93E0-6E9EDE453460}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4482F132-D8AE-437D-BF83-227E877997BA}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{47DFB931-ADD3-44E9-B922-AFA7C13C2FE3}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{58159901-CEFE-4090-AD4F-EBC2F7F1C9DA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{715BEC0E-65FA-40D5-8C5E-667E7AC6716F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7566EAC5-71B1-4173-ACE6-E06E6B137C6F}" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"{765415F5-56A0-43CA-8473-C411C93329F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{769DA9BE-E2D2-49ED-9CB2-9DED21BDE8AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E73C5D1-F12E-490B-97B5-920EEA0A8C50}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8E9B8802-C293-4FF3-9BF1-1AF7E54671DE}" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"{92888759-1C39-44DF-AC38-0C9634EDEB61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A87DD0A-F231-469E-B05C-940104C19565}" = protocol=6 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{A8551170-6798-4287-8063-085B079E1EEB}" = protocol=17 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{ACC5FA27-0147-457C-8971-9660E72423AF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BCC9C73E-B1A3-42A8-86EA-70225C796E24}" = protocol=6 | dir=out | app=system |
"{C0BF935A-11B3-4856-916A-5FF1FD4D0E95}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C303376B-F082-4A99-87E5-D7E1C6BCF2FB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CF205E37-6897-48DC-92DF-8E165C1B7AE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6408DEE-FB3E-40D9-A51C-2CA0FB40D9AE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{DD500732-C6C4-4D6B-9CBD-E4EB45FEA835}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{ECA6682A-3C80-4C79-96C7-608900DC7504}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F17ECFC0-A10B-4D2F-A971-37CED4AA750E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC00B548-A9FC-443E-82AA-A7867E74B34A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{A129BF5A-1B29-4008-B41F-AB756938D8DA}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{AAFF38A5-C90B-4FC7-A8A4-53A48A323924}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{4F1CB385-BDCB-44AF-AAD1-96C1E30D0555}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{D82F42BF-1F1F-43C5-93D7-991C6C32475A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0709B06B-82BC-6073-0E43-DE107DF1389C}" = Catalyst Control Center Localization Spanish
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{11D03BF4-A66F-325E-7762-4F64586C673F}" = Catalyst Control Center Graphics Full New
"{15EB6A85-A28D-2ED8-C344-DEBC592F2E12}" = Catalyst Control Center Localization German
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1E05CF2E-BF5F-4A43-9147-2CCBBE57BC3C}_is1" = Mein Gutscheincode Finder 1.0.0.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{28C3CD30-2DF4-FEFA-3F4E-D6C1C3257FCE}" = ccc-core-static
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{31bc7344-eae3-4f1a-828a-080ef2dcf4ba}" = Nero 9 Essentials
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20
"{32C2CBBB-4540-E526-206D-B7BC7932D82F}" = CCC Help Danish
"{36EC81EE-8A31-C08E-5C9D-904DFD8CB91F}" = myphotobook.de
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{425819E1-D68E-8CE1-85D5-CDBA64E82DDE}" = CCC Help Japanese
"{4392E2AF-1643-29DA-E873-C94D547467D7}" = Catalyst Control Center Localization Swedish
"{44FDDB51-0E97-DD4A-9FB2-8D394DBEE47F}" = CCC Help Dutch
"{459F8ABE-28DB-4F9E-9F96-3149C332FA83}" = Lernwerkstatt 7
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{48C86A94-A6C0-D2D0-1649-ECB00D2DF4DE}" = Catalyst Control Center Localization Norwegian
"{48CC1AD8-2013-82B3-284F-E0253195664F}" = Catalyst Control Center Localization French
"{496C34BF-9DE5-9628-48CC-052DD6A8453E}" = Catalyst Control Center Core Implementation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A4D109A-D9C4-E460-4F9A-0252F581D600}" = CCC Help Swedish
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5}" = Catalyst Control Center - Branding
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57847CB0-95DA-D785-B170-1F00FC79B860}" = Catalyst Control Center Localization Chinese Traditional
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5A72A2C4-9D4A-0718-DA28-95B73C2270DA}" = Catalyst Control Center Localization Danish
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires
"{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1" = Java-Editor 10.4f, 2010.09.18
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{682FED0E-738E-0048-F448-B3EE427978CC}" = Catalyst Control Center Localization Japanese
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B00208E-2844-7480-5F50-6515A5907F0B}" = CCC Help Norwegian
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = Die Sims™ 2 IKEA® Home-Accessoires
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76E12A66-1AEC-3816-E75A-330998F2D40C}" = CCC Help Korean
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79FBDD2E-DD2B-141A-DCF0-B8C125B5A008}" = Catalyst Control Center Graphics Previews Vista
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C63DFEB-6176-C3F1-AA83-F997E32B44EA}" = Catalyst Control Center Localization Portuguese
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{84557D91-D8C7-D7A4-1393-3AB3A16106C7}" = CCC Help Chinese Traditional
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9266D931-C05C-86F5-B74A-B1A382249916}" = Catalyst Control Center Localization Italian
"{94333A1C-DC4A-E70F-FA92-16AB6F2443D6}" = Catalyst Control Center Graphics Full Existing
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974BBAF1-048D-4230-2254-62FEA00B18E9}" = Skins
"{998D91BE-65FE-8B9D-5C6E-1D52401EAAA1}" = CCC Help English
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB377EE-454D-374C-C309-D2DFA9AB535B}" = CCC Help Italian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = Die Sims™ 2: Glamour-Accessoires
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A4874CD2-6942-E7A7-3690-277B9CB56DF5}" = Catalyst Control Center Graphics Light
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B578DD15-CB17-CBB8-611E-D1AE7D5568AC}" = Catalyst Control Center Graphics Previews Common
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BC5C42B3-CE50-8D5E-A495-6C48C0FF6336}" = CCC Help Portuguese
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEFFB92B-8238-E6B7-E9D4-494BA407E593}" = Catalyst Control Center Localization Korean
"{BFC19AEE-8C4D-65BF-3BAE-729D1252E86C}" = Catalyst Control Center InstallProxy
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C177F7FD-C061-003B-47F6-41483424517B}" = Catalyst Control Center Localization Chinese Standard
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio 5
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3171626-2269-7CF9-82AC-7BFC534A0E6A}" = ccc-utility
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D86C72D4-57DB-D59E-1FE3-9ED8819B28C4}" = Catalyst Control Center Localization Russian
"{DAD207CE-44D2-0C73-198B-8DD3B4F27426}" = CCC Help Spanish
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E1ED3247-902C-9B94-31AB-81572A6D77AA}" = Catalyst Control Center Localization Dutch
"{E374F278-E64E-D574-332F-AE9241580749}" = CCC Help Chinese Standard
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E60E58A1-6093-3DFC-C382-3702EFB40F0E}" = CCC Help French
"{E87A027B-8051-4323-1B8D-34CB90A9EEBE}" = CCC Help German
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EAD1C99F-6325-E477-C94C-58B2DB656959}" = Catalyst Control Center Localization Finnish
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F688B66F-AC95-809B-0056-154AF871D5EF}" = CCC Help Finnish
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{FC41BB0E-F005-F0B8-9040-18E935D752E7}" = CCC Help Russian
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlueJ_is1" = BlueJ 2.5.3
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"conduitEngine" = Conduit Engine
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309)
"de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = myphotobook.de
"Dell Video Chat" = Dell Video Chat
"Dell Webcam Central" = Dell Webcam Central
"ElsterFormular 12.4.1.7699p" = ElsterFormular
"ElsterFormular 2008 - 2009 2008-2009" = ElsterFormular 2008 - 2009
"GoldWave v5.25" = GoldWave v5.25
"ICQToolbar" = ICQ Toolbar
"InstallShield_{459F8ABE-28DB-4F9E-9F96-3149C332FA83}" = Lernwerkstatt 7
"LastFM Motorokr Screensaver" = LastFM Motorokr Screensaver
"LastFM_is1" = Last.fm 1.5.4.27091
"lgx4.lgx.server" = G DATA Logox4 Speechengine
"LuPO_is1" = LuPO 1.0.2.43
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MinuteMan" = MinuteMan
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MyFreeCodec" = MyFreeCodec
"PDF Editor 3" = PDF Editor 3
"PDF Reader 3" = PDF Reader 3
"RollerCoaster Tycoon Setup" = Roll
"Songbird-release-1959" = Songbird 1.9.3 (Build 1959)
"TIMELEFT3_is1" = TimeLeft
"VLC media player" = VLC media player 1.1.7
"WinGimp-2.0_is1" = GIMP 2.6.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"Winload Toolbar" = Winload Toolbar
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"Zoo Tycoon 2" = Zoo Tycoon 2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 30.12.2011 09:10:58 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3276

Error - 30.12.2011 09:10:59 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 30.12.2011 09:10:59 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4680

Error - 30.12.2011 09:10:59 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4680

Error - 30.12.2011 10:50:01 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 30.12.2011 10:50:01 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5945994

Error - 30.12.2011 10:50:01 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5945994

Error - 30.12.2011 10:50:02 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 30.12.2011 10:50:02 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5947195

Error - 30.12.2011 10:50:02 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5947195

