Alt 19.01.2012, 19:15   #1
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Unglücklich

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

Hallo zusammen,

ich weiß, dass man sein Problem möglichst exakt definieren sollte, allerdings ist das nicht so einfach.
Mein Rechner ist seit kurzem extrem langsam, das alleine nervt schon sehr. Außerdem verstellt sich aber auch immer öfter der Desktop nach dem Neustart, d.h. der Hintergrund ist weg, die Taskleiste verschwunden,...

Kann mir jemand von euch sagen, was zu tun ist um rauszukriegen, wo das Problem liegt?

Besten Dank!


Alt 19.01.2012, 19:30   #2
/// Malware-holic
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
%systemroot%\*. /mp /s
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread


Alt 19.01.2012, 21:29   #3
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

So, hier nun also die Ergebnisse:

OTL.txt:OTL Logfile:
OTL logfile created on: 19.01.2012 19:40:14 - Run 1
OTL by OldTimer - Version     Folder = C:\Users\Jana und Nicky\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 51,42% Memory free
6,19 Gb Paging File | 4,79 Gb Available in Paging File | 77,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 114,51 Gb Free Space | 76,83% Space Free | Partition Type: NTFS
Drive D: | 137,32 Gb Total Space | 134,92 Gb Free Space | 98,25% Space Free | Partition Type: NTFS
Computer Name: JANAUNDNICKY-PC | User Name: Jana und Nicky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.01.19 19:36:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jana und Nicky\Downloads\OTL.exe
PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.09 01:44:22 | 004,616,064 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SUPERAntiSpyware.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASCORE.EXE
PRC - [2011.06.15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010.10.29 14:49:28 | 000,505,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.09.20 00:43:04 | 000,204,800 | ---- | M] (ATK) -- C:\Program files\P4G\BatteryLife.exe
PRC - [2008.07.24 11:16:01 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.07.19 03:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008.07.15 19:29:00 | 007,651,328 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2008.07.15 19:22:46 | 000,217,088 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2008.06.25 03:01:08 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2008.06.24 04:16:24 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008.06.19 20:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
PRC - [2008.06.18 06:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.06.04 01:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008.01.23 18:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.01.21 03:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2008.01.12 06:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.11.05 03:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
PRC - [2007.08.15 19:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007.07.06 00:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007.05.18 10:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2005.07.06 23:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.19 19:03:20 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012.01.19 19:03:20 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012.01.09 21:48:23 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012.01.09 21:48:23 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008.08.27 19:05:06 | 000,015,872 | ---- | M] () -- C:\Program files\P4G\OvrClk.dll
MOD - [2008.08.20 23:49:56 | 000,016,384 | ---- | M] () -- C:\Program files\P4G\DevMng.dll
MOD - [2008.07.19 03:52:08 | 000,649,704 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008.06.09 17:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2008.01.12 06:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
MOD - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007.11.12 23:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll
MOD - [2007.08.14 21:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007.07.12 21:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007.07.12 21:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2007.06.15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
MOD - [2007.06.02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
MOD - [2007.03.10 00:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASCORE.EXE -- (!SASCORE)
SRV - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008.01.21 03:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 03:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007.05.18 10:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
========== Driver Services (SafeList) ==========
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.08.02 17:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.04.27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.09.13 16:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010.09.07 03:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010.09.07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010.09.07 03:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010.09.07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010.08.19 21:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010.08.19 21:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010.08.19 21:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2008.09.19 13:20:59 | 007,404,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.09.05 21:20:19 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.08.28 16:48:45 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.08.06 09:26:07 | 000,124,928 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.06.03 07:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.05.29 18:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)
DRV - [2008.04.01 08:13:57 | 001,807,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.02.16 01:42:42 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.08.11 04:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007.08.03 05:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.30 19:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.07.30 18:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.07.24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2006.12.14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {795828a9-f271-43a8-8536-4484bb991d3d} - No CLSID value found
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts:       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {795828A9-F271-43A8-8536-4484BB991D3D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware 5.0.1142\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe (Adobe Systems, Inc.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5992A805-6A92-47A0-98D9-7D7639DDE6EF}: DhcpNameServer =
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware 5.0.1142\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware 5.0.1142\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware 5.0.1142\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{01f8b756-d14f-11de-b1d3-002354841119}\Shell - "" = AutoRun
O33 - MountPoints2\{01f8b756-d14f-11de-b1d3-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{01f8b771-d14f-11de-b1d3-002354841119}\Shell - "" = AutoRun
O33 - MountPoints2\{01f8b771-d14f-11de-b1d3-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1b1407ba-91bd-11df-9526-002354841119}\Shell - "" = AutoRun
O33 - MountPoints2\{1b1407ba-91bd-11df-9526-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1b1407bb-91bd-11df-9526-002354841119}\Shell - "" = AutoRun
O33 - MountPoints2\{1b1407bb-91bd-11df-9526-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
MsConfig - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.01.09 21:48:11 | 000,000,000 | ---D | C] -- C:\Users\Jana und Nicky\AppData\Roaming\SUPERAntiSpyware.com
[2012.01.09 21:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.01.09 21:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.01.09 21:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware 5.0.1142
