Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Google Probleme, Spybot startet nicht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.06.2011, 16:25   #1
extazy
 
Google Probleme, Spybot startet nicht - Standard

Google Probleme, Spybot startet nicht



Hi,

mein google macht seit kurzer Zeit seltsame Sachen. Ich kann mich nicht erinnern was installiert oder gelöscht zu haben was das beeinflussen konnte.

- Suchergebnisse werden mit seltsamen schriftzeichen angezeigt (vorallem die umlaute Ä. Ö. Ü)
- Wenn ich ein Suchergebniss anklicke geht ein neuer Tab auf? War bisher nicht so.
- Wenn ein neuer Tab aufgeht ist es meist eine leere google seite? (wie google.de; worldslife.de oder blank:about), wenn ich dann auf zurück drücke lande ich beim angeklickten suchergebniss.
- Bildersuche sagt ständig, dass keine ergebnisse gefunden werden konnten, obwohl die websuche beim gleichen begriff auf die bildersuche verweist und die bilder anzeigt.
- Google ist generell langsamer geworden

Ich habe den neusten Firefox, Chronik, Cookies und Chache gelöscht und es hat sich nichts geändert. Neuinstallieren habe ich noch nicht versucht, da der I-Explorer genau die selben Probleme mit google hat. Auf anderen Seiten sind mir keine Fehler aufgefallen.

Ich habe herumgelesen und bin auf mehrere solche Beiträge gestoßen. Spybot startet nicht, und lässt sich nicht updaten (Spybot 2, ging, scannte und hat 5 Probleme gefunden: Ursache "Facemoods" --> deinstalliert)
Antivir lies sich starten, updaten und hatte keine Funde.

Nun bitte ich euch um Hilfe... Hier meine Logs
- defogger: hat ordentlich beendet und neugestartet
- OTL hat ordentlich beendet und 2 Logs erstellt
- Gmer ist nach erstem Anlauf abgestürtz "vivp90bz.exe funktioniert nicht mehr"... Beim zweiten Anlauf bekam ich einen Bluescreen

Defogger:
Zitat:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:46 on 14/06/2011 (Dino)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-

OTL
Zitat:
OTL logfile created on: 14.06.2011 16:55:54 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Dino\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,16 Gb Available Physical Memory | 57,90% Memory free
4,00 Gb Paging File | 2,74 Gb Available in Paging File | 68,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,35 Gb Total Space | 144,48 Gb Free Space | 47,63% Space Free | Partition Type: NTFS
Drive D: | 150,69 Gb Total Space | 131,52 Gb Free Space | 87,27% Space Free | Partition Type: NTFS
Drive E: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: DINO-PC | User Name: Dino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.06.14 16:40:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Dino\Desktop\OTL.exe
PRC - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.05.11 15:10:44 | 000,167,040 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2011.05.10 22:28:30 | 003,769,048 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2011.05.10 22:21:12 | 003,834,456 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe
PRC - [2011.05.10 22:18:34 | 003,585,696 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe
PRC - [2011.05.10 22:18:08 | 003,515,656 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2011.04.28 16:49:34 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.20 04:04:36 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011.04.20 04:04:06 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011.04.19 22:17:18 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011.03.17 17:50:11 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.12.07 12:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.11.06 18:41:33 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.01.14 23:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
PRC - [2009.07.14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.05.07 02:01:00 | 001,904,640 | ---- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WLanGUI.exe
PRC - [2009.05.07 02:01:00 | 000,368,640 | ---- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WLanNetService.exe
PRC - [2006.11.03 12:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC7302\Monitor.exe
PRC - [2006.09.19 09:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe


========== Modules (SafeList) ==========

MOD - [2011.06.14 16:40:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Dino\Desktop\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Start_Pending] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.05.11 15:10:44 | 000,167,040 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe -- (SDWSCService)
SRV - [2011.05.10 22:28:30 | 003,769,048 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe -- (SDUpdateService)
SRV - [2011.05.10 22:21:12 | 003,834,456 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe -- (SDMonitorService)
SRV - [2011.05.10 22:18:34 | 003,585,696 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe -- (SDFirewallService)
SRV - [2011.05.10 22:18:08 | 003,515,656 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe -- (SDScannerService)
SRV - [2011.04.28 16:49:34 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.20 04:04:06 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.04.19 22:17:18 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011.03.17 17:50:11 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.07 12:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.04.19 17:30:03 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.03.08 18:26:00 | 003,519,560 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.05.07 02:01:00 | 000,368,640 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2007.05.31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV - [2011.04.20 04:43:40 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011.04.20 04:43:40 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.04.20 03:22:08 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.04.12 13:01:38 | 000,045,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2011.03.30 20:46:36 | 000,100,880 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011.03.17 17:50:12 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.01.26 17:44:24 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.11.22 16:51:12 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.10.05 16:38:04 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.10.05 16:38:04 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.10.02 16:56:10 | 000,028,608 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sef3x1.sys -- (sef3x1)
DRV - [2010.10.01 19:42:04 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.10.01 19:41:35 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.10.01 19:41:35 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.02.18 10:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.09.22 18:22:44 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.05.07 02:01:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007.11.08 10:29:52 | 000,458,752 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2007.03.27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2007.01.26 01:00:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2E 98 D5 9F 6F 35 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: bug489729@alice0775:1.3
FF - prefs.js..extensions.enabledItems: djziggy@gmail.com:1.3.1
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="


FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.30 14:57:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.01 14:29:27 | 000,000,000 | ---D | M]

[2009.09.14 21:18:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dino\AppData\Roaming\mozilla\Extensions
[2011.06.04 22:49:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dino\AppData\Roaming\mozilla\Firefox\Profiles\qe9jwdlh.default\extensions
[2011.06.04 22:49:52 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Dino\AppData\Roaming\mozilla\Firefox\Profiles\qe9jwdlh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.05.01 14:53:19 | 000,000,000 | ---D | M] ("bug489729") -- C:\Users\Dino\AppData\Roaming\mozilla\Firefox\Profiles\qe9jwdlh.default\extensions\bug489729@alice0775
[2011.04.30 14:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dino\AppData\Roaming\mozilla\Firefox\Profiles\qe9jwdlh.default\extensions\nostmp
[2011.03.12 23:34:26 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Dino\AppData\Roaming\mozilla\Firefox\Profiles\qe9jwdlh.default\extensions\personas@christopher.beard
[2011.06.12 12:33:50 | 000,000,950 | ---- | M] () -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\qe9jwdlh.default\searchplugins\icqplugin-1.xml
[2011.03.05 19:19:27 | 000,000,950 | ---- | M] () -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\qe9jwdlh.default\searchplugins\icqplugin-2.xml
[2011.03.25 21:19:22 | 000,000,950 | ---- | M] () -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\qe9jwdlh.default\searchplugins\icqplugin-3.xml
[2011.03.02 14:41:29 | 000,001,056 | ---- | M] () -- C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\qe9jwdlh.default\searchplugins\icqplugin.xml
[2011.04.30 14:57:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.17 17:08:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.11.01 20:56:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\DINO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QE9JWDLH.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010.09.15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2011.06.10 14:48:18 | 000,434,158 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14938 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Mousotron] C:\Program Files\Mousotron\Mousotron.exe (Blacksun Software)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RGSC] File not found
O4 - Startup: C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.165.195,93.188.160.166
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - SDWinLogon.dll - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.11.15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 19:03:48 | 000,000,054 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{22c39974-a15d-11de-b9a8-0019214c0f8b}\Shell - "" = AutoRun
O33 - MountPoints2\{22c39974-a15d-11de-b9a8-0019214c0f8b}\Shell\AutoRun\command - "" = K:\pushinst.exe
O33 - MountPoints2\{43da34c3-ab84-11de-be53-001f3f00d9e2}\Shell - "" = AutoRun
O33 - MountPoints2\{43da34c3-ab84-11de-be53-001f3f00d9e2}\Shell\AutoRun\command - "" = K:\FalloutLauncher.exe
O33 - MountPoints2\{83a65c6f-a15a-11de-9a6e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{83a65c6f-a15a-11de-9a6e-806e6f6e6963}\Shell\AutoRun\command - "" = E:\BSAutoRun.exe
O33 - MountPoints2\{d35cf544-295e-11e0-bbae-001f3f00d9e2}\Shell - "" = AutoRun
O33 - MountPoints2\{d35cf544-295e-11e0-bbae-001f3f00d9e2}\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {65DED5C6-1202-8818-8B05-2D9DEDC5751E} - Java (Sun)
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
MsConfig - State: "bootini" - 0