[ Broadcom Wireless LAN Events ]
Error - 25.07.2011 05:54:35 | Computer Name = Luisas-PC | Source = WLAN-Tray | ID = 0
Description = 11:54:34, Mon, Jul 25, 11 Error - Unable to gain access to user store


Error - 30.12.2011 13:31:28 | Computer Name = Luisas-PC | Source = WLAN-Tray | ID = 0
Description = 18:31:27, Fri, Dec 30, 11 Error - Unable to gain access to user store


[ System Events ]
Error - 31.12.2011 11:17:10 | Computer Name = Luisas-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error - 02.01.2012 09:25:03 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 04.01.2012 07:02:47 | Computer Name = Luisas-PC | Source = bowser | ID = 8003
Description =

Error - 05.01.2012 13:35:48 | Computer Name = Luisas-PC | Source = Print | ID = 6161
Description = Das Dokument PDF Editor im Besitz von The Killer Flower konnte nicht
auf dem Drucker HP LaserJet 1200 Series PCL 5 gedruckt werden. Versuchen Sie erneut,
das Dokument zu drucken, oder starten Sie den Druckspooler erneut. Datentyp: NT
EMF 1.008. Größe der Spooldatei in Bytes: 6356992. Anzahl der gedruckten Bytes:
0. Gesamtanzahl der Seiten des Dokuments: 1. Anzahl der gedruckten Seiten: 0. Clientcomputer:
\\LUISAS-PC. Vom Druckprozessor zurückgegebener Win32-Fehlercode: 259. Es sind
keine Daten mehr verfügbar.

Error - 07.01.2012 08:48:32 | Computer Name = Luisas-PC | Source = DCOM | ID = 10005
Description =

Error - 07.01.2012 08:48:32 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 07.01.2012 08:48:32 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11.01.2012 10:20:12 | Computer Name = Luisas-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error - 11.01.2012 15:11:52 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 11.01.2012 15:13:25 | Computer Name = Luisas-PC | Source = WMPNetworkSvc | ID = 866293
Description =

[ TuneUp Events ]
Error - 31.12.2009 08:29:06 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-12-31 13:29:06', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','1188',0)

Error - 04.01.2010 15:40:03 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-04 20:40:03', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','1808',0)

Error - 04.01.2010 15:40:29 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-04 20:40:29', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','3796',0)

Error - 04.01.2010 16:09:31 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-04 21:09:31', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','472',0)

Error - 12.01.2010 12:37:22 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-12 17:37:22', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','4488',0)

Error - 12.01.2010 12:42:58 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-12 17:42:58', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5332',0)

Error - 12.01.2010 14:16:28 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-12 19:16:28', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5560',0)

Error - 13.01.2010 10:10:13 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-13 15:10:13', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5472',0)

Error - 13.01.2010 10:43:01 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-13 15:43:01', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5544',0)

Error - 13.01.2010 11:08:38 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-13 16:08:38', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','804',0)


< End of report >






2. OTL.Txt

OTL logfile created on: 11.01.2012 22:28:12 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\The Killer Flower\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 46,61% Memory free
6,21 Gb Paging File | 4,69 Gb Available in Paging File | 75,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,91 Gb Total Space | 71,47 Gb Free Space | 51,45% Space Free | Partition Type: NTFS

Computer Name: LUISAS-PC | User Name: The Killer Flower | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\The Killer Flower\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\The Killer Flower\Desktop\FSS.exe ()
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avscan.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\WinRAR\WinRAR.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2009\DiskDoctor.exe (TuneUp Software GmbH)
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe (Creative Labs)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Programme\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Programme\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Programme\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Users\The Killer Flower\Desktop\FSS.exe ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\WinRAR\WinRAR.exe ()
MOD - C:\Programme\Last.fm\srv_rtaudioplayback.dll ()
MOD - C:\Programme\Last.fm\ext_messengernotify.dll ()
MOD - C:\Programme\Last.fm\ext_skypenotify.dll ()
MOD - C:\Programme\Last.fm\srv_madtranscode.dll ()
MOD - C:\Programme\Last.fm\srv_httpinput.dll ()
MOD - C:\Programme\Last.fm\LastFmFingerprint1.dll ()
MOD - C:\Programme\Last.fm\breakpad.dll ()
MOD - C:\Programme\Last.fm\Moose1.dll ()
MOD - C:\Programme\Last.fm\LastFmTools1.dll ()
MOD - C:\Programme\Last.fm\libfftw3f-3.dll ()
MOD - C:\Programme\Last.fm\zlibwapi.dll ()
MOD - \\?\globalroot\systemroot\system32\mswsock.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\Last.fm\QtNetwork4.dll ()
MOD - C:\Programme\Last.fm\QtSql4.dll ()
MOD - C:\Programme\Last.fm\QtGui4.dll ()
MOD - C:\Programme\Last.fm\QtXml4.dll ()
MOD - C:\Programme\Last.fm\QtCore4.dll ()
MOD - C:\Programme\Last.fm\imageformats\qmng4.dll ()
MOD - C:\Programme\Last.fm\imageformats\qgif4.dll ()
MOD - C:\Programme\Last.fm\imageformats\qjpeg4.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (Creative Labs Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe (Creative Labs)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (se27nd5) -- C:\Windows\System32\USBDeviceService.dll (Iomega)


========== Driver Services (SafeList) ==========

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (motmodem) -- C:\Windows\System32\drivers\motmodem.sys (Motorola)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (OA001Vid) -- C:\Windows\System32\drivers\OA001Vid.sys (Creative Technology Ltd.)
DRV - (OA001Ufd) -- C:\Windows\System32\drivers\OA001Ufd.sys (Creative Technology Ltd.)
DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (irsir) -- C:\Windows\System32\drivers\irsir.sys (Microsoft Corporation)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.lastfm.de/user/TheKillerFlower?setlang=de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.25 10:01:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.11 15:46:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files\Mein Gutscheincode Finder\Firefox [2011.06.15 20:32:16 | 000,000,000 | ---D | M]

[2011.07.23 14:14:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Killer Flower\AppData\Roaming\mozilla\Extensions
[2011.07.23 14:14:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Killer Flower\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2012.01.06 12:00:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Killer Flower\AppData\Roaming\mozilla\Firefox\Profiles\wz0c8lqa.default\extensions
[2011.12.23 17:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.23 17:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2011.12.23 17:13:41 | 000,000,000 | ---D | M] (GMX Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net
() (No name found) -- C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.12.25 10:01:11 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.02.02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.17 02:32:55 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.04.12 13:46:36 | 000,002,191 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.12.17 02:25:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.12.17 02:32:55 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.17 02:32:55 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.17 02:32:55 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.17 02:32:55 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34A21CB5-6520-43CF-B31D-CF01BFCBB3E0}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4649D5DD-676D-441E-B909-BDD5D590162D}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\The Killer Flower\Pictures\favorites2 (2).jpg
O24 - Desktop BackupWallPaper: C:\Users\The Killer Flower\Pictures\favorites2 (2).jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a5f80a43-2e1b-11e1-92a3-002219e3a2aa}\Shell - "" = AutoRun
O33 - MountPoints2\{a5f80a43-2e1b-11e1-92a3-002219e3a2aa}\Shell\AutoRun\command - "" = F:\launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.01.11 22:25:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\The Killer Flower\Desktop\OTL.exe
[2012.01.11 20:19:22 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012.01.11 19:55:39 | 000,000,000 | -HSD | C] -- C:\Users\The Killer Flower\AppData\Local\d2684af2
[2012.01.11 15:45:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.01.10 21:00:46 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012.01.10 21:00:44 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.10 21:00:43 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.01.10 21:00:16 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.10 21:00:16 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.01.05 11:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.01.02 14:33:46 | 000,000,000 | ---D | C] -- C:\Users\The Killer Flower\ElsterFormular
[2012.01.02 14:31:26 | 048,115,352 | ---- | C] (Landesfinanzdirektion Thüringen) -- C:\Users\The Killer Flower\Desktop\ElsterFormular-10.4.0.0.exe
[2012.01.02 14:29:40 | 000,000,000 | ---D | C] -- C:\Users\The Killer Flower\AppData\Roaming\elsterformular
[2012.01.02 14:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2012.01.02 14:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2012.01.02 14:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\ElsterFormular
[2011.12.14 22:02:20 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.12.14 22:02:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.12.14 22:02:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.12.14 22:02:18 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.12.14 22:02:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.12.14 22:02:14 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.12.14 10:11:51 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.12.14 10:11:51 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.12.14 10:11:49 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.12.14 10:11:47 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.12.14 10:11:45 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011.12.14 10:11:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