[2012.01.09 21:43:18 | 000,000,000 | ---D | C] -- C:\Users\Jana und Nicky\AppData\Roaming\Malwarebytes
[2012.01.09 21:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.09 21:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.09 21:42:43 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.01.09 21:40:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti Malware 1.60
[2012.01.07 15:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.07 15:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.01.07 15:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.01.07 15:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2012.01.06 18:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2008.06.03 07:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
========== Files - Modified Within 30 Days ==========
[2012.01.19 19:02:18 | 000,032,726 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.01.19 19:02:13 | 000,032,726 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.01.19 19:02:13 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.19 19:01:59 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012.01.19 19:01:46 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012.01.19 19:01:42 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.19 19:01:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.19 19:01:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.19 19:01:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.19 19:00:50 | 3220,295,680 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.19 14:23:22 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.01.13 13:11:57 | 000,635,680 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.13 13:11:57 | 000,602,238 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.13 13:11:57 | 000,129,990 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.13 13:11:57 | 000,107,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.11 19:21:06 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012.01.09 21:47:33 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.01.09 21:42:54 | 000,001,196 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.07 15:50:53 | 000,024,206 | ---- | M] () -- C:\Users\Jana und Nicky\AppData\Roaming\UserTile.png
[2012.01.07 15:34:40 | 000,001,671 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.07 15:29:47 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012.01.07 15:29:06 | 000,000,628 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2012.01.06 18:58:03 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.06 18:41:44 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.01.06 18:41:44 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.01.06 18:41:27 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
========== Files Created - No Company Name ==========
[2012.01.09 21:47:33 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.01.09 21:42:54 | 000,001,196 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.07 15:50:53 | 000,024,206 | ---- | C] () -- C:\Users\Jana und Nicky\AppData\Roaming\UserTile.png
[2012.01.07 15:34:40 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.07 15:29:47 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2012.01.07 15:29:47 | 000,001,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2012.01.06 18:41:27 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.10.23 08:36:20 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010.08.21 15:11:12 | 000,000,680 | ---- | C] () -- C:\Users\Jana und Nicky\AppData\Local\d3d9caps.dat
[2009.11.14 20:40:07 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.10.20 16:58:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.10.20 16:58:49 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.07.21 21:39:35 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.07.17 21:34:00 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.07.17 21:19:47 | 000,032,726 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.07.17 20:40:33 | 000,032,726 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.07.16 20:54:56 | 000,005,120 | ---- | C] () -- C:\Users\Jana und Nicky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.16 19:50:44 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009.07.16 19:09:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2009.03.09 19:54:21 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.07.02 03:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
[2008.04.16 12:11:34 | 000,635,680 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 12:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 12:11:34 | 000,129,990 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 12:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 11:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008.04.01 08:13:57 | 001,807,744 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007.05.10 00:39:28 | 000,003,584 | ---- | C] () -- C:\Windows\System32\CNCFLcNL.DLL
[2007.05.09 08:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,392,904 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,602,238 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,107,014 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.09 02:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
========== LOP Check ==========
[2010.06.19 22:17:50 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\FileZilla
[2009.11.05 14:04:08 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\Leadertech
[2009.11.05 13:16:37 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\Nordic Games
[2009.07.16 20:39:56 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\OpenOffice.org
[2012.01.19 14:23:22 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
[2010.04.06 20:03:35 | 000,000,000 | -H-D | M] -- C:\$AVG
[2009.07.16 19:21:00 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2009.03.09 21:47:06 | 000,000,000 | -H-D | M] -- C:\ASUS.SYS
[2009.10.22 09:55:23 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.03.03 14:15:29 | 000,000,000 | ---D | M] -- C:\Casino
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.03.09 20:58:52 | 000,000,000 | ---D | M] -- C:\Intel
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.01.09 21:46:02 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.01.11 19:21:06 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.10.23 08:42:57 | 000,000,000 | -H-D | M] -- C:\Recycle.Bin
[2012.01.19 19:45:01 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009.07.16 19:09:21 | 000,000,000 | R--D | M] -- C:\Users
[2012.01.09 21:53:59 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS  >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS  >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE  >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTOR.SYS  >
[2008.09.12 06:32:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\drivers\iaStor.sys
[2008.09.12 06:32:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3c4af4a0\iaStor.sys
< MD5 for: IASTORV.SYS  >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL  >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL  >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL  >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE  >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE  >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\drivers\MpNWMon.sys
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[2012.01.19 19:52:25 | 002,883,584 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT
[2012.01.19 19:52:25 | 000,262,144 | -H-- | M] () -- C:\Users\Jana und Nicky\ntuser.dat.LOG1
[2009.07.16 19:09:22 | 000,000,000 | -H-- | M] () -- C:\Users\Jana und Nicky\ntuser.dat.LOG2
[2012.01.19 14:23:44 | 000,065,536 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2012.01.19 14:23:44 | 000,524,288 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2011.06.10 10:48:30 | 000,524,288 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2009.07.16 19:09:23 | 000,000,020 | -HS- | M] () -- C:\Users\Jana und Nicky\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
<           >

