| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Alle Dateien und Programme weg, Desktop schwarzWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
24.08.2011, 21:26
| #1 |
 |  Alle Dateien und Programme weg, Desktop schwarz Hallo Kira! Wenn ich GMER laufen lasse, stürzt mein Computer leider ab.  Kurz, bevor das passiert, sehe ich in GMER noch Einträge, die mit ZW und IAT beginnen - hilft das etwas?Das MBR-Tool produziert folgendes Logfile: Code:
ATTFilter Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 5.1.2600 Disk: ST3320620AS rev.3.AAD -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8A6C8AB8]
3 CLASSPNP[0xBA0E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000066[0x8A761828]
5 ACPI[0xB9F7E620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8A6CB940]
kernel: MBR read successfully
user & kernel MBR OK
Vielen Dank für Deine Hilfe!!!! Grüße, Bernd |
|
25.08.2011, 13:25
| #2 | |
| /// Helfer-Team    | Alle Dateien und Programme weg, Desktop schwarzZitat:
__________________ |
|
30.08.2011, 07:50
| #3 |
| | Alle Dateien und Programme weg, Desktop schwarz Alles klar! Hier schonmal der Log von Malwarebytes, der Rest folgt asap:
__________________Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7606
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
30.08.2011 00:53:04
mbam-log-2011-08-30 (00-53-04).txt
Scan type: Full scan (C:\|)
Objects scanned: 378664
Time elapsed: 1 hour(s), 51 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
|
|
30.08.2011, 22:30
| #4 |
| | Alle Dateien und Programme weg, Desktop schwarz Hier die OTL.txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 30.08.2011 23:16:50 - Run 1 OTL by OldTimer - Version 3.2.26.7 Folder = C:\Dokumente und Einstellungen\Sangmeister\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 48,94% Memory free 3,85 Gb Paging File | 2,94 Gb Available in Paging File | 76,38% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 298,08 Gb Total Space | 166,15 Gb Free Space | 55,74% Space Free | Partition Type: NTFS Computer Name: BERND2 | User Name: Sangmeister | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.08.30 23:16:02 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\OTL.exe PRC - [2011.08.21 21:05:09 | 000,399,512 | ---- | M] (Mozilla Messaging) -- C:\Programme\Mozilla Thunderbird\thunderbird.exe PRC - [2011.08.21 19:22:21 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2011.07.30 23:29:49 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.65\GoogleCrashHandler.exe PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.06.28 21:55:02 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2011.06.28 21:55:02 | 000,340,136 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe PRC - [2011.06.28 21:55:02 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2011.05.25 22:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Dropbox\bin\Dropbox.exe PRC - [2011.04.28 18:46:02 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.01.05 12:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.11.03 19:52:38 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.10.29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2010.06.09 20:03:50 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2010.01.04 12:36:28 | 002,893,624 | ---- | M] (Mozy, Inc.) -- C:\Programme\MozyHome\mozystat.exe PRC - [2008.12.20 08:50:34 | 002,656,528 | ---- | M] () -- C:\Programme\Logitech\QuickCam\Quickcam.exe PRC - [2008.12.20 08:46:58 | 000,558,864 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\LogiShrd\LQCVFX\COCIManager.exe PRC - [2008.12.16 22:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2008.11.11 22:43:44 | 000,049,152 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\dtpd.exe PRC - [2008.11.11 22:42:00 | 000,712,704 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\iked.exe PRC - [2008.11.11 22:40:32 | 000,536,576 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\ipsecd.exe PRC - [2008.07.22 22:44:06 | 000,357,376 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.03.04 14:00:20 | 004,150,016 | ---- | M] (Space Sciences Laboratory) -- C:\Programme\BOINC\boincmgr.exe PRC - [2008.03.04 14:00:16 | 000,713,472 | ---- | M] (Space Sciences Laboratory) -- C:\Programme\BOINC\boinc.exe PRC - [2006.12.14 17:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe PRC - [2006.03.03 22:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe ========== Modules (No Company Name) ========== MOD - [2011.08.24 20:00:39 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2011.08.21 21:05:13 | 001,845,400 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\mozjs.dll MOD - [2011.08.21 21:05:13 | 000,161,944 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldap32v60.dll MOD - [2011.08.21 21:05:13 | 000,021,656 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll MOD - [2011.08.21 19:22:20 | 001,846,232 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2010.06.09 20:03:51 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2010.01.04 12:36:26 | 000,072,504 | ---- | M] () -- C:\Programme\MozyHome\librs2.dll MOD - [2009.09.04 23:15:06 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll MOD - [2008.12.20 08:50:34 | 002,656,528 | ---- | M] () -- C:\Programme\Logitech\QuickCam\Quickcam.exe MOD - [2008.12.20 08:46:58 | 000,558,864 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\LogiShrd\LQCVFX\COCIManager.exe MOD - [2008.11.11 22:43:44 | 000,049,152 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\dtpd.exe MOD - [2008.11.11 22:42:00 | 000,712,704 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\iked.exe MOD - [2008.11.11 22:40:32 | 000,536,576 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\ipsecd.exe MOD - [2008.11.11 22:32:44 | 000,016,384 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\libdtp.dll MOD - [2008.11.11 22:32:32 | 000,022,016 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\libike.dll MOD - [2008.11.11 22:32:30 | 000,025,600 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\libpfk.dll MOD - [2008.11.11 22:32:16 | 000,025,088 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\libvflt.dll MOD - [2008.11.11 22:32:12 | 000,026,112 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\libvnet.dll MOD - [2008.11.11 22:32:02 | 000,102,400 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\libip.dll MOD - [2008.11.11 22:31:30 | 000,018,944 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\libidb.dll MOD - [2008.11.11 22:31:24 | 000,010,752 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\liblog.dll MOD - [2008.11.11 22:31:22 | 000,015,360 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\libith.dll MOD - [2008.05.16 14:00:00 | 000,069,632 | ---- | M] () -- C:\Programme\UltraEdit\ue32ctmn.dll MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008.02.25 22:23:10 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll MOD - [2007.07.02 13:10:04 | 000,061,952 | ---- | M] () -- C:\Programme\BOINC\zlib1.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (USBDLM) SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService) SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.06.28 21:55:02 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2011.06.28 21:55:02 | 000,340,136 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2011.06.28 21:55:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.04.28 18:46:02 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.01.05 12:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2008.12.16 22:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008.11.11 22:43:44 | 000,049,152 | ---- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\dtpd.exe -- (dtpd) SRV - [2008.11.11 22:42:00 | 000,712,704 | ---- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\iked.exe -- (iked) SRV - [2008.11.11 22:40:32 | 000,536,576 | ---- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\ipsecd.exe -- (ipsecd) SRV - [2008.11.04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006.12.14 17:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006.03.03 22:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2005.11.17 16:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV - [2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.06.28 21:55:03 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2011.06.28 21:55:03 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.10.06 12:49:56 | 000,570,168 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA) DRV - [2009.10.06 12:49:56 | 000,527,800 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM) DRV - [2009.08.04 21:01:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.08.04 21:00:54 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009.07.14 22:17:07 | 000,229,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm) DRV - [2009.02.16 11:50:00 | 000,116,736 | ---- | M] (BridgeCo AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ffSaffire_1394.sys -- (ffSaffire_1394) DRV - [2009.02.16 11:50:00 | 000,044,544 | ---- | M] (BridgeCo AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ffSaffire_avs.sys -- (ffSaffire_avs) DRV - [2008.12.17 08:02:06 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2008.12.17 08:01:42 | 006,364,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam for Notebooks Deluxe(UVC) DRV - [2008.12.17 08:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2008.12.17 08:00:12 | 000,768,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2008.12.17 07:58:30 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt) DRV - [2008.12.17 07:54:30 | 000,495,640 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928) DRV - [2008.12.16 22:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2008.11.11 22:47:14 | 000,040,576 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vfilter.sys -- (pflt) DRV - [2008.11.11 22:47:06 | 000,006,912 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\virtualnet.sys -- (vnet) DRV - [2008.04.17 16:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2008.02.05 01:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2) DRV - [2008.01.03 23:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2002.11.25 05:46:