========== Files - Modified Within 30 Days ==========

[2012.01.11 22:25:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\The Killer Flower\Desktop\OTL.exe
[2012.01.11 22:20:18 | 001,953,091 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\tdsskiller.zip
[2012.01.11 22:18:45 | 000,334,125 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\FSS.exe
[2012.01.11 22:11:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.11 22:11:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.11 22:00:00 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2012.01.11 20:10:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.11 19:58:22 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.01.10 22:44:54 | 000,644,136 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.10 22:44:54 | 000,600,512 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.10 22:44:54 | 000,131,388 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.10 22:44:54 | 000,108,394 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.09 23:15:06 | 000,055,040 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\Best Of Music.wpl
[2012.01.08 18:21:35 | 000,027,930 | ---- | M] () -- C:\Users\The Killer Flower\Documents\Papa Unterhalt Karolina.odt
[2012.01.08 17:57:26 | 000,003,441 | ---- | M] () -- C:\Users\The Killer Flower\.recently-used.xbel
[2012.01.03 12:07:24 | 000,199,876 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\schaefer.pdf
[2012.01.02 14:33:35 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular 2008-2009.lnk
[2012.01.02 14:32:42 | 048,115,352 | ---- | M] (Landesfinanzdirektion Thüringen) -- C:\Users\The Killer Flower\Desktop\ElsterFormular-10.4.0.0.exe
[2012.01.02 14:28:48 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2012.01.01 17:31:55 | 000,022,407 | ---- | M] () -- C:\Users\The Killer Flower\Documents\Morrissey Lieder (nicht in meinem Besitz).odt
[2012.01.01 16:46:40 | 000,017,878 | ---- | M] () -- C:\Users\The Killer Flower\Documents\Farbvarianten Viva Pinata.odt
[2011.12.23 19:51:42 | 000,011,720 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\Morrissey, VAST, Saintface, Die Autos.wpl
[2011.12.20 22:39:39 | 000,009,901 | ---- | M] () -- C:\Users\The Killer Flower\Documents\phone songs.odt
[2011.12.18 22:53:43 | 000,022,235 | ---- | M] () -- C:\Windows\System32\TUProgSt_20111218-215341.dmp
[2011.12.15 09:54:37 | 000,305,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2012.01.11 22:20:16 | 001,953,091 | ---- | C] () -- C:\Users\The Killer Flower\Desktop\tdsskiller.zip
[2012.01.11 22:18:37 | 000,334,125 | ---- | C] () -- C:\Users\The Killer Flower\Desktop\FSS.exe
[2012.01.08 18:21:34 | 000,027,930 | ---- | C] () -- C:\Users\The Killer Flower\Documents\Papa Unterhalt Karolina.odt
[2012.01.08 17:57:26 | 000,003,441 | ---- | C] () -- C:\Users\The Killer Flower\.recently-used.xbel
[2012.01.05 11:50:00 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.01.03 12:07:23 | 000,199,876 | ---- | C] () -- C:\Users\The Killer Flower\Desktop\schaefer.pdf
[2012.01.02 14:33:35 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular 2008-2009.lnk
[2012.01.02 14:28:48 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2011.12.20 22:39:38 | 000,009,901 | ---- | C] () -- C:\Users\The Killer Flower\Documents\phone songs.odt
[2011.12.18 22:53:41 | 000,022,235 | ---- | C] () -- C:\Windows\System32\TUProgSt_20111218-215341.dmp
[2011.07.09 12:28:10 | 000,045,568 | ---- | C] () -- C:\Windows\UniFish3.exe
[2011.05.05 23:00:44 | 000,013,573 | ---- | C] () -- C:\Windows\hplj1010.ini
[2011.03.19 14:10:53 | 000,002,092 | ---- | C] () -- C:\Users\The Killer Flower\AppData\Roaming\wklnhst.dat
[2011.03.03 15:51:46 | 000,049,664 | ---- | C] () -- C:\Users\The Killer Flower\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.11 17:39:12 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2010.09.25 16:05:43 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.09.22 14:44:56 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe
[2010.01.27 19:05:35 | 000,006,367 | ---- | C] () -- C:\Windows\Gwpreset.ini
[2009.08.09 14:55:55 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.06.20 12:59:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.20 12:59:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.03.31 13:33:25 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2009.03.31 13:33:25 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2009.03.31 13:33:25 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2009.03.31 13:33:25 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Ogg.dll
[2009.03.25 22:38:47 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009.03.25 22:38:47 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.03.25 22:38:47 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.03.25 22:38:47 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2009.03.25 22:34:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.03.25 14:47:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.03.25 14:10:50 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2009.03.25 14:10:48 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2009.03.25 14:10:47 | 000,026,112 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2009.03.25 14:06:03 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2009.03.25 14:06:02 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2009.03.25 14:06:02 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2008.01.21 08:15:58 | 000,644,136 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,131,388 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,305,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,600,512 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,108,394 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003.08.29 10:22:35 | 000,094,274 | ---- | C] () -- C:\Windows\System32\HPBHEALR.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:BC0B8090

< End of report >


VIELEN DANK schonmal für Eure Hilfe!

kira 12.01.2012 07:37
Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)
► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Deinstalliere...
wird ungefragt (mit)installiert, kann man nicht brauchen:-> Conduit Engine aus Firefox entfernen
Code:
Conduit Engine <- Adware
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
Bei Installation die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen, weil damit stimmt man nämlich zu, dass Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert.
meiste Toolbars bzw Browserhelper wollen sich doch nur wichtig machen;)

2.
wird meistens ungefragt (mit)installiert. Wenn nicht benötigst bzw absichtlich installiert hast, kannst deinstallieren:
Code:
Winload Toolbar        <- Adware -ähnliches Verhalten
3.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/8
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de.msn.com/
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files\Mein Gutscheincode Finder\Firefox [2011.06.15 20:32:16 | 000,000,000 | ---D | M]
[2011.12.23 17:13:41 | 000,000,000 | ---D | M] (GMX Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net
[2010.04.12 13:46:36 | 000,002,191 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.12.17 02:25:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.12.17 02:32:55 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a5f80a43-2e1b-11e1-92a3-002219e3a2aa}\Shell - "" = AutoRun
O33 - MountPoints2\{a5f80a43-2e1b-11e1-92a3-002219e3a2aa}\Shell\AutoRun\command - "" = F:\launcher.exe
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:BC0B8090

:Commands
[purity]
[emptytemp]

4.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

5.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
  • Installieren und per Doppelklick starten.
  • Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
  • "Komplett Scan durchführen" wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung

6.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira

Marzipan 12.01.2012 15:51
Hallo Kira!

Ich habe jetzt die Toolbars von meinem Laptop entfernt.
Beim dritten Punkt verstehe ich nicht ganz, was du mit "Logfile Änderungen" meinst. Gehört da der Administratorname oder der des PCs (Luisas-PC) dazu?

Freue mich sehr, dass du bereit bist mir zu helfen! :)

Luisa

kira 13.01.2012 08:27
ja, also Realname..usw..falls an deinem Textdatei etwas geändert hast
wenn nix gemacht hast, kannst so belassen. wenn Du mir hier Logs reinkopierst, kannst dein echter Name usw durch "X" ersetzen...aber wenn OTL-Fix verwendet wird, mußt in der Text (wie auf dem PC existiert) wieder ändern

Marzipan 13.01.2012 19:15
Achso, verstehe :)

Hier die Textdatei nach dem Neustart:
Code:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Programme\Winload\prxtbWinl.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
C:\Programme\ICQ6Toolbar\ICQToolBar.dll moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Programme\Winload\prxtbWinl.dll not found.
File HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files\Mein Gutscheincode Finder\Firefox not found.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\search\engine folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\newtab\initial-thumbs folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\homebutton folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin\brand folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\skin folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\help\page folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\locale folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\util folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\tracking folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\search\mcollect folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\hotnews folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\content folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net\components folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net folder moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\bing.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ not found.
File C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Programme\ConduitEngine\prxConduitEngine.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Programme\Winload\prxtbWinl.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
File C:\Program Files\Microsoft\BingBar\BingExt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Programme\ConduitEngine\prxConduitEngine.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Programme\Winload\prxtbWinl.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\ICQToolBar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found.
File C:\Program Files\Microsoft\BingBar\BingExt.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5f80a43-2e1b-11e1-92a3-002219e3a2aa}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5f80a43-2e1b-11e1-92a3-002219e3a2aa}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5f80a43-2e1b-11e1-92a3-002219e3a2aa}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5f80a43-2e1b-11e1-92a3-002219e3a2aa}\ not found.
File F:\launcher.exe not found.
ADS C:\ProgramData\TEMP:BC0B8090 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: The Killer Flower
->Temp folder emptied: 61372880 bytes
->Temporary Internet Files folder emptied: 92818788 bytes
->Java cache emptied: 5266626 bytes
->FireFox cache emptied: 56504176 bytes
->Flash cache emptied: 102043 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7904268 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 214,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 01132012_161157

Files\Folders moved on Reboot...
C:\Windows\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb moved successfully.

Registry entries deleted on Reboot...