< End of report >
--- --- ---

Extras.txt:OTL Logfile:
OTL Extras logfile created on: 19.01.2012 19:40:14 - Run 1
OTL by OldTimer - Version     Folder = C:\Users\Jana und Nicky\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 51,42% Memory free
6,19 Gb Paging File | 4,79 Gb Available in Paging File | 77,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 114,51 Gb Free Space | 76,83% Space Free | Partition Type: NTFS
Drive D: | 137,32 Gb Total Space | 134,92 Gb Free Space | 98,25% Space Free | Partition Type: NTFS
Computer Name: JANAUNDNICKY-PC | User Name: Jana und Nicky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
"EnableFirewall" = 1
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
"{18B40C1C-0830-4369-94DE-09CD8C651EF5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{276F8F68-8226-43FB-AAE3-B5448730731B}" = rport=139 | protocol=6 | dir=out | app=system | 
"{3621FF72-0F16-4333-B2F0-6141CEA142E4}" = lport=137 | protocol=17 | dir=in | app=system | 
"{4EA2A0C4-43E0-434B-84DF-73D7C4A44AF8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{587D0214-E505-4697-AC9B-162125AFD98D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{7D134EAC-2D1A-4118-84E6-A63F6F8D5AC2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{82A78F61-C174-40C8-AF4B-2D4A734F3827}" = lport=445 | protocol=6 | dir=in | app=system | 
"{885A0D0A-0AB8-4DC4-885E-C1E78FC3C597}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{9EDD8C28-DBDA-49B7-8239-E646C4FCDAF7}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{9F86E006-E487-428C-A7C2-88B6AC6FCAC4}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B48F8A36-A54B-400C-B135-37EA582F358C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{BD01D076-7807-4F76-91C6-48FE08EB490A}" = rport=138 | protocol=17 | dir=out | app=system | 
"{CA661950-BCF3-4F9C-A76E-379AC43BEBB8}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{E8CFA5C1-52DA-4E85-9D96-BF90A2CE4E6C}" = rport=445 | protocol=6 | dir=out | app=system | 
========== Vista Active Application Exception List ==========
"{01872D39-6379-4351-81B6-8ACBC652FAC4}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{02F5008D-58B8-404B-9377-1C9137F4269D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0451E882-4BBC-4BF5-AD10-CCF6247BD1CD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0470FDA4-B3B3-4EB5-9A47-C506EE7E6A80}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{079A5B39-4DCA-4FF9-9AF9-EE120BDC2611}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0AD39CCC-1AB2-42F2-A3DA-DE739096F2D9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0DEBE2C3-F67B-4B1D-8839-6A56DA2CA065}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0EA01597-E582-4A93-B85A-19BEEBD242C4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0F80572B-0E96-4670-AC3C-DEC74E9F5485}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{170E3978-AC91-4D2D-B758-3B14DEDD9A09}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2172B48D-D35E-43D9-A091-100E8AE07080}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{217F3BA4-D92F-47E9-B05D-144C4C32BE82}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{281C8D46-434C-4B2D-8886-0BCCA7878EA4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2A4853AA-3286-4E61-A1CD-5AED9AE1F956}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{2C83ECB3-DAB8-48C9-A621-FF662458F5CC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{2FBEE68A-F5D7-402E-B37D-D0466F7BEB7C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{45786974-9352-4821-857D-EEB510D05195}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{459087F0-7E28-42D2-A992-8B31236EE062}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{45FCC3DE-F822-473F-B4F6-0407942CB7C5}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{4D68187D-74AB-44EE-BE0F-6292CEA0AA1A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{4DC2181E-346A-4243-AD0F-4E87CED3441F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{544E492E-004A-41F1-AE3B-7F7F0152DF9E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{5652C260-BD7C-49B5-BBCD-443A2B38C4B4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5B91BFA5-4331-457D-9601-1E5D27BDB08F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5DC96FB3-7866-405A-97BC-758A6C60F417}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{629E75B8-1079-4DB4-9DC7-9BB0BFDAE69D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{68CEC4A8-4572-4E71-A8D6-9F7FA2FD34A2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6A8FD13D-6969-4BBB-9A6E-DAC611D0FC03}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6B394C84-B31A-4AC6-8D0E-905192ED25E1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7281E40B-1678-4751-8FBD-1D2419016794}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{73BDF3E5-A344-4B8B-BE92-3E8858C156A9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7637E6FD-C6E4-416D-AA52-3C2B8D1193DC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{77F2C600-4312-40AB-A27B-1DB19F466B19}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7996B3E6-2E9B-48DE-9610-020D66F68C33}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{7B1D3E9E-D538-42F9-A286-AA90D2E9B942}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{872C33DD-5734-4814-88E5-5E62E3C24E49}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{87B8B52A-413F-4E73-B174-9674806FD404}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{8A8A842F-8EBD-4D6F-BDCB-060AEF0BB8CD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8ABC285D-0F67-4951-8691-1AB9EBABB8D3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8C471E4A-D8E7-445B-9D76-69922C2B13B4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9920ECD5-57AB-4510-9058-8C6C1F0A1405}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{99EB0145-B60A-44BE-8702-889B5CDB7317}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9BA58841-AB3A-4FA1-B653-843679FDF983}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9DB92A0C-BCF3-4461-A103-4F379D16AEA2}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{9FD108B2-1362-4893-BCF9-4A8F809DEC19}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{9FF1B404-0EBB-4501-A30C-2D2AB1C2E57F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A0073CB2-1816-4BF5-B43C-2907AC462A3B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{A194B4EA-01F2-46EB-8889-B78CCFB942B2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A6B0B95A-80C0-4603-8288-E5AB77CB9A1A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A729DC7F-1C32-4732-94BF-4E5E3F68BE24}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{AE1CB86F-B319-41B0-B393-CB86C15F70AB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B053C84C-15E1-4D0D-9CE3-84EE4C4ACF33}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B2C3E220-2E0A-468D-87ED-759E7BBC256C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B6E6DF19-49D2-491B-91A1-A2D6514BF409}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B7B3AEB2-42CB-42FF-BAEC-DDEBDEE6FC35}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BB4ACF43-1DEF-444C-A229-1DF9304BD59C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BC1EB4F7-C498-4A19-B980-26DD96652463}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BED8B13D-0E3D-4239-AB6B-700B4DA432B9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BF9C790F-88DF-4441-96C6-699883D62624}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C44D4116-7E36-4433-8A2B-D9D7E65658F2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C6C982FA-E6E8-49E8-8C11-D867573CFF82}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C6CEBBB5-0DF2-4386-8B72-06788B31F956}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C79BFE04-BD3B-4DDB-841F-D2E0D9BAE307}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CA7D8B43-57D6-4C56-B0CA-ADE72A8DDB36}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CA7F75CD-1C24-4229-953A-8C9A99CB753E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CDD0ADBC-7A2C-41F1-8629-1385DF399A7B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D656E8BF-12C1-4AAD-901A-4F35764173E3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E0A68BF3-98C3-4D8B-B8C2-2E191807C810}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E3989692-EA23-49BE-B6D2-6B99C1A298F9}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{E86A5342-51E5-4856-9B6F-7E1615D770F8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EE45CE25-7CB5-4970-AF20-CB1A1D73A47F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F0552143-CD9C-4A1A-8B9D-6DD0D3D00364}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F8EFFA99-FE78-4F55-BC5E-22642CBED0DC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{36932D1F-3B36-4301-AB61-1984C9D8F523}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{4783F3EB-AB99-4C27-8C9D-CD69B288F776}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{317AB8DA-3C8E-4C1A-B789-2F6733808524}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{F7A54F87-F1EE-4980-B433-7BFC1C31C13F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3A608351-5980-4A47-AE08-3742C55B4016}" = Windows Live Family Safety
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DC35EF73-C7BD-4452-A793-4269990E1EA3}" = Windows Live Movie Maker-Betaversion
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ASUS_Notebook_N50" = ASUS_Notebook_N50 Screen Saver
"CCleaner" = CCleaner
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa2" = Picasa 2
"PokerStars.net" = PokerStars.net
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.11.2010 16:23:42 | Computer Name = JanaundNicky-PC | Source = WinMgmt | ID = 10
Description = 
Error - 25.11.2010 09:11:42 | Computer Name = JanaundNicky-PC | Source = WinMgmt | ID = 10
Description = 
Error - 25.11.2010 09:13:32 | Computer Name = JanaundNicky-PC | Source = System Restore | ID = 8193
Description = 
Error - 25.11.2010 09:13:39 | Computer Name = JanaundNicky-PC | Source = System Restore | ID = 8193
Description = 
Error - 25.11.2010 15:17:46 | Computer Name = JanaundNicky-PC | Source = WinMgmt | ID = 10
Description = 
Error - 25.11.2010 15:19:15 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
Error - 25.11.2010 15:19:15 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
Error - 25.11.2010 15:19:16 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
Error - 25.11.2010 15:55:36 | Computer Name = JanaundNicky-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18975, Zeitstempel
 0x4c8710a6, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00066739,  Prozess-ID 0x1740, Anwendungsstartzeit
Error - 25.11.2010 16:02:59 | Computer Name = JanaundNicky-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18975, Zeitstempel
 0x4c8710a6, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00066739,  Prozess-ID 0x16d0, Anwendungsstartzeit
[ Media Center Events ]
Error - 14.05.2010 15:27:08 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