========== Files/Folders - Created Within 30 Days ==========

[2011.06.14 16:40:58 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Dino\Desktop\OTL.exe
[2011.06.12 15:51:21 | 145,469,208 | ---- | C] (Kaspersky Lab) -- C:\Users\Dino\Desktop\kav12.0.0.374de_de.exe
[2011.06.11 18:15:55 | 000,000,000 | ---D | C] -- C:\Users\Dino\AppData\Local\LogMeIn Hamachi
[2011.06.11 18:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\LogMeIn Hamachi
[2011.06.11 18:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.06.11 18:08:47 | 000,000,000 | ---D | C] -- C:\Users\Dino\AppData\Roaming\.minecraft
[2011.06.11 18:06:13 | 000,000,000 | ---D | C] -- C:\Users\Dino\AppData\Roaming\Neuer Ordner
[2011.06.10 14:44:13 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2011.06.10 14:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Spybot - Search & Destroy 2
[2011.06.10 14:44:05 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2011.06.10 14:42:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Spybot - Search & Destroy
[2011.06.10 14:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.06.10 14:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011.06.10 14:18:59 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.06.02 18:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.06.02 18:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2011.06.02 18:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\AMD VISION Engine Control Center
[2011.06.02 18:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\ICQ7.5
[2011.06.02 18:07:55 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5
[2011.06.02 14:59:21 | 000,000,000 | ---D | C] -- C:\Users\Dino\AppData\Roaming\InstallShield
[2011.05.29 18:12:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011.05.29 17:19:50 | 000,000,000 | ---D | C] -- C:\Users\Dino\Documents\Rockstar Games
[2011.05.29 16:57:14 | 000,000,000 | ---D | C] -- C:\Users\Dino\AppData\Local\Rockstar Games
[2011.05.29 15:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Rockstar Games
[2011.05.29 15:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2011.05.27 17:48:56 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011.05.27 17:45:32 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2011.05.27 17:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Adobe
[2011.05.27 17:43:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011.05.27 16:49:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.05.27 16:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Skype
[2011.05.27 16:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.05.27 15:36:22 | 000,458,752 | ---- | C] (PixArt Imaging Inc.) -- C:\Windows\System32\drivers\PAC7302.SYS
[2011.05.27 15:36:18 | 000,129,024 | ---- | C] (PixArt Imaging Incorporation) -- C:\Windows\System32\SP7302.ax
[2011.05.27 15:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\CANYON USB PC CAMERA
[2011.05.27 15:36:18 | 000,000,000 | ---D | C] -- C:\Program Files\ANC
[2011.05.27 15:36:17 | 000,014,336 | ---- | C] (PixArt Imaging Inc.) -- C:\Windows\System32\P7302USD.dll
[2011.05.27 15:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PAC7302
[2011.05.25 17:45:03 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2007.03.12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005.11.23 12:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll

========== Files - Modified Within 30 Days ==========

[2011.06.14 16:49:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.14 16:49:35 | 1610,211,328 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.14 16:47:14 | 000,000,020 | ---- | M] () -- C:\Users\Dino\defogger_reenable
[2011.06.14 16:41:14 | 000,302,592 | ---- | M] () -- C:\Users\Dino\Desktop\vivp90bz.exe
[2011.06.14 16:40:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Dino\Desktop\OTL.exe
[2011.06.14 16:40:36 | 000,050,477 | ---- | M] () -- C:\Users\Dino\Desktop\Defogger.exe
[2011.06.14 11:27:37 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.14 11:27:37 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.14 00:56:07 | 000,001,002 | ---- | M] () -- C:\Users\Dino\Desktop\Minecraft_Server.lnk
[2011.06.13 22:05:03 | 003,480,850 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.13 22:05:03 | 001,452,778 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.13 22:05:03 | 001,008,288 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.13 22:05:03 | 000,894,662 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.12 15:54:00 | 145,469,208 | ---- | M] (Kaspersky Lab) -- C:\Users\Dino\Desktop\kav12.0.0.374de_de.exe
[2011.06.12 15:49:36 | 002,378,412 | ---- | M] () -- C:\Users\Dino\Desktop\spyaxe_remover.zip
[2011.06.11 18:14:36 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2011.06.11 18:14:15 | 000,001,370 | ---- | M] () -- C:\Users\Dino\Desktop\Minecraft.lnk
[2011.06.10 15:06:45 | 000,015,622 | ---- | M] () -- C:\Users\Dino\Desktop\Scan Results.2011-06-10 15-06-36
[2011.06.10 14:48:18 | 000,434,158 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.06.10 14:47:38 | 000,434,158 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110610-144818.backup
[2011.06.10 14:44:13 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2011.06.10 14:42:45 | 000,001,182 | ---- | M] () -- C:\Users\Dino\Desktop\Spybot - Search & Destroy.lnk
[2011.06.07 16:44:02 | 000,034,923 | ---- | M] () -- C:\Users\Dino\Desktop\GEWINNSPAREN informiert GEWINNSPAREN informiert_6514448_GEWINNSPAREN informiert GEWINNSPAREN informiert_vom_01.06.2011_20110607044358.pdf
[2011.06.05 19:35:05 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011.06.02 18:08:22 | 000,001,736 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.05.29 16:20:30 | 000,002,108 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2011.05.28 18:18:23 | 004,433,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.05.27 16:49:24 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.05.23 21:10:16 | 000,013,312 | ---- | M] () -- C:\Users\Dino\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2011.06.14 16:46:59 | 000,000,020 | ---- | C] () -- C:\Users\Dino\defogger_reenable
[2011.06.14 16:41:13 | 000,302,592 | ---- | C] () -- C:\Users\Dino\Desktop\vivp90bz.exe
[2011.06.14 16:40:29 | 000,050,477 | ---- | C] () -- C:\Users\Dino\Desktop\Defogger.exe
[2011.06.14 00:56:07 | 000,001,002 | ---- | C] () -- C:\Users\Dino\Desktop\Minecraft_Server.lnk
[2011.06.12 15:49:31 | 002,378,412 | ---- | C] () -- C:\Users\Dino\Desktop\spyaxe_remover.zip
[2011.06.11 18:14:36 | 000,000,862 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2011.06.11 18:14:15 | 000,001,370 | ---- | C] () -- C:\Users\Dino\Desktop\Minecraft.lnk
[2011.06.10 15:06:45 | 000,015,622 | ---- | C] () -- C:\Users\Dino\Desktop\Scan Results.2011-06-10 15-06-36
[2011.06.10 14:44:13 | 000,002,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2011.06.10 14:44:13 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2011.06.10 14:42:45 | 000,001,182 | ---- | C] () -- C:\Users\Dino\Desktop\Spybot - Search & Destroy.lnk
[2011.06.10 14:24:40 | 000,000,923 | ---- | C] () -- C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2011.06.07 16:44:00 | 000,034,923 | ---- | C] () -- C:\Users\Dino\Desktop\GEWINNSPAREN informiert GEWINNSPAREN informiert_6514448_GEWINNSPAREN informiert GEWINNSPAREN informiert_vom_01.06.2011_20110607044358.pdf
[2011.06.02 18:08:22 | 000,001,736 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.05.29 16:20:30 | 000,002,108 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2011.05.27 17:47:54 | 000,001,131 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2011.05.27 17:47:15 | 000,001,093 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2011.05.27 17:46:52 | 000,001,186 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2011.05.27 17:44:58 | 000,001,277 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2011.05.27 17:44:50 | 000,001,443 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2011.05.27 17:43:54 | 000,000,933 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011.05.27 16:49:24 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.05.27 15:36:20 | 000,040,960 | ---- | C] () -- C:\Windows\98Setup.exe
[2011.05.27 15:36:18 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP7302.ini
[2011.05.25 17:45:24 | 000,001,878 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.05.25 17:45:24 | 000,001,857 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2011.05.25 17:45:24 | 000,001,836 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.04.19 22:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.04.08 13:28:58 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.02.28 23:30:06 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.11.03 20:42:58 | 000,000,092 | ---- | C] () -- C:\Users\Dino\AppData\Local\fusioncache.dat
[2010.05.25 09:40:19 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.05.25 09:40:13 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.04.18 16:48:57 | 000,000,038 | ---- | C] () -- C:\Windows\TETRIS.INI
[2010.04.04 21:25:54 | 000,005,035 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik
[2009.12.24 16:48:41 | 000,013,312 | ---- | C] () -- C:\Users\Dino\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.03 09:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.11.25 20:37:53 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.11.25 18:48:24 | 000,408,576 | ---- | C] () -- C:\Windows\System32\Smab.dll
[2009.11.25 18:48:24 | 000,066,560 | ---- | C] () -- C:\Windows\MOTA113.exe
[2009.11.25 18:48:24 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.11.25 18:48:23 | 000,502,784 | ---- | C] () -- C:\Windows\x2.64.exe
[2009.11.25 18:48:23 | 000,240,128 | ---- | C] () -- C:\Windows\System32\x.264.exe
[2009.11.25 18:48:23 | 000,217,073 | ---- | C] () -- C:\Windows\meta4.exe
[2009.10.23 18:14:10 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.09.14 21:12:54 | 000,097,360 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2009.07.14 10:47:43 | 003,480,850 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:47:43 | 001,008,288 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 004,433,272 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 001,452,778 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,894,662 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008.01.01 01:17:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2007.04.27 11:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2006.09.19 09:07:28 | 000,827,392 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2004.02.27 16:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini

========== LOP Check ==========

[2011.06.13 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\.minecraft
[2011.03.14 16:36:05 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\Audacity
[2010.08.22 18:59:08 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\Bioshock
[2009.09.27 18:47:34 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\DAEMON Tools Lite
[2011.02.10 18:15:01 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\Epson
[2010.05.06 18:18:29 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\FileZilla
[2009.10.03 15:54:30 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\FRITZ!
[2011.06.14 16:33:25 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\ICQ
[2011.02.24 20:25:24 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\MAGIX
[2010.07.28 16:56:00 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\Need for Speed World
[2011.06.11 18:06:13 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\Neuer Ordner
[2009.09.17 19:04:57 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\Notepad++
[2011.04.30 15:05:16 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\Opera
[2010.10.02 16:38:54 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\Sprite Software
[2011.01.14 21:48:27 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\TeamViewer
[2010.04.19 17:27:29 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\TuneUp Software
[2011.01.26 18:23:22 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\Ubisoft
[2011.05.04 17:14:37 | 000,000,000 | ---D | M] -- C:\Users\Dino\AppData\Roaming\uTorrent
[2011.06.14 16:53:00 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*. >
[2011.02.11 22:13:10 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2008.11.24 18:15:16 | 000,000,000 | RH-D | M] -- C:\AHCache
[2011.01.26 16:07:13 | 000,000,000 | ---D | M] -- C:\AMD
[2008.01.01 01:25:35 | 000,000,000 | ---D | M] -- C:\ATI
[2009.09.14 21:14:10 | 000,000,000 | -HSD | M] -- C:\Boot
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2008.09.15 20:43:51 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2007.10.29 20:46:45 | 000,000,000 | R--D | M] -- C:\DRIVER
[2007.10.29 20:46:45 | 000,000,000 | R--D | M] -- C:\MANUAL
[2007.10.29 21:01:21 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2007.10.29 20:57:53 | 000,000,000 | ---D | M] -- C:\nero
[2007.10.29 21:05:02 | 000,000,000 | ---D | M] -- C:\Off2007HStTrial
[2011.06.11 18:14:32 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.06.10 14:42:43 | 000,000,000 | ---D | M] -- C:\ProgramData
[2009.09.14 20:39:21 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.06.11 18:14:17 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2008.12.20 07:50:48 | 000,000,000 | ---D | M] -- C:\Temp
[2007.10.30 07:09:33 | 000,000,000 | ---D | M] -- C:\TMP
[2010.04.07 17:40:13 | 000,000,000 | R--D | M] -- C:\Users
[2011.06.10 14:18:59 | 000,000,000 | ---D | M] -- C:\Windows
[2007.10.29 21:05:52 | 000,000,000 | ---D | M] -- C:\Works

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >


< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2011.05.11 16:02:08 | 005,945,944 | ---- | M] (Safer-Networking Ltd.) MD5=B302653D473E85E3FFCF100F12062EF9 -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: REGEDIT.EXE >
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_f4050b883d2c3c08\regedit.exe

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WININIT.EXE >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-25 20:04:23

< End of report >

OTL Extra
Zitat:
OTL Extras logfile created on: 14.06.2011 16:55:54 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Dino\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,16 Gb Available Physical Memory | 57,90% Memory free
4,00 Gb Paging File | 2,74 Gb Available in Paging File | 68,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,35 Gb Total Space | 144,48 Gb Free Space | 47,63% Space Free | Partition Type: NTFS
Drive D: | 150,69 Gb Total Space | 131,52 Gb Free Space | 87,27% Space Free | Partition Type: NTFS
Drive E: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: DINO-PC | User Name: Dino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*isabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe:*:Enabled:Spybot-S&D 2 Firewall service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe:*:Enabled:Spybot-S&D 2 On-Access monitor service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDSODSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDSODSvc.exe:*:Enabled:Spybot-S&D 2 Scan On Demand service
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02BEB9A6-6695-F451-A98A-E08B048B5687}" = ATI Problem Report Wizard
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 22
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D54D8DF-25CF-9752-787E-BF8D560B009B}" = AMD Drag and Drop Transcoding
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{589D0376-CF0C-3096-40E4-D2A15FE7987B}" = WMV9/VC-1 Video Playback
"{5F577CD8-A997-2E11-83BC-4445DD2D4542}" = AMD VISION Engine Control Center
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{658DE1DF-D156-DD5A-800E-20C693806F65}" = Catalyst Control Center InstallProxy
"{6844F85B-1AEE-093A-5FC9-235035B3A127}" = Catalyst Control Center Graphics Previews Common
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{71790311-0C42-B5BC-AF01-97BFFEF2A30B}" = ATI Catalyst Install Manager
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}" = AVM FRITZ!DSL
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C3A3C74-0163-F062-08D6-C8AC7430669E}" = ccc-utility
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96056420-DDF3-46A7-AA8D-BC2D1AE5290B}" = Microsoft IntelliType Pro 8.1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}" = CANYON USB PC CAMERA
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A99968BE-C155-474C-0089-33239DEE1CE2}" = Need For Speed Underground
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy 2
"{B7749EE2-5318-D255-F0EE-14D5845B0925}" = CCC Help English
"{B944FA21-81AF-4A77-8328-CE4F4CC51031}" = Nero 8
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E15E74CC-E9D1-9042-4481-BE3B573620BA}" = AMD Fuel
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ v03.02.04.8007
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.9 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GamersFirst War Rock" = War Rock
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Microsoft IntelliType Pro 8.1" = Microsoft IntelliType Pro 8.1
"Mousotron_is1" = Mousotron 6.0
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoScape" = PhotoScape
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"TeamViewer 6" = TeamViewer 6
"TmUnitedForever_is1" = TmUnitedForever Update 2010-03-15
"TuneUp Utilities" = TuneUp Utilities
"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"Xfire" = Xfire (remove only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15.03.2010 13:06:16 | Computer Name = Dino-PC | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 15.03.2010 13:06:16 | Computer Name = Dino-PC | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 15.03.2010 13:06:16 | Computer Name = Dino-PC | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 15.03.2010 13:06:16 | Computer Name = Dino-PC | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 15.03.2010 13:06:16 | Computer Name = Dino-PC | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 15.03.2010 13:06:16 | Computer Name = Dino-PC | Source = Adobe Version Cue CS3 | ID = 3
Description =