Erneuter Scan mit OTL

1. OTL.Txt:
Code:
OTL logfile created on: 13.01.2012 16:20:30 - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\The Killer Flower\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 46,20% Memory free
6,19 Gb Paging File | 4,84 Gb Available in Paging File | 78,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,91 Gb Total Space | 70,02 Gb Free Space | 50,40% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 4,16 Gb Free Space | 41,64% Space Free | Partition Type: NTFS
 
Computer Name: LUISAS-PC | User Name: The Killer Flower | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.01.11 22:25:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\The Killer Flower\Desktop\OTL.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.25 10:01:11 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.07.01 16:29:35 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.29 08:51:27 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.02 17:16:38 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 20:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.12.06 22:48:53 | 000,361,288 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TuneUpDefragService.exe
PRC - [2009.12.06 21:59:16 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
PRC - [2009.11.16 12:45:38 | 000,552,264 | ---- | M] (TuneUp Software GmbH) -- C:\Programme\TuneUp Utilities 2009\RegistryCleaner.exe
PRC - [2009.11.16 12:45:32 | 000,619,848 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2009\OneClick.exe
PRC - [2009.07.20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.25 14:05:24 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Programme\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2008.12.22 10:26:36 | 000,241,746 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe
PRC - [2008.12.22 10:26:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe
PRC - [2008.10.04 13:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Programme\Dell Support Center\bin\sprtsvc.exe
PRC - [2008.10.04 13:58:02 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Programme\Dell Support Center\bin\sprtcmd.exe
PRC - [2008.09.23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe
PRC - [2008.07.17 13:00:36 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\hidfind.exe
PRC - [2008.07.17 13:00:18 | 000,196,608 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\Apoint.exe
PRC - [2008.07.17 13:00:18 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApntEx.exe
PRC - [2008.07.17 13:00:16 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApMsgFwd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.25 10:01:10 | 002,124,760 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.11.15 13:17:07 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.10.13 14:01:22 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011.10.13 13:58:47 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011.10.13 13:58:03 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011.05.28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.04.11 07:28:22 | 000,223,232 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008.11.24 10:16:14 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.07.01 16:29:35 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.29 08:51:27 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.12.06 22:48:53 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Running] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.12.06 21:59:16 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009.07.20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.03.25 14:05:24 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008.12.22 10:26:36 | 000,241,746 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe -- (STacSV)
SRV - [2008.12.22 10:26:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe -- (AESTFilters)
SRV - [2008.10.04 13:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008.09.23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008.01.21 03:23:43 | 000,005,120 | ---- | M] (Iomega) [Auto | Running] -- C:\Windows\System32\USBDeviceService.dll -- (se27nd5)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.01 16:29:36 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.01 16:29:36 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.10.27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2009.06.20 14:04:58 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.05.11 08:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.11 05:45:56 | 000,072,192 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2009.03.08 16:06:00 | 000,280,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2009.03.06 06:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008.12.22 11:32:18 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008.12.22 10:26:50 | 000,393,216 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.11.24 10:16:10 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008.11.24 10:16:10 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.07.28 10:46:32 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2008.07.17 13:00:14 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.07.03 09:58:26 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008.07.03 09:58:24 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008.07.03 09:58:22 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.05.29 12:03:34 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
DRV - [2008.01.21 03:23:26 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2008.01.21 03:23:25 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2008.01.21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.lastfm.de/user/TheKillerFlower?setlang=de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.25 10:01:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.11 15:46:00 | 000,000,000 | ---D | M]
 
[2011.07.23 14:14:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Killer Flower\AppData\Roaming\mozilla\Extensions
[2011.07.23 14:14:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Killer Flower\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2012.01.06 12:00:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Killer Flower\AppData\Roaming\mozilla\Firefox\Profiles\wz0c8lqa.default\extensions
[2011.12.23 17:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.23 17:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
() (No name found) -- C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.12.25 10:01:11 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.02.02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.17 02:32:55 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.17 02:32:55 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.17 02:32:55 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.17 02:32:55 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\System32\winrnr.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34A21CB5-6520-43CF-B31D-CF01BFCBB3E0}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4649D5DD-676D-441E-B909-BDD5D590162D}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\The Killer Flower\Pictures\favorites2 (2).jpg
O24 - Desktop BackupWallPaper: C:\Users\The Killer Flower\Pictures\favorites2 (2).jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.13 16:11:57 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.01.12 16:22:18 | 000,000,000 | ---D | C] -- C:\Users\The Killer Flower\Desktop\alte Texte
[2012.01.12 15:42:52 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.01.11 22:25:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\The Killer Flower\Desktop\OTL.exe
[2012.01.11 20:19:22 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012.01.11 19:55:39 | 000,000,000 | -HSD | C] -- C:\Users\The Killer Flower\AppData\Local\d2684af2
[2012.01.10 21:00:46 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012.01.10 21:00:44 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.10 21:00:43 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.01.10 21:00:16 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.10 21:00:16 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.01.05 11:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.01.02 14:33:46 | 000,000,000 | ---D | C] -- C:\Users\The Killer Flower\ElsterFormular
[2012.01.02 14:31:26 | 048,115,352 | ---- | C] (Landesfinanzdirektion Thüringen) -- C:\Users\The Killer Flower\Desktop\ElsterFormular-10.4.0.0.exe
[2012.01.02 14:29:40 | 000,000,000 | ---D | C] -- C:\Users\The Killer Flower\AppData\Roaming\elsterformular
[2012.01.02 14:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2012.01.02 14:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2012.01.02 14:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\ElsterFormular
[2011.12.14 22:02:20 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.12.14 22:02:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.12.14 22:02:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.12.14 22:02:18 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.12.14 22:02:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.12.14 22:02:14 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.13 16:14:21 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2012.01.13 16:14:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.13 16:14:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.13 16:14:09 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_log_trash.cmd
[2012.01.13 16:14:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.11 22:25:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\The Killer Flower\Desktop\OTL.exe
[2012.01.11 22:20:18 | 001,953,091 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\tdsskiller.zip
[2012.01.11 22:18:45 | 000,334,125 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\FSS.exe
[2012.01.11 19:58:22 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.01.10 22:44:54 | 000,644,136 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.10 22:44:54 | 000,600,512 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.10 22:44:54 | 000,131,388 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.10 22:44:54 | 000,108,394 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.09 23:15:06 | 000,055,040 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\Best Of Music.wpl
[2012.01.08 18:21:35 | 000,027,930 | ---- | M] () -- C:\Users\The Killer Flower\Documents\Papa Unterhalt Karolina.odt
[2012.01.08 17:57:26 | 000,003,441 | ---- | M] () -- C:\Users\The Killer Flower\.recently-used.xbel
[2012.01.03 12:07:24 | 000,199,876 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\schaefer.pdf
[2012.01.02 14:33:35 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular 2008-2009.lnk
[2012.01.02 14:32:42 | 048,115,352 | ---- | M] (Landesfinanzdirektion Thüringen) -- C:\Users\The Killer Flower\Desktop\ElsterFormular-10.4.0.0.exe
[2012.01.02 14:28:48 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2012.01.01 17:31:55 | 000,022,407 | ---- | M] () -- C:\Users\The Killer Flower\Documents\Morrissey Lieder (nicht in meinem Besitz).odt
[2012.01.01 16:46:40 | 000,017,878 | ---- | M] () -- C:\Users\The Killer Flower\Documents\Farbvarianten Viva Pinata.odt
[2011.12.23 19:51:42 | 000,011,720 | ---- | M] () -- C:\Users\The Killer Flower\Desktop\Morrissey, VAST, Saintface, Die Autos.wpl
[2011.12.20 22:39:39 | 000,009,901 | ---- | M] () -- C:\Users\The Killer Flower\Documents\phone songs.odt
[2011.12.18 22:53:43 | 000,022,235 | ---- | M] () -- C:\Windows\System32\TUProgSt_20111218-215341.dmp
[2011.12.15 09:54:37 | 000,305,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.01.13 16:09:10 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_log_trash.cmd
[2012.01.11 22:20:16 | 001,953,091 | ---- | C] () -- C:\Users\The Killer Flower\Desktop\tdsskiller.zip
[2012.01.11 22:18:37 | 000,334,125 | ---- | C] () -- C:\Users\The Killer Flower\Desktop\FSS.exe
[2012.01.08 18:21:34 | 000,027,930 | ---- | C] () -- C:\Users\The Killer Flower\Documents\Papa Unterhalt Karolina.odt
[2012.01.08 17:57:26 | 000,003,441 | ---- | C] () -- C:\Users\The Killer Flower\.recently-used.xbel
[2012.01.05 11:50:00 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.01.03 12:07:23 | 000,199,876 | ---- | C] () -- C:\Users\The Killer Flower\Desktop\schaefer.pdf
[2012.01.02 14:33:35 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular 2008-2009.lnk
[2012.01.02 14:28:48 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2011.12.20 22:39:38 | 000,009,901 | ---- | C] () -- C:\Users\The Killer Flower\Documents\phone songs.odt
[2011.12.18 22:53:41 | 000,022,235 | ---- | C] () -- C:\Windows\System32\TUProgSt_20111218-215341.dmp
[2011.07.09 12:28:10 | 000,045,568 | ---- | C] () -- C:\Windows\UniFish3.exe
[2011.05.05 23:00:44 | 000,013,573 | ---- | C] () -- C:\Windows\hplj1010.ini
[2011.03.19 14:10:53 | 000,002,092 | ---- | C] () -- C:\Users\The Killer Flower\AppData\Roaming\wklnhst.dat
[2011.03.03 15:51:46 | 000,049,664 | ---- | C] () -- C:\Users\The Killer Flower\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.11 17:39:12 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2010.09.25 16:05:43 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.09.22 14:44:56 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe
[2010.01.27 19:05:35 | 000,006,367 | ---- | C] () -- C:\Windows\Gwpreset.ini
[2009.08.09 14:55:55 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.06.20 12:59:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.20 12:59:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.06.20 12:58:45 | 000,072,192 | ---- | C] () -- C:\Windows\System32\drivers\tdx.sys
[2009.03.31 13:33:25 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2009.03.31 13:33:25 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2009.03.31 13:33:25 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2009.03.31 13:33:25 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Ogg.dll
[2009.03.25 22:38:47 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009.03.25 22:38:47 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.03.25 22:38:47 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.03.25 22:38:47 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2009.03.25 22:34:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.03.25 14:47:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.03.25 14:10:50 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2009.03.25 14:10:48 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2009.03.25 14:10:47 | 000,026,112 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2009.03.25 14:06:03 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2009.03.25 14:06:02 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2009.03.25 14:06:02 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2008.01.21 08:15:58 | 000,644,136 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,131,388 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,305,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,600,512 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,108,394 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003.08.29 10:22:35 | 000,094,274 | ---- | C] () -- C:\Windows\System32\HPBHEALR.DLL
 