Error - 04.07.2010 09:59:06 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

Error - 05.09.2010 03:45:14 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

Error - 06.11.2010 02:08:55 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

Error - 29.01.2011 05:07:55 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

Error - 29.01.2011 07:07:25 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

Error - 31.01.2011 06:43:44 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

Error - 14.03.2011 14:56:09 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

Error - 23.04.2011 03:04:08 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

[ System Events ]
Error - 18.01.2012 16:13:38 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description = 
Error - 18.01.2012 16:14:55 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
Error - 19.01.2012 06:28:54 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description = 
Error - 19.01.2012 06:30:51 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
Error - 19.01.2012 09:12:46 | Computer Name = JanaundNicky-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
Error - 19.01.2012 09:13:19 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description = 
Error - 19.01.2012 09:15:02 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
Error - 19.01.2012 14:02:04 | Computer Name = JanaundNicky-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
Error - 19.01.2012 14:02:34 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description = 
Error - 19.01.2012 14:03:45 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
< End of report >
--- --- ---


Alt 19.01.2012, 21:33   #4
/// Malware-holic
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

öffne malwarebytes, logdateien, scan berichte posten.
das selbe bei super antispyware
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
Mails bitte vorerst nach obiger Anleitung an
Wenn Ihr uns unterstützen möchtet

Alt 19.01.2012, 21:37   #5
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

Meinst du z.b. das hier?

2012/01/19 11:30:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/01/19 11:30:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/01/19 11:30:24 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/01/19 11:30:28 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/01/19 14:14:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/01/19 14:14:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/01/19 14:14:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/01/19 14:14:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/01/19 19:03:57 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/01/19 19:04:00 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/01/19 19:04:02 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/01/19 19:04:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/01/19 19:04:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/01/19 19:04:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.01.18.05 to version v2012.01.19.03
2012/01/19 19:04:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/01/19 19:04:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/01/19 19:04:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/01/19 19:04:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/01/19 19:04:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/01/19 19:04:25 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

Alt 19.01.2012, 23:00   #6
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

Hier der Log von SUPERAntiSpyware:

SUPERAntiSpyware Scan Log

Generated 01/19/2012 at 10:58 PM

Application Version : 5.0.1142

Core Rules Database Version : 8115
Trace Rules Database Version: 5927

Scan type : Complete Scan
Total Scan Time : 01:18:57

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Administrator

Memory items scanned : 649
Memory threats detected : 0
Registry items scanned : 36533
Registry threats detected : 0
File items scanned : 68038
File threats detected : 144