Error - 23.03.2010 15:50:53 | Computer Name = Dino-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 4.1.0.179, Zeitstempel:
0x4acf0be1 Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7600.16385, Zeitstempel:
0x4a5bdade Ausnahmecode: 0xc0000005 Fehleroffset: 0x00032047 ID des fehlerhaften Prozesses:
0x7f4 Startzeit der fehlerhaften Anwendung: 0x01cacab87ee5b474 Pfad der fehlerhaften
Anwendung: C:\Program Files\Skype\Phone\Skype.exe Pfad des fehlerhaften Moduls:
C:\Windows\system32\RPCRT4.dll Berichtskennung: 633f9ed3-36b5-11df-a692-001f3f00d9e2

Error - 23.03.2010 16:57:42 | Computer Name = Dino-PC | Source = Application Hang | ID = 1002
Description = Programm Photoshop.exe, Version 10.0.1.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1548 Startzeit:
01cacab6f8404d35 Endzeit: 0 Anwendungspfad: C:\Program Files\Adobe\Adobe Photoshop
CS3\Photoshop.exe Berichts-ID: 3921372c-36be-11df-a692-001f3f00d9e2

Error - 27.03.2010 10:46:21 | Computer Name = Dino-PC | Source = VSS | ID = 8194
Description =

Error - 27.03.2010 12:34:03 | Computer Name = Dino-PC | Source = VSS | ID = 8194
Description =

[ OSession Events ]
Error - 18.03.2010 17:40:34 | Computer Name = Dino-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1528
seconds with 1500 seconds of active time. This session ended with a crash.

Error - 12.10.2010 14:09:04 | Computer Name = Dino-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 1520 seconds with 1140 seconds of active time. This session ended with a
crash.


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
Vielen Dank schon mal.

Gruß, ex

Alt 15.06.2011, 10:42   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Probleme, Spybot startet nicht - Standard

Google Probleme, Spybot startet nicht



Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________

__________________

Alt 15.06.2011, 11:15   #3
extazy
 
Google Probleme, Spybot startet nicht - Standard

Google Probleme, Spybot startet nicht



Vielen Dank für den angenehmen Empfang.
Das Programm habe ich nie installiert gehabt, somit schließe ich ältere Logs aus.

Werde ich heute Nachmittag gleich machen, sobald ich daheim bin.

MfG
__________________

Alt 15.06.2011, 17:09   #4
extazy
 
Google Probleme, Spybot startet nicht - Standard

Google Probleme, Spybot startet nicht



Ok ich habe Malwarebytes heruntergeladen. Von der im Link angegebenen Seite konnte ich nicht herunterladen (Server nicht gefunden). Habe mir dann von Chip die Version 1.51 heruntergeladen und installiert. Ich konnte selbst nach mehreren Versuchen nicht aktuallisieren (Fehlermeldung im Anhang) Habe dann ohne Update den Vollscan durchgeführt und es wurden 22 Objekte gefunden und gelöscht.