========== LOP Check ==========
 
[2012.01.11 22:09:20 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\Amazon
[2011.07.14 16:11:48 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\CAD-KAS
[2011.07.26 12:51:06 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2012.01.02 14:29:40 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\elsterformular
[2011.12.18 14:18:02 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\gtk-2.0
[2011.05.18 13:22:24 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\ICQ
[2011.09.24 10:49:15 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\JavaEditor
[2011.06.15 20:38:32 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\NesterSoft
[2011.03.03 19:54:36 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\OpenOffice.org
[2011.07.23 14:14:28 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\Songbird2
[2011.03.19 14:10:55 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\Template
[2011.03.03 15:24:27 | 000,000,000 | ---D | M] -- C:\Users\The Killer Flower\AppData\Roaming\TuneUp Software
[2012.01.13 16:14:21 | 000,000,522 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job
[2012.01.13 16:12:52 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.12.16 18:46:44 | 000,000,454 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F198DFEF-0888-45DF-B18A-88B072E3CAEF}.job
 
========== Purity Check ==========
 
 

< End of report >

2.Extras.Txt:

Code:
OTL Extras logfile created on: 13.01.2012 16:20:30 - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\The Killer Flower\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 46,20% Memory free
6,19 Gb Paging File | 4,84 Gb Available in Paging File | 78,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,91 Gb Total Space | 70,02 Gb Free Space | 50,40% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 4,16 Gb Free Space | 41,64% Space Free | Partition Type: NTFS
 
Computer Name: LUISAS-PC | User Name: The Killer Flower | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004840FA-F3ED-482C-B2B4-D56B52889A0E}" = lport=139 | protocol=6 | dir=in | app=system |
"{033BEA0D-8058-4141-84B5-1E6178D33901}" = lport=138 | protocol=17 | dir=in | app=system |
"{05D773DA-6EC1-41A3-B48B-9D40C56FF2E7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0AA6F1EE-0845-4F75-B15D-F854EF7B1D56}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{195CAE6C-581F-4E8E-932A-57A6F5743C2E}" = rport=138 | protocol=17 | dir=out | app=system |
"{3DB9B721-25C8-44B5-AA0E-FED5B1A859C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4FC91C24-A1C7-4281-BC75-3643F392B9EC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5353F40F-ECC5-4234-96E5-F5679051BDDA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{539435D7-583F-42D2-8F07-C70AB9433074}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5E901BB4-CD70-4628-875B-F8F3E2D60B45}" = lport=10243 | protocol=6 | dir=in | app=system |
"{677465DB-5D1F-4D5B-9538-3A57B78089DE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7E673F70-1508-4DB7-B892-747DA99B19F2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{96B30827-09F7-456D-8B8D-B1506A535BF9}" = rport=445 | protocol=6 | dir=out | app=system |
"{A0D1A508-6B22-4BF7-91FA-4F9F20C97EA8}" = rport=137 | protocol=17 | dir=out | app=system |
"{B2901C74-7BA7-42BC-9B71-0AD5A570D83A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C47E733F-94E4-4599-81A9-C5F6533395D6}" = lport=137 | protocol=17 | dir=in | app=system |
"{C73249EF-0FF6-4E42-8AB4-44E24D769D8F}" = lport=445 | protocol=6 | dir=in | app=system |
"{CB2466CB-4F33-4834-8D82-479E8AD95DE2}" = rport=139 | protocol=6 | dir=out | app=system |
"{E9D42B87-6638-40C1-90BA-3A27F55C95DB}" = rport=10243 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16B5D002-C457-4B91-B605-D1D04DE788D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{173AA285-9D6D-49A1-8CD5-D060D752BC75}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{239BDB82-FA0B-4AEC-97B7-CB5D67488FB3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{40942E56-AB64-4D98-A3B6-BFD9A5473A3D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{443F9757-E0BB-4A7D-93E0-6E9EDE453460}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4482F132-D8AE-437D-BF83-227E877997BA}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{47DFB931-ADD3-44E9-B922-AFA7C13C2FE3}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{58159901-CEFE-4090-AD4F-EBC2F7F1C9DA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{715BEC0E-65FA-40D5-8C5E-667E7AC6716F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7566EAC5-71B1-4173-ACE6-E06E6B137C6F}" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"{765415F5-56A0-43CA-8473-C411C93329F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{769DA9BE-E2D2-49ED-9CB2-9DED21BDE8AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E73C5D1-F12E-490B-97B5-920EEA0A8C50}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8E9B8802-C293-4FF3-9BF1-1AF7E54671DE}" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"{92888759-1C39-44DF-AC38-0C9634EDEB61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A87DD0A-F231-469E-B05C-940104C19565}" = protocol=6 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{A8551170-6798-4287-8063-085B079E1EEB}" = protocol=17 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{ACC5FA27-0147-457C-8971-9660E72423AF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BCC9C73E-B1A3-42A8-86EA-70225C796E24}" = protocol=6 | dir=out | app=system |
"{C0BF935A-11B3-4856-916A-5FF1FD4D0E95}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C303376B-F082-4A99-87E5-D7E1C6BCF2FB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CF205E37-6897-48DC-92DF-8E165C1B7AE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6408DEE-FB3E-40D9-A51C-2CA0FB40D9AE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{DD500732-C6C4-4D6B-9CBD-E4EB45FEA835}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{ECA6682A-3C80-4C79-96C7-608900DC7504}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F17ECFC0-A10B-4D2F-A971-37CED4AA750E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC00B548-A9FC-443E-82AA-A7867E74B34A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{A129BF5A-1B29-4008-B41F-AB756938D8DA}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{AAFF38A5-C90B-4FC7-A8A4-53A48A323924}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{4F1CB385-BDCB-44AF-AAD1-96C1E30D0555}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{D82F42BF-1F1F-43C5-93D7-991C6C32475A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0709B06B-82BC-6073-0E43-DE107DF1389C}" = Catalyst Control Center Localization Spanish
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{11D03BF4-A66F-325E-7762-4F64586C673F}" = Catalyst Control Center Graphics Full New
"{15EB6A85-A28D-2ED8-C344-DEBC592F2E12}" = Catalyst Control Center Localization German
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{28C3CD30-2DF4-FEFA-3F4E-D6C1C3257FCE}" = ccc-core-static
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{31bc7344-eae3-4f1a-828a-080ef2dcf4ba}" = Nero 9 Essentials
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20
"{32C2CBBB-4540-E526-206D-B7BC7932D82F}" = CCC Help Danish
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{425819E1-D68E-8CE1-85D5-CDBA64E82DDE}" = CCC Help Japanese
"{4392E2AF-1643-29DA-E873-C94D547467D7}" = Catalyst Control Center Localization Swedish
"{44FDDB51-0E97-DD4A-9FB2-8D394DBEE47F}" = CCC Help Dutch
"{459F8ABE-28DB-4F9E-9F96-3149C332FA83}" = Lernwerkstatt 7
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{48C86A94-A6C0-D2D0-1649-ECB00D2DF4DE}" = Catalyst Control Center Localization Norwegian
"{48CC1AD8-2013-82B3-284F-E0253195664F}" = Catalyst Control Center Localization French
"{496C34BF-9DE5-9628-48CC-052DD6A8453E}" = Catalyst Control Center Core Implementation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A4D109A-D9C4-E460-4F9A-0252F581D600}" = CCC Help Swedish
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5}" = Catalyst Control Center - Branding
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57847CB0-95DA-D785-B170-1F00FC79B860}" = Catalyst Control Center Localization Chinese Traditional
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5A72A2C4-9D4A-0718-DA28-95B73C2270DA}" = Catalyst Control Center Localization Danish
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires
"{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1" = Java-Editor 10.4f, 2010.09.18
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{682FED0E-738E-0048-F448-B3EE427978CC}" = Catalyst Control Center Localization Japanese
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B00208E-2844-7480-5F50-6515A5907F0B}" = CCC Help Norwegian
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = Die Sims™ 2 IKEA® Home-Accessoires
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76E12A66-1AEC-3816-E75A-330998F2D40C}" = CCC Help Korean
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79FBDD2E-DD2B-141A-DCF0-B8C125B5A008}" = Catalyst Control Center Graphics Previews Vista
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C63DFEB-6176-C3F1-AA83-F997E32B44EA}" = Catalyst Control Center Localization Portuguese
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{84557D91-D8C7-D7A4-1393-3AB3A16106C7}" = CCC Help Chinese Traditional
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9266D931-C05C-86F5-B74A-B1A382249916}" = Catalyst Control Center Localization Italian
"{94333A1C-DC4A-E70F-FA92-16AB6F2443D6}" = Catalyst Control Center Graphics Full Existing
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974BBAF1-048D-4230-2254-62FEA00B18E9}" = Skins
"{998D91BE-65FE-8B9D-5C6E-1D52401EAAA1}" = CCC Help English
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB377EE-454D-374C-C309-D2DFA9AB535B}" = CCC Help Italian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = Die Sims™ 2: Glamour-Accessoires
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A4874CD2-6942-E7A7-3690-277B9CB56DF5}" = Catalyst Control Center Graphics Light
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B578DD15-CB17-CBB8-611E-D1AE7D5568AC}" = Catalyst Control Center Graphics Previews Common
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BC5C42B3-CE50-8D5E-A495-6C48C0FF6336}" = CCC Help Portuguese
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEFFB92B-8238-E6B7-E9D4-494BA407E593}" = Catalyst Control Center Localization Korean
"{BFC19AEE-8C4D-65BF-3BAE-729D1252E86C}" = Catalyst Control Center InstallProxy
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C177F7FD-C061-003B-47F6-41483424517B}" = Catalyst Control Center Localization Chinese Standard
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio 5
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3171626-2269-7CF9-82AC-7BFC534A0E6A}" = ccc-utility
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D86C72D4-57DB-D59E-1FE3-9ED8819B28C4}" = Catalyst Control Center Localization Russian
"{DAD207CE-44D2-0C73-198B-8DD3B4F27426}" = CCC Help Spanish
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E1ED3247-902C-9B94-31AB-81572A6D77AA}" = Catalyst Control Center Localization Dutch
"{E374F278-E64E-D574-332F-AE9241580749}" = CCC Help Chinese Standard
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E60E58A1-6093-3DFC-C382-3702EFB40F0E}" = CCC Help French
"{E87A027B-8051-4323-1B8D-34CB90A9EEBE}" = CCC Help German
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EAD1C99F-6325-E477-C94C-58B2DB656959}" = Catalyst Control Center Localization Finnish
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F688B66F-AC95-809B-0056-154AF871D5EF}" = CCC Help Finnish
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{FC41BB0E-F005-F0B8-9040-18E935D752E7}" = CCC Help Russian
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlueJ_is1" = BlueJ 2.5.3
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309) 
"Dell Video Chat" = Dell Video Chat
"Dell Webcam Central" = Dell Webcam Central
"ElsterFormular 12.4.1.7699p" = ElsterFormular
"ElsterFormular 2008 - 2009 2008-2009" = ElsterFormular 2008 - 2009
"GoldWave v5.25" = GoldWave v5.25
"InstallShield_{459F8ABE-28DB-4F9E-9F96-3149C332FA83}" = Lernwerkstatt 7
"LastFM_is1" = Last.fm 1.5.4.27091
"lgx4.lgx.server" = G DATA Logox4 Speechengine
"LuPO_is1" = LuPO 1.0.2.43
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MinuteMan" = MinuteMan
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MyFreeCodec" = MyFreeCodec
"PDF Editor 3" = PDF Editor 3
"PDF Reader 3" = PDF Reader 3
"Songbird-release-1959" = Songbird 1.9.3 (Build 1959)
"TIMELEFT3_is1" = TimeLeft
"VLC media player" = VLC media player 1.1.7
"WinGimp-2.0_is1" = GIMP 2.6.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 30.12.2011 10:50:01 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description =
 