Adware.Tracking Cookie
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\OIBRXIHV.txt [ /tracking.quisma.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\U91669E3.txt [ /ads.creative-serving.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\OR2V7QPN.txt [ /ad.adnet.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\JI0JFDER.txt [ /adtech.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\59P77PE9.txt [ /ad.ad-srv.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\YZ4393W9.txt [ /ad.zanox.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\QQM80QTU.txt [ /atdmt.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\XGL8VSWS.txt [ /dyntracker.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\P89B9ENI.txt [ /www.zanox-affiliate.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\29YHR0RS.txt [ /apmebf.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\D2LDUMHT.txt [ /eas.apm.emediate.eu ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\VMXSYYYI.txt [ /ad4.adfarm1.adition.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\8OLERRTN.txt [ /olympiaverlag.122.2o7.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\HROMIPG6.txt [ /advertising.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\QP0SAQXX.txt [ /adform.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\L8H65U3P.txt [ /imrworldwide.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\V76PMH06.txt [ /adviva.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\G4XJCRNO.txt [ /zanox-affiliate.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\4DKNRPXD.txt [ /track.adform.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\ID5C4GDX.txt [ /adserver.adtechus.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\DY85XZEF.txt [ /adfarm1.adition.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\5VPQOZ67.txt [ /bs.serving-sys.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\ERJL0JPL.txt [ /traffictrack.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\FQU48GFP.txt [ /banners.victor.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\XH7CWUHJ.txt [ /tradedoubler.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\ABLG0Z4P.txt [ /ad.360yield.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\SYBR1KL9.txt [ /smartadserver.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\XO87HBSY.txt [ /ad.yieldmanager.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\9ZWI0MVA.txt [ /serving-sys.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\W2GX5FRB.txt [ /specificclick.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\KB6FWZ45.txt [ /de.sitestat.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\NE6RWFI6.txt [ /ad.adc-serv.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\WXQIODFU.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\VBP68BDT.txt [ /a.revenuemax.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\3HQX5H8F.txt [ /ad3.adfarm1.adition.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\RKYA1W2Y.txt [ /invitemedia.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\4Q015XUF.txt [ /de.sitestat.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\JWRFYQFU.txt [ /mediaplex.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\H9JP76Z6.txt [ /webmasterplan.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\LJ94AESD.txt [ /revsci.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\WPZRSB4V.txt [ /doubleclick.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\PK4V0J4D.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\CE4UMDS3.txt [ /unitymedia.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\TW9NK6OE.txt [ /media.gan-online.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\GGQ0TNKL.txt [ /de.sitestat.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\E086DWBK.txt [ /ads.gea.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\EWMLXM3M.txt [ /xiti.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\X3CPYMX1.txt [ /im.banner.t-online.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\AAFQZ5N8.txt [ /zanox.com ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1RPLUHBF.txt [ Cookie:jana und nicky@tracking.quisma.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\MJY0QGK3.txt [ Cookie:jana und nicky@www.pornme.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\0BEJ6Z6G.txt [ Cookie:jana und nicky@pornsextub.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\JJZGBDOU.txt [ Cookie:jana und nicky@adtech.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6H5VZBLF.txt [ Cookie:jana und nicky@ad.adnet.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\RI3BO5BB.txt [ Cookie:jana und nicky@bijpornos.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\90XQVNMV.txt [ Cookie:jana und nicky@adbrite.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\WPQOCI54.txt [ Cookie:jana und nicky@atdmt.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1SPR925E.txt [ Cookie:jana und nicky@rachesex.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\F2D38LF8.txt [ Cookie:jana und nicky@ad.dyntracker.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z3C2AW10.txt [ Cookie:jana und nicky@go.dynamic-tracking.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\TXLI513Y.txt [ Cookie:jana und nicky@questionmarket.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\TCVO0EDJ.txt [ Cookie:jana und nicky@apmebf.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XQWMKKXE.txt [ Cookie:jana und nicky@2o7.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\73648H7R.txt [ Cookie:jana und nicky@adserver2.clipkit.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\JW49WHLR.txt [ Cookie:jana und nicky@olympiaverlag.122.2o7.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\T6KT826D.txt [ Cookie:jana und nicky@advertising.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\FFVSCTY7.txt [ Cookie:jana und nicky@www.traffective-tracking.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\4A03X25H.txt [ Cookie:jana und nicky@adform.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\D7ZTP31F.txt [ Cookie:jana und nicky@edates.traffective-tracking.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\WG2P5JKR.txt [ Cookie:jana und nicky@zanox-affiliate.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y60Y0ZS8.txt [ Cookie:jana und nicky@adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XRW38WIZ.txt [ Cookie:jana und nicky@banners.victor.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\IE7Y7UDL.txt [ Cookie:jana und nicky@www.rachesex.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DJ4AOV4I.txt [ Cookie:jana und nicky@traffictrack.