Hier der Log
Zitat:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6705

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

15.06.2011 18:04:38
mbam-log-2011-06-15 (18-04-38).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 388390
Laufzeit: 1 Stunde(n), 4 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 4
Infizierte Verzeichnisse: 0
Infizierte Dateien: 18

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Bad: (93.188.165.195,93.188.160.166) Good: () -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{52ACB1D7-FF71-4167-9C48-FE3993923F9A}\NameServer (Trojan.DNSChanger) -> Bad: (93.188.165.195,93.188.160.166) Good: () -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E42D46BA-BFC3-4BA0-938D-0674F5782584}\NameServer (Trojan.DNSChanger) -> Bad: (93.188.165.195,93.188.160.166) Good: () -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E42D46BA-BFC3-4BA0-938D-0674F5782584}\DhcpNameServer (Trojan.DNSChanger) -> Bad: (93.188.165.195,93.188.160.166) Good: () -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Dino\programme\Gamez\kingofthehill.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\Users\Dino\programme\Gamez\pocketpc\Gry\mobilair.balls.jeu.de.boules.v1.0.arm.smartphone2002.regged-corepda\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\Users\Dino\programme\Gamez\pocketpc\Gry\octopuzzle deluxe\mobilair.octopuzzle.deluxe.v1.0.arm.smartphone2002.regged-corepda\mobilair.octopuzzle.deluxe.v1.0.arm.smartphone2002.regged-corepda\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\Users\Dino\programme\Jokez\christmas lights.exe (Joke.Xmas) -> Quarantined and deleted successfully.
c:\Users\Dino\programme\Jokez\coladosenhalter.exe (PUP.Joke.Geschenk) -> Quarantined and deleted successfully.
c:\Users\Dino\programme\Jokez\magnum.exe (Joke.Winshoot) -> Quarantined and deleted successfully.
c:\Users\Dino\programme\programme\alcohol.120% 1.9.6.5429\crack\Alcohol.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Dino\programme\programme\Nero 8\nero8 keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
d:\platte alt\dokumente und einstellungen\Dino\eigene dateien\Dino\programme\Gamez\kingofthehill.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
d:\platte alt\dokumente und einstellungen\Dino\eigene dateien\Dino\programme\Jokez\magnum.exe (Joke.Winshoot) -> Quarantined and deleted successfully.
d:\platte alt\dokumente und einstellungen\Dino\eigene dateien\Dino\programme\programme\alcohol.120% 1.9.6.5429\crack\Alcohol.exe (Trojan.Agent) -> Quarantined and deleted successfully.
d:\platte alt\dokumente und einstellungen\Dino\eigene dateien\Dino\programme\programme\Nero 8\nero8 keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
d:\platte alt\dokumente und einstellungen\Zoran\eigene dateien\downloads dovrseno\tuneup.utilities.2008.v7.0.7986-patch.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
d:\platte alt\dokumente und einstellungen\Zoran\eigene dateien\registriranje windovsa\office&windowsxptools\windows xp product key changer(also can use keyfinder-option.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
d:\platte alt\dokumente und einstellungen\Zoran\eigene dateien\registriranje windovsa\office&windowsxptools\windows xp&2003 activation\AMD64\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully.
d:\platte alt\dokumente und einstellungen\Zoran\eigene dateien\registriranje windovsa\office&windowsxptools\windows xp&2003 activation\X86\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully.
d:\platte alt\dokumente und einstellungen\Zoran\eigene dateien\registriranje windovsa\Programi\XPKey.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
d:\platte alt\dokumente und einstellungen\Zoran\eigene dateien\registriranje windovsa\Programi\XPPID.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

Alt 15.06.2011, 20:53   #5
extazy
 
Google Probleme, Spybot startet nicht - Standard

Google Probleme, Spybot startet nicht



Hallo,
nach dem Neustart (nach dem Malwarebytesscann) kommen nun andauernd Bluescreens nach etwa 2 min PC Verwendung. Den ersten habe ich ignoriert, den zweiten habe ich mir mal aufgeschrieben:

Zitat:
xxx STOP 0x000000C9 (0x00000004, 0x8657B030, 0x00000000, 0x00000000)
Dann kam nochmal ein anderer, der wohl auf einen Treiber verweist??? Ich habe mal einen "Screenshot" gemacht. (Anhang)

Ich kann mit einem Windows7 BootUSB starten und auf alle Daten zugreifen, wenn es denn nötig wäre. Das System ist aber nicht vollwertig und hat nicht alle Funktionen.

Was soll ich tun?