Error - 30.12.2011 10:50:01 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description =
 
Error - 30.12.2011 10:50:01 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description =
 
Error - 30.12.2011 10:50:02 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description =
 
Error - 30.12.2011 10:50:02 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description =
 
Error - 30.12.2011 10:50:02 | Computer Name = Luisas-PC | Source = Bonjour Service | ID = 100
Description =
 
Error - 30.12.2011 13:31:10 | Computer Name = Luisas-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 31.12.2011 11:18:50 | Computer Name = Luisas-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 01.01.2012 10:26:57 | Computer Name = Luisas-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 02.01.2012 07:09:10 | Computer Name = Luisas-PC | Source = WinMgmt | ID = 10
Description =
 
[ Broadcom Wireless LAN Events ]
Error - 25.07.2011 05:54:35 | Computer Name = Luisas-PC | Source = WLAN-Tray | ID = 0
Description = 11:54:34, Mon, Jul 25, 11 Error - Unable to gain access to user store

 
Error - 30.12.2011 13:31:28 | Computer Name = Luisas-PC | Source = WLAN-Tray | ID = 0
Description = 18:31:27, Fri, Dec 30, 11 Error - Unable to gain access to user store

 
[ System Events ]
Error - 11.01.2012 15:13:25 | Computer Name = Luisas-PC | Source = WMPNetworkSvc | ID = 866293
Description =
 
Error - 11.01.2012 17:58:29 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 12.01.2012 10:28:04 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 12.01.2012 10:28:58 | Computer Name = Luisas-PC | Source = WMPNetworkSvc | ID = 866293
Description =
 
Error - 13.01.2012 11:06:41 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 13.01.2012 11:09:49 | Computer Name = Luisas-PC | Source = WMPNetworkSvc | ID = 866293
Description =
 
Error - 13.01.2012 11:11:57 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7034
Description =
 
Error - 13.01.2012 11:13:45 | Computer Name = Luisas-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
 
Error - 13.01.2012 11:15:26 | Computer Name = Luisas-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 13.01.2012 11:16:33 | Computer Name = Luisas-PC | Source = WMPNetworkSvc | ID = 866293
Description =
 
[ TuneUp Events ]
Error - 31.12.2009 08:29:06 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-12-31 13:29:06', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
 case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','1188',0)
 
Error - 04.01.2010 15:40:03 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-04 20:40:03', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
 case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','1808',0)
 
Error - 04.01.2010 15:40:29 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-04 20:40:29', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
 case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','3796',0)
 
Error - 04.01.2010 16:09:31 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-04 21:09:31', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
 case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','472',0)
 
Error - 12.01.2010 12:37:22 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-12 17:37:22', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
 case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','4488',0)
 
Error - 12.01.2010 12:42:58 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-12 17:42:58', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
 case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5332',0)
 
Error - 12.01.2010 14:16:28 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-12 19:16:28', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
 case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5560',0)
 
Error - 13.01.2010 10:10:13 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-13 15:10:13', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
 case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5472',0)
 
Error - 13.01.2010 10:43:01 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-13 15:43:01', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
 case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','5544',0)
 
Error - 13.01.2010 11:08:38 | Computer Name = Luisas-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-13 16:08:38', '\device\harddiskvolume3\users\marzipanschweinchen\desktop\luisa\mystery
 case files - dire grove collector's edition v1.0.514 (by big fish games)\mcf6.exe','804',0)
 
 
< End of report >

Bericht Malwarebytes Anti-Malware:
Code:
Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.13.03

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
The Killer Flower :: LUISAS-PC [Administrator]

Schutz: Aktiviert

13.01.2012 16:32:56
mbam-log-2012-01-13 (16-32-56).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 389254
Laufzeit: 2 Stunde(n), 17 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 1
C:\Windows\System32\USBDeviceService.dll (Rootkit.0Access) -> Löschen bei Neustart.

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Windows\System32\USBDeviceService.dll (Rootkit.0Access) -> Löschen bei Neustart.
C:\Windows\assembly\GAC_MSIL\Desktop.ini (Rootkit.0Access) -> Löschen bei Neustart.

(Ende)