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\G31TSIYW.txt [ Cookie:jana und nicky@tradedoubler.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\O2VF2KBG.txt [ Cookie:jana und nicky@www.bijpornos.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\AK97TGZR.txt [ Cookie:jana und nicky@smartadserver.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\2XGHGRNO.txt [ Cookie:jana und nicky@ad.yieldmanager.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\GDUH1IYR.txt [ Cookie:jana und nicky@serving-sys.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1TC0XT1Q.txt [ Cookie:jana und nicky@pornme.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\PQ784SGD.txt [ Cookie:jana und nicky@specificclick.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\KDGZHC6U.txt [ Cookie:jana und nicky@ero-advertising.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\S5GG1IDY.txt [ Cookie:jana und nicky@insightexpressai.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\NRT0GLVK.txt [ Cookie:jana und nicky@ads.crakmedia.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\39OVU1DE.txt [ Cookie:jana und nicky@tracking.mindshare.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\H4A1ZJUK.txt [ Cookie:jana und nicky@de.sitestat.com/laola1/thesportsman-tv/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\U67TFVS1.txt [ Cookie:jana und nicky@ad1.adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\N318SOWO.txt [ Cookie:jana und nicky@www.googleadservices.com/pagead/conversion/1039866069/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\QZC0QEF3.txt [ Cookie:jana und nicky@a.revenuemax.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\09L78VQR.txt [ Cookie:jana und nicky@tiniporn.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\VVBO68HJ.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\9KWWXQMG.txt [ Cookie:jana und nicky@media6degrees.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\530CNCWU.txt [ Cookie:jana und nicky@mediaplex.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\3SS02NDU.txt [ Cookie:jana und nicky@webmasterplan.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\73SUNUKY.txt [ Cookie:jana und nicky@ad2.adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\3VY5QS59.txt [ Cookie:jana und nicky@doubleclick.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DREYMLIQ.txt [ Cookie:jana und nicky@unitymedia.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\BL4R76Q5.txt [ Cookie:jana und nicky@wlw.122.2o7.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\UH58NDMR.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/sport1-de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\VRXDG1FP.txt [ Cookie:jana und nicky@xiti.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DN07V7C4.txt [ Cookie:jana und nicky@im.banner.t-online.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\YU984QA1.txt [ Cookie:jana und nicky@adserv.kwick.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XIHWGRSA.txt [ Cookie:jana und nicky@lfstmedia.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\TGWZBH20.txt [ Cookie:jana und nicky@zanox.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\5308Y83I.txt [ Cookie:jana und nicky@www.vagosex.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6Z3HJTIB.txt [ Cookie:jana und nicky@r1-ads.ace.advertising.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\8KYDW7Z9.txt [ Cookie:jana und nicky@www.googleadservices.com/pagead/conversion/1017131048/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\4CCKZ1NF.txt [ Cookie:jana und nicky@ru4.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\0Y6SDYBR.txt [ Cookie:jana und nicky@server.adform.net/ ]
C:\USERS\JANA UND NICKY\Cookies\OIBRXIHV.txt [ Cookie:jana und nicky@tracking.quisma.com/ ]
C:\USERS\JANA UND NICKY\Cookies\OR2V7QPN.txt [ Cookie:jana und nicky@ad.adnet.de/ ]
C:\USERS\JANA UND NICKY\Cookies\JI0JFDER.txt [ Cookie:jana und nicky@adtech.de/ ]
C:\USERS\JANA UND NICKY\Cookies\QQM80QTU.txt [ Cookie:jana und nicky@atdmt.com/ ]
C:\USERS\JANA UND NICKY\Cookies\29YHR0RS.txt [ Cookie:jana und nicky@apmebf.com/ ]
C:\USERS\JANA UND NICKY\Cookies\D2LDUMHT.txt [ Cookie:jana und nicky@eas.apm.emediate.eu/ ]
C:\USERS\JANA UND NICKY\Cookies\8OLERRTN.txt [ Cookie:jana und nicky@olympiaverlag.122.2o7.net/ ]
C:\USERS\JANA UND NICKY\Cookies\HROMIPG6.txt [ Cookie:jana und nicky@advertising.com/ ]
C:\USERS\JANA UND NICKY\Cookies\QP0SAQXX.txt [ Cookie:jana und nicky@adform.net/ ]
C:\USERS\JANA UND NICKY\Cookies\G4XJCRNO.txt [ Cookie:jana und nicky@zanox-affiliate.de/ ]
C:\USERS\JANA UND NICKY\Cookies\DY85XZEF.txt [ Cookie:jana und nicky@adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\Cookies\ERJL0JPL.txt [ Cookie:jana und nicky@traffictrack.de/ ]
C:\USERS\JANA UND NICKY\Cookies\FQU48GFP.txt [ Cookie:jana und nicky@banners.victor.com/ ]
C:\USERS\JANA UND NICKY\Cookies\XH7CWUHJ.txt [ Cookie:jana und nicky@tradedoubler.com/ ]
C:\USERS\JANA UND NICKY\Cookies\SYBR1KL9.txt [ Cookie:jana und nicky@smartadserver.com/ ]
C:\USERS\JANA UND NICKY\Cookies\XO87HBSY.txt [ Cookie:jana und nicky@ad.yieldmanager.com/ ]
C:\USERS\JANA UND NICKY\Cookies\9ZWI0MVA.txt [ Cookie:jana und nicky@serving-sys.com/ ]
C:\USERS\JANA UND NICKY\Cookies\W2GX5FRB.txt [ Cookie:jana und nicky@specificclick.net/ ]
C:\USERS\JANA UND NICKY\Cookies\KB6FWZ45.txt [ Cookie:jana und nicky@de.sitestat.com/laola1/thesportsman-tv/ ]
C:\USERS\JANA UND NICKY\Cookies\WXQIODFU.txt [ Cookie:jana und nicky@ad1.adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\Cookies\VBP68BDT.txt [ Cookie:jana und nicky@a.revenuemax.de/ ]
C:\USERS\JANA UND NICKY\Cookies\4Q015XUF.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/ ]
C:\USERS\JANA UND NICKY\Cookies\JWRFYQFU.txt [ Cookie:jana und nicky@mediaplex.com/ ]
C:\USERS\JANA UND NICKY\Cookies\H9JP76Z6.txt [ Cookie:jana und nicky@webmasterplan.com/ ]
C:\USERS\JANA UND NICKY\Cookies\WPZRSB4V.txt [ Cookie:jana und nicky@doubleclick.net/ ]
C:\USERS\JANA UND NICKY\Cookies\PK4V0J4D.txt [ Cookie:jana und nicky@ad2.adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\Cookies\CE4UMDS3.txt [ Cookie:jana und nicky@unitymedia.de/ ]
C:\USERS\JANA UND NICKY\Cookies\GGQ0TNKL.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/sport1-de/ ]
C:\USERS\JANA UND NICKY\Cookies\EWMLXM3M.txt [ Cookie:jana und nicky@xiti.com/ ]
C:\USERS\JANA UND NICKY\Cookies\X3CPYMX1.txt [ Cookie:jana und nicky@im.banner.t-online.de/ ]
C:\USERS\JANA UND NICKY\Cookies\AAFQZ5N8.txt [ Cookie:jana und nicky@zanox.com/ ]