MfG, ex

Miniaturansicht angehängter Grafiken
Google Probleme, Spybot startet nicht-img_0663-1-.jpg  

Alt 15.06.2011, 21:33   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Probleme, Spybot startet nicht - Standard

Google Probleme, Spybot startet nicht



Zitat:
c:\Users\Dino\programme\programme\alcohol.120% 1.9.6.5429\crack\Alcohol.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Dino\programme\programme\Nero 8\nero8 keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
Du hast deswegen ein kaputtes System!

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!
__________________
--> Google Probleme, Spybot startet nicht

Alt 16.06.2011, 11:08   #7
extazy
 
Google Probleme, Spybot startet nicht - Standard

Google Probleme, Spybot startet nicht



Daten wurden gelöscht, Programme deinstalliert (sofern sie überhaupt installiert waren)

Trotzdem Danke für den Support.

Mfg, ex

Alt 16.06.2011, 11:29   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Probleme, Spybot startet nicht - Standard

Google Probleme, Spybot startet nicht



Zitat:
"{B944FA21-81AF-4A77-8328-CE4F4CC51031}" = Nero 8
Nero8 war auf jeden Fall installiert...
Man kann nicht gecrackte Software installieren/nutzen und sich hinterher über Probleme beschweren.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Google Probleme, Spybot startet nicht
bonjour, c:\windows\system32\rundll32.exe, defender, dont.steal.our.software, funktioniert nicht mehr, grand theft auto, install.exe, joke.winshoot, joke.xmas, kaspersky, microsoft office word, office 2007, pup.hacktool.patcher, pup.joke.geschenk, pup.wpakill, registry, required, riskware.tool.ck, safer networking, searchplugins, security, security update, software, spyware.passwords, start menu, super, trojan.agent, trojan.dnschanger, trojan.downloader, usb, webcheck, windows



Ähnliche Themen: Google Probleme, Spybot startet nicht


  1. Windows 7: Google Chrome startet nicht mehr
    Log-Analyse und Auswertung - 12.09.2015 (13)
  2. Spybot kann nicht alle meine Probleme beheben
    Plagegeister aller Art und deren Bekämpfung - 15.05.2014 (15)
  3. Win8 startet nicht direkt, Probleme bei Nutzung
    Plagegeister aller Art und deren Bekämpfung - 21.10.2013 (23)
  4. System Tool (doch nicht?) entfernt - Google Chrome startet nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 15.03.2011 (16)
  5. Spybot kann Probleme nicht beheben
    Plagegeister aller Art und deren Bekämpfung - 07.01.2011 (47)
  6. Explorer Startet nicht und Spybot findet Right Media immer wieder
    Plagegeister aller Art und deren Bekämpfung - 24.05.2010 (23)
  7. antivir, hijack, spybot funktionieren nicht; von gmer.net/hijackthis.de auf google um
    Plagegeister aller Art und deren Bekämpfung - 02.02.2010 (4)
  8. google öffnet gelegentlich falsche Seiten, Spybot funktioniert nicht
    Log-Analyse und Auswertung - 22.01.2010 (1)
  9. Spybot/Anti-Malware startet nicht, Google-Links umgeleitet
    Log-Analyse und Auswertung - 10.09.2009 (14)
  10. Spybot lässt sich nicht öffnen und Google leitet auf Werbeseiten weiter
    Plagegeister aller Art und deren Bekämpfung - 27.08.2009 (3)
  11. Google sehr langsam, falsche Verlinkungen, Spybot, Malwarebytes öffnet nicht
    Log-Analyse und Auswertung - 07.07.2009 (1)
  12. Spybot S&D nicht installierbar, Umleitung von Google Suchergebnissen
    Plagegeister aller Art und deren Bekämpfung - 26.05.2009 (7)
  13. Google öffnet falsche Seiten, Spybot startet nur als Prozess...
    Log-Analyse und Auswertung - 06.04.2009 (33)
  14. SpyBot öffnet nicht, Google leitet auf Werbeseiten
    Log-Analyse und Auswertung - 18.03.2009 (8)
  15. Falsche Google-Weiterleitung, Spybot startet nicht
    Log-Analyse und Auswertung - 28.01.2009 (2)
  16. Google Redirect Spybot update nicht möglich
    Log-Analyse und Auswertung - 03.11.2008 (9)
  17. Google Earth startet nicht
    Alles rund um Windows - 14.02.2007 (3)

Zum Thema Google Probleme, Spybot startet nicht - Hi, mein google macht seit kurzer Zeit seltsame Sachen. Ich kann mich nicht erinnern was installiert oder gelöscht zu haben was das beeinflussen konnte. - Suchergebnisse werden mit seltsamen schriftzeichen - Google Probleme, Spybot startet nicht...
Archiv
Du betrachtest: Google Probleme, Spybot startet nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.