Meine istallierten Programme:
Code:
7-Zip 9.20                24.11.2010        3,54MB       
Adobe AIR        Adobe Systems Incorporated        05.10.2011        37,6MB        3.0.0.4080
Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        10.01.2012                11.1.102.55
Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        14.11.2011                11.1.102.55
Adobe Reader X (10.1.2) - Deutsch        Adobe Systems Incorporated        10.01.2012        120,8MB        10.1.2
Advanced Audio FX Engine                24.03.2009               
Apple Application Support        Apple Inc.        14.11.2011        61,1MB        2.1.5
Apple Mobile Device Support        Apple Inc.        12.02.2011        21,7MB        3.3.1.3
Apple Software Update        Apple Inc.        18.07.2011        2,38MB        2.1.3.127
ATI Catalyst Control Center                24.03.2009        24,00KB        2.008.0703.2235
Avira AntiVir Personal - Free Antivirus        Avira GmbH        18.10.2011        140,7MB        10.2.0.704
BlueJ 2.5.3        Deakin University        15.11.2010        17,9MB       
CCleaner        Piriform        12.01.2012        4,22MB        3.14
Cisco EAP-FAST Module        Cisco Systems, Inc.        24.03.2009        1,04MB        2.1.6
Cisco LEAP Module        Cisco Systems, Inc.        24.03.2009        1,04MB        1.0.12
Cisco PEAP Module        Cisco Systems, Inc.        24.03.2009        0,85MB        1.0.13
Compatibility Pack für 2007 Office System        Microsoft Corporation        13.12.2011        164,8MB        12.0.6514.5001
Dell Dock        Dell        24.03.2009                1.0.0
Dell Getting Started Guide        Dell Inc.        24.03.2009                1.00.0000
Dell Support Center (Support Software)        Dell        26.03.2009        0,75MB        2.2.08298
Dell Touchpad        Alps Electric        24.03.2009        11,7MB        7.2.101.209
Dell Video Chat        SightSpeed Inc.        24.03.2009        22,1MB        6.0 (6567)
Dell Webcam Central                24.03.2009        31,1MB       
Dell Wireless WLAN Card Utility        Dell Inc.        25.03.2009                5.10.38.30
Dell-eBay        Dell        24.03.2009                1.00.0000
Die Sims 2                04.12.2010        2.747MB       
Die Sims 2: Nightlife                04.12.2010        1.287MB       
Die Sims 2: Open For Business                04.12.2010        698MB       
Die Sims 2: Wilde Campus-Jahre                04.12.2010        925MB       
Die Sims™ 2 Freizeit-Spaß        Electronic Arts        04.12.2010        1.195MB       
Die Sims™ 2 Gute Reise        Electronic Arts        04.12.2010        947MB       
Die Sims™ 2 H&M®-Fashion-Accessoires                04.12.2010        498MB       
Die Sims™ 2 Haustiere                04.12.2010        801MB       
Die Sims™ 2 IKEA® Home-Accessoires        Electronic Arts        04.12.2010        440MB       
Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires        Electronic Arts        04.12.2010        473MB       
Die Sims™ 2 Vier Jahreszeiten                04.12.2010        894MB       
Die Sims™ 2: Glamour-Accessoires                04.12.2010        356MB       
Die Sims™ 3        Electronic Arts        19.06.2009        5.640MB        1.0.615
ElsterFormular        Landesfinanzdirektion Thüringen        01.01.2012        264MB        12.4.1.7699p
ElsterFormular 2008 - 2009        Landesfinanzdirektion Thüringen        01.01.2012        125,3MB        2008-2009
G DATA Logox4 Speechengine        G DATA Software AG        11.04.2011               
GIMP 2.6.5                27.03.2009        84,4MB       
GoldWave v5.25                26.01.2010        5,09MB       
Integrated Webcam Driver (1.06.03.0309)        Creative Technology Ltd.        25.03.2009                1.06.03.0309
Java(TM) 6 Update 22        Oracle        10.04.2011        97,1MB        6.0.220
Java(TM) 6 Update 24        Sun Microsystems, Inc.        13.06.2010        94,5MB        6.0.240
Java(TM) SE Development Kit 6 Update 20        Sun Microsystems, Inc.        15.11.2010        150,9MB        1.6.0.200
Java-Editor 10.4f, 2010.09.18        Gerhard Röhner        23.09.2011        8,80MB       
Last.fm 1.5.4.27091        Last.fm        22.07.2011        18,4MB       
Lernwerkstatt 7        Medienwerkstatt Mühlacker Verlagsgesellschaft mbH        11.04.2011        99,4MB        7.00.0000
Logitech Harmony Remote Software 7        Logitech        22.11.2011        88,2MB        7.7.0.0
LuPO 1.0.2.43        Ministerium für Schule, Wissenschaft und Forschung NRW        17.03.2011        14,7MB       
Malwarebytes Anti-Malware Version 1.60.0.1800        Malwarebytes Corporation        12.01.2012        11,5MB        1.60.0.1800
McAfee Security Scan Plus        McAfee, Inc.        11.09.2011        9,34MB        2.0.181.2
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU        Microsoft Corporation        02.04.2009        37,0MB       
Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        26.03.2009        37,0MB       
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        24.06.2010        120,3MB        4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        24.06.2010        24,5MB        4.0.30319
Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        24.03.2009        1,74MB        3.1.0000
Microsoft Sync Framework Runtime Native v1.0 (x86)        Microsoft Corporation        24.03.2009        0,61MB        1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86)        Microsoft Corporation        24.03.2009        1,45MB        1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        29.07.2009        0,25MB        8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        14.06.2011        0,29MB        8.0.61001
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        29.07.2009        0,19MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        13.04.2011        0,58MB        9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218        Microsoft Corporation        23.12.2010        0,22MB        9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        01.01.2012        0,23MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        24.03.2009        0,58MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        27.03.2010        0,58MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        14.06.2011        0,58MB        9.0.30729.6161
Microsoft Works        Microsoft Corporation        15.12.2010        334MB        9.7.0621
MinuteMan                14.06.2011        1,17MB       
Mozilla Firefox 9.0.1 (x86 de)        Mozilla        24.12.2011        40,3MB        9.0.1
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        01.04.2009        1,28MB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        26.11.2009        1,34MB        4.20.9876.0
MyFreeCodec                30.03.2009        9,87MB       
Nero 9 Essentials        Nero AG        03.09.2009               
No23 Recorder        No23        01.03.2011        4,40MB        2.1.0.3
OpenOffice.org 3.2        OpenOffice.org        09.05.2010        371MB        3.2.9483
PDF Editor 3                13.07.2011        15,9MB       
PDF Reader 3                10.11.2010        58,9MB       
QuickSet        Dell Inc.        24.03.2009                9.2.6
QuickTime        Apple Inc.        14.11.2011        73,3MB        7.71.80.42
Remote Control USB Driver                22.11.2011        3,62MB        2.3.2.317
Roxio Creator DE        Roxio        24.03.2009        18,1MB        10.1
Samsung Media Studio 5        Samsung        30.03.2009        74,0MB        5.0
Skype™ 5.3        Skype Technologies S.A.        22.07.2011        16,6MB        5.3.120
Songbird 1.9.3 (Build 1959)                22.07.2011        57,9MB       
Sound Blaster Audigy ADVANCED MB                24.03.2009        11,5MB        1.0
TimeLeft        NesterSoft Inc.        14.06.2011        4,79MB        3.56
TuneUp Utilities 2009        TuneUp Software        05.12.2009        47,0MB        8.0.3310.3
VLC media player 1.1.7        VideoLAN        12.02.2011        80,2MB        1.1.7
Windows Live Anmelde-Assistent        Microsoft Corporation        01.04.2009        1,93MB        5.000.818.6
Windows Live Essentials        Microsoft Corporation        24.03.2009        94,4MB        14.0.8050.1202
Windows Live-Uploadtool        Microsoft Corporation        24.03.2009        0,22MB        14.0.8014.1029
WinRAR 4.01 (32-Bit)        win.rar GmbH        05.09.2011        4,03MB        4.01.0
So, das ist abgearbeitet :) Ich hoffe, es ist auch alles richtig so.

Marzipan 13.01.2012 19:50
Irgendwie kommt jetzt auch nichts mehr. Ist das Problem jetzt schon gelöst?

kira 14.01.2012 07:05
1.
Deine Javaversion ist nicht aktuell!
→ Downloade nun die Offline-Version von Java Version 6 Update 30 von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

Die alte Java-Versionen verbleiben auf dem PC...aus Sicherheitsgründen müssen entfernt werden,auch in Zukunft darauf achten!
deinstalliere:
Zitat:
Java(TM) 6 Update 24
2.
Wenn Du nicht absichtlich installiert hast, da oft mit andere Programm wird mitinstalliert bzw angeboten (vermutlich durch Adobe Reader), deinstalliere:
Code:
McAfee Security Scan Plus
obwohl selbst die Programmierer/hersteller ein sehr gute Ruf hat, durch dieses "Helferprinzip" wird dein PC nicht noch mehr geschützt, aber beeinträchtigt die Systemleistung
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
Bei Installation bitte die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen bzw gesetzten Haken belassen, weil damit stimmt man nämlich zu, dass andere "Fremdprogramm", oder sogar Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert.

3.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
:OTL
[2011.12.17 02:32:55 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.17 02:32:55 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.17 02:32:55 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.17 02:32:55 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

:Commands
[purity]
[emptytemp]

3.
reinige dein System mit CCleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

4.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

5.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

6.
-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

Marzipan 14.01.2012 13:14
Fixen mit OTL:
Code:
All processes killed
========== OTL ==========
C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: The Killer Flower
->Temp folder emptied: 1893723 bytes
->Temporary Internet Files folder emptied: 700382 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 47007646 bytes
->Flash cache emptied: 1385 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3596 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 47,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 01142012_115030

Files\Folders moved on Reboot...
C:\Windows\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb moved successfully.