Alt 20.01.2012, 13:17   #7
/// Malware-holic
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

ja, halt alle Malwarebytes logs die vorhanden sind.
hast du das mit der proxy einstellung und dem hintergrund hinbekommen?
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
Mails bitte vorerst nach obiger Anleitung an
Wenn Ihr uns unterstützen möchtet

Alt 05.04.2012, 15:49   #8
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

Sorry für die lange Abwesenheit... Problem besteht nach wie vor.
Wie soll ich strukturiert vorgehen, um Klarheit darüber zu erhalten, was mit der Kiste los ist?
Problem ist, dass der Rechner von mehreren genutzt wird - und keiner sich wirklich darum kümmert...

Alt 05.04.2012, 15:53   #9
/// Malware-holic
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

naja, die frage ist ja immernoch, gibt es mehr Malwarebytes berichte als du gepostet hast?
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
Mails bitte vorerst nach obiger Anleitung an
Wenn Ihr uns unterstützen möchtet

Alt 05.04.2012, 16:16   #10
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

Leider nicht.
Lasse gerade Malwarebytes laufen, den Log könnte ich noch posten sobald er fertig ist.
Sonst noch was, was ich machen könnte?

So, hier mal ein Auszug aus den Log Dateien von Malwarebytes...

2012/04/06 10:23:10 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/06 10:23:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/06 10:23:16 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/06 10:23:18 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/04/05 12:58:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/04/05 12:58:23 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.24.03 to version v2012.04.05.04
2012/04/05 13:58:18 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/05 13:58:28 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/05 13:58:31 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/05 13:58:34 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/05 16:35:20 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/05 16:35:23 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/05 16:35:26 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/05 16:35:28 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/05 16:37:11 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/04/05 16:37:11 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/04/05 16:37:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/04/05 16:37:17 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/04/05 16:37:17 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/05 16:37:19 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/04/04 12:14:49 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/04 12:14:51 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/04 12:14:54 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/04 12:14:56 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/04 12:39:18 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/04 12:39:21 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/04 12:39:24 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/04 12:39:26 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/04 14:07:36 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/04 14:07:39 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/04 14:07:42 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/04 14:07:43 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/04/03 18:25:03 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/03 18:25:06 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/03 18:25:09 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/03 18:25:11 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/03 20:23:49 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/03 20:23:52 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/03 20:23:55 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/03 20:23:56 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/04/01 13:37:24 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/01 13:37:26 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/01 13:37:29 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/01 13:37:31 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/01 14:09:41 +0200 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK (Type: outgoing, Port: 50703, Process: iexplore.exe)
2012/04/01 14:09:41 +0200 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK (Type: outgoing, Port: 50705, Process: iexplore.exe)
2012/04/01 20:25:27 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/01 20:25:29 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/01 20:25:32 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/01 20:25:55 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/31 21:37:54 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/31 21:37:57 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/31 21:38:00 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/31 21:38:01 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/30 13:02:42 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/30 13:02:45 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/30 13:02:48 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/30 13:02:50 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/25 09:43:02 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/25 09:43:05 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/25 09:43:08 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/25 09:43:10 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/25 20:53:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/25 20:53:15 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/25 20:53:16 +0200 JANAUNDNICKY-PC Jana und Nicky ERROR Scheduled update failed: No address found failed with error code 11004
2012/03/25 20:53:16 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/25 20:53:19 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/25 20:53:21 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/24 20:14:12 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/24 20:14:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/24 20:14:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/24 20:14:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/24 20:18:54 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent QUARANTINE
2012/03/24 20:19:46 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION c:\users\jana und nicky\appdata\local\microsoft\windows\temporary internet files\content.ie5\k35b0xjw\pdfconvertersetup.exe Adware.Agent DENY
2012/03/24 20:19:49 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION c:\users\jana und nicky\appdata\local\microsoft\windows\temporary internet files\content.ie5\k35b0xjw\pdfconvertersetup.exe Adware.Agent DENY
2012/03/24 20:21:57 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/24 20:22:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/03/24 20:22:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.20.07 to version v2012.03.24.03
2012/03/24 20:22:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/03/24 20:22:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/03/24 20:22:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/03/24 20:22:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/24 20:22:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/22 21:32:37 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/22 21:32:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/22 21:32:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/22 21:32:45 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/22 22:14:56 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW
2012/03/22 22:14:56 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW
2012/03/22 22:15:07 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW
2012/03/22 22:15:07 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW

2012/03/21 19:18:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/21 19:18:26 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/21 19:18:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/21 19:18:30 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/20 19:34:32 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/20 19:34:35 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/20 19:34:38 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/20 19:34:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/20 19:46:33 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/20 19:46:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/03/20 19:46:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.15.05 to version v2012.03.20.07
2012/03/20 19:46:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/03/20 19:46:51 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/03/20 19:46:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/03/20 19:46:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/20 19:46:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/20 19:51:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/20 19:51:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/20 19:51:22 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/20 19:51:25 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/18 07:15:11 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/18 07:15:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/18 07:15:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/18 07:15:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/18 11:45:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/18 11:45:11 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/18 11:45:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/18 11:45:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/18 12:10:37 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK (Type: outgoing, Port: 50982, Process: iexplore.exe)
2012/03/18 12:10:37 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK (Type: outgoing, Port: 50983, Process: iexplore.exe)

2012/03/17 14:18:02 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/17 14:18:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/17 14:18:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/17 14:18:10 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/17 14:52:50 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/17 14:52:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/17 14:53:01 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/17 14:53:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/16 21:24:00 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/16 21:24:03 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/16 21:24:06 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/16 21:24:07 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/15 09:04:33 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/15 09:04:36 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/15 09:04:39 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/15 09:04:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/15 12:31:09 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/15 12:31:11 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/15 12:31:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/15 12:31:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/15 19:03:44 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/15 19:03:44 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/15 19:03:47 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/15 19:03:50 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/15 19:03:51 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/15 19:03:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.10.02 to version v2012.03.15.05
2012/03/15 19:03:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/03/15 19:03:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/03/15 19:03:56 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/03/15 19:03:59 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/03/15 19:03:59 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/15 19:04:00 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/14 20:56:39 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/14 20:56:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/14 20:56:44 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/14 20:56:46 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/13 12:56:13 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/13 12:56:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/13 12:56:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/13 12:56:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/13 21:34:35 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/13 21:34:38 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/13 21:34:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/13 21:34:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/11 13:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/11 13:20:42 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/11 13:20:45 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/11 13:20:47 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/11 19:49:46 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/11 19:49:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/11 19:49:51 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/11 19:49:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/11 20:29:06 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/11 20:29:09 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/11 20:29:12 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/11 20:29:13 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/11 20:30:08 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK (Type: outgoing, Port: 49191, Process: iexplore.exe)
2012/03/11 20:30:08 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK (Type: outgoing, Port: 49196, Process: iexplore.exe)

2012/03/10 12:09:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/10 12:09:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/10 12:09:27 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/10 12:09:30 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/10 12:20:24 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/10 12:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/03/10 12:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.06.06 to version v2012.03.10.02
2012/03/10 12:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/03/10 12:20:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/03/10 12:20:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/03/10 12:20:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/10 12:20:57 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/10 20:56:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/10 20:56:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/10 20:56:24 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/10 20:56:25 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/07 19:00:09 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/07 19:00:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/07 19:00:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/07 19:00:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/07 19:55:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/07 19:55:34 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/07 19:55:37 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/07 19:55:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/06 13:04:30 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/06 13:04:35 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/06 13:04:38 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/06 13:04:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/06 20:07:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/06 20:07:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/06 20:07:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/06 20:07:26 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/06 20:07:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/06 20:07:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/03/06 20:07:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.02.29.04 to version v2012.03.06.06
2012/03/06 20:07:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/03/06 20:07:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/03/06 20:07:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/03/06 20:07:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/06 20:07:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/05 12:17:22 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/05 12:17:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/05 12:17:32 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/05 12:17:37 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/05 19:39:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/05 19:39:26 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/05 19:39:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/05 19:39:33 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/05 19:49:47 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK (Type: outgoing, Port: 55324, Process: skype.exe)
2012/03/05 19:49:56 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK (Type: outgoing, Port: 55324, Process: skype.exe)

2012/03/04 12:29:59 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/04 12:30:04 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/04 12:30:07 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/04 12:30:10 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/04 12:31:59 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK (Type: outgoing, Port: 55324, Process: skype.exe)

2012/03/03 12:51:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/03 12:51:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/03 12:51:46 +0100 JANAUNDNICKY-PC Jana und Nicky ERROR Scheduled update failed: Net Exception failed with error code 10093
2012/03/03 12:51:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/03 12:51:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/03 12:51:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/03 19:51:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/03 19:51:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/03 19:52:01 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/03 19:52:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/03 22:52:46 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/03 22:52:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/03 22:52:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/03 22:53:01 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/01 11:16:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/01 11:16:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/01 11:16:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/01 11:16:20 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

Hier noch die Log-Datei von SuperAntiSpyware...

SUPERAntiSpyware Scann-Protokoll

Generiert 04/06/2012 bei 11:47 AM

Version der Applikation : 5.0.1144

Version der Kern-Datenbank : 8115
Version der Spur-Datenbank : 5927

Scan Art : kompletter Scann
Totale Scann-Zeit : 00:48:38

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Gescannte Speicherelemente : 652
Erfasste Speicher-Bedrohungen : 0
Gescannte Register-Elemente : 36549
Erfasste Register-Bedrohungen : 0
Gescannte Datei-Elemente : 39533
Erfasste Datei-Elemente : 0

Alt 06.04.2012, 16:41   #11
/// Malware-holic
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

dann machen wir das gerät einmal komplett neu.
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
Mails bitte vorerst nach obiger Anleitung an
Wenn Ihr uns unterstützen möchtet