Registry entries deleted on Reboot...
SuperAntiSpyware Bericht:
Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 01/14/2012 at 12:29 PM

Application Version : 5.0.1142

Core Rules Database Version : 8134
Trace Rules Database Version: 5946

Scan type      : Quick Scan
Total Scan Time : 00:05:50

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned      : 632
Memory threats detected  : 0
Registry items scanned    : 30123
Registry threats detected : 0
File items scanned        : 7045
File threats detected    : 314

Adware.Tracking Cookie
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\the_killer_flower@2o7[1].txt [ /2o7 ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\the_killer_flower@adx.chip[2].txt [ /adx.chip ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\the_killer_flower@free-countdown-timer.softonic[1].txt [ /free-countdown-timer.softonic ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\the_killer_flower@maxis.112.2o7[1].txt [ /maxis.112.2o7 ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\the_killer_flower@smartadserver[1].txt [ /smartadserver ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\the_killer_flower@www.windowsmedia[1].txt [ /www.windowsmedia ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\3Y8G60YP.txt [ /msnportal.112.2o7.net ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\1RYCROKA.txt [ /doubleclick.net ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\8V0EW6OD.txt [ /imrworldwide.com ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\K9DNJDUF.txt [ /c.atdmt.com ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\M8X5Y162.txt [ /mediaplex.com ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\9IN2HTF5.txt [ /specificclick.net ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\TZM53QCR.txt [ /atdmt.com ]
        C:\Users\The Killer Flower\AppData\Roaming\Microsoft\Windows\Cookies\8CHHPD3W.txt [ /apmebf.com ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\N832ZDIJ.txt [ Cookie:the killer flower@im.banner.t-online.de/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\the_killer_flower@traffictrack[1].txt [ Cookie:the killer flower@traffictrack.de/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\MOBZJ0NU.txt [ Cookie:the killer flower@ad2.adfarm1.adition.com/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\20HYNLAI.txt [ Cookie:the killer flower@msnportal.112.2o7.net/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\UDKI0CXS.txt [ Cookie:the killer flower@ad3.adfarm1.adition.com/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\7MS6GPFK.txt [ Cookie:the killer flower@ad.yieldmanager.com/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\the_killer_flower@ice.112.2o7[1].txt [ Cookie:the killer flower@ice.112.2o7.net/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\the_killer_flower@adsrv1.admediate[1].txt [ Cookie:the killer flower@adsrv1.admediate.com/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\XP24HKTI.txt [ Cookie:the killer flower@eas.apm.emediate.eu/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\18Y0N4E3.txt [ Cookie:the killer flower@c.atdmt.com/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\0WBTZ14V.txt [ Cookie:the killer flower@ad.zanox.com/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\A0F3EHIK.txt [ Cookie:the killer flower@specificclick.net/ ]
        C:\USERS\THE KILLER FLOWER\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q6TK5T3H.txt [ Cookie:the killer flower@atdmt.com/ ]
        C:\USERS\THE KILLER FLOWER\Cookies\3Y8G60YP.txt [ Cookie:the killer flower@msnportal.112.2o7.net/ ]
        C:\USERS\THE KILLER FLOWER\Cookies\the_killer_flower@free-countdown-timer.softonic[1].txt [ Cookie:the killer flower@free-countdown-timer.softonic.de/ ]
        C:\USERS\THE KILLER FLOWER\Cookies\K9DNJDUF.txt [ Cookie:the killer flower@c.atdmt.com/ ]
        C:\USERS\THE KILLER FLOWER\Cookies\the_killer_flower@adx.chip[2].txt [ Cookie:the killer flower@adx.chip.de/ ]
        C:\USERS\THE KILLER FLOWER\Cookies\M8X5Y162.txt [ Cookie:the killer flower@mediaplex.com/ ]
        C:\USERS\THE KILLER FLOWER\Cookies\9IN2HTF5.txt [ Cookie:the killer flower@specificclick.net/ ]
        C:\USERS\THE KILLER FLOWER\Cookies\TZM53QCR.txt [ Cookie:the killer flower@atdmt.com/ ]
        C:\USERS\THE KILLER FLOWER\Cookies\8CHHPD3W.txt [ Cookie:the killer flower@apmebf.com/ ]
        .adtech.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .xiti.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        in.getclicky.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        lastfmstats.livefrombmore.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        lastfmstats.livefrombmore.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        wstat.wibiya.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .autoscout24.112.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .lastfmstats.livefrombmore.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        data.coremetrics.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .webstats4u.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        stat.dealtime.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .sevenoneintermedia.112.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .paypal.112.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .linksynergy.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .linksynergy.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .linksynergy.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .tns-counter.ru [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s01.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s08.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s08.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        2.s08.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s08.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s05.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s04.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s04.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s07.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s08.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s02.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s05.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        2.s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s02.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s02.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        states.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .ipcmedia.122.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .deutschepostag.112.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        accounts.youtube.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .cunda.122.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .shopping-pfadfinder.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .shopping-pfadfinder.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .tracking.3gnet.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        media1.comnos.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .a.revenuemax.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        ext.trackingwiz.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        ext.trackingwiz.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        tracking.sim-technik.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .webstats4u.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .getclicky.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .static.getclicky.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .msnportal.112.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        counters.gigya.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s04.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wdl4qpcziep.stats.esomniture.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .mediamere.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .mediamere.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .opodo.122.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6whmiukdzeho.stats.esomniture.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wfkyklcpkbo.stats.esomniture.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .discounto.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .discounto.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .lokalportal24de.112.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .dealtime.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        clicks.pangora.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        clicks.pangora.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s05.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s05.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        dc.tremormedia.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .ad6media.fr [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .ad6media.fr [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wnk4oiczgap.stats.esomniture.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s06.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s04.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s06.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        states.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        states.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        canada.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        states.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        canada.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s08.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        canada.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .stats.paypal.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        tracking.mobile.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s01.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        states.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        canada.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        states.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        canada.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        states.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        canada.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        states.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s08.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s06.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s08.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s06.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        2.s06.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        2.s06.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        2.s04.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s09.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        2.s02.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        states.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        canada.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s01.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s01.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s06.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s09.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s06.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s02.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        2.s06.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        states.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        canada.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s07.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        states.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        canada.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        2.s05.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s08.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s01.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s07.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s09.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        tracking.purpular.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .statcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .affiliates.commissionaccount.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .affiliates.commissionaccount.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        stats.justhost.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        2.s01.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s07.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s09.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s07.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s09.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s03.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wnkokjcpsdq.stats.esomniture.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .microsoftsto.112.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .moviepilot.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .moviepilot.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .yadro.ru [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.3dstats.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .112.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .openstat.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .spylog.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        kursnet-finden.arbeitsagentur.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .guj.122.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s06.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .loyaltypartner.122.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        statse.webtrendslive.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wbkoumazwbo.stats.esomniture.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .webstats4u.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        af.2.cqcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.rambler.ru [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .rambler.ru [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.rambler.ru [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .rambler.ru [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .rambler.ru [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        nova.rambler.ru [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        spenden.wikimedia.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        spenden.wikimedia.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .philips.112.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        track.webtrekk.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s10.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s07.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        s04.flagcounter.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .twctsg.122.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        tracking1.aleadpay.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .adscendmedia.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        traffic-pimp.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .counter.sexsuche.tv [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        traffic-pimp.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .warnerbrosads.112.2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ C:\USERS\THE KILLER FLOWER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WZ0C8LQA.DEFAULT\COOKIES.SQLITE ]
Also da ist immer noch das Problem mit dem Tab, wo eine mediashifting-Seite ladet.
Als ich die alte Version von Java deinstalliert habe, kam auf einmal ein bluescreen. Nach einem Neustart, ist das dann aber nicht mehr vorgekommen.

kira 16.01.2012 06:09
1.
Schritte 5. und 6. fehlen noch!

2.
Was verbirgt sich dahinter, Dir bekannt?:
Zitat:
C:\Users\The Killer Flower\AppData\Local\d2684af2
3.
Hast du den Rechner bereits auf Viren überprüft? Folgende Ergebnisse möchte ich noch sehen:
Code:
TDSSKiller
(alle vorhandenen Protokolle!)
4.
MBR mit aswMBR von Avast prüfen

Lade aswMBR.exe von Avast herunter und speichere das Tool auf deinem Desktop (nicht woanders hin).
XP Benutzer: Doppelklick auf die aswMBR.exe, um das Tool zu starten.
Vista und Windows 7 Benutzer: Rechtsklick auf die aswMBR.exe und Als Administrator starten wählen.
Es wird sich ein Eingabe-Fenster mit einigen Angaben öffnen.

Klicke Scan, um den Suchlauf zu starten.

Wenn der Scan beendet ist, was mit Scan finished sucessfull! gemeldet wird, klicke Save log, um das Logfile zu speichern.
Poste mir den Inhalt von aswASW.log vom Desktop hier in den Thread.

Marzipan 17.01.2012 16:20
Gestern habe ich diesen Scan durchgeführt. Dann wurde ein Neustart verlangt und jetzt fährt der Laptop gar nicht mehr hoch, vor dem Anmeldebildschirm bleibt es einfach schwarz...

kira 19.01.2012 15:51
► Wie ist den aktuellen Zustand des Rechners? Hast du die Probleme immer noch?

Marzipan 20.01.2012 10:04
Mein Bruder hat den Laptop wieder anbekommen. Das Internet funktioniert noch nicht, aber das kriegen wir am Wochenende bestimmt auch wieder zum Laufen. Mal sehen, wie das dann mit dem Laden von Google Seiten etc. aussieht. Dieses Anti Malware hat auch öfters Viren in Quarantäne gesteckt. Seit das Internet nicht funktioniert passiert das nicht mehr. Kann sich aber wieder ändern, wenn wieder Internetseiten aufgerufen werden...

kira 21.01.2012 09:40
OK, dann melde dich erneut

1.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

2.
lade Dir HijackThis 2.0.4 von *von hier* herunter
Rechtsklick drauf-> "Als Administrator ausführen" wählen
HijackThis starten→ "Do a system scan and save a logfile" klicken→ das erhaltene Logfile "markieren" → "kopieren"→ hier in deinem Thread (rechte Maustaste) "einfügen"


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:22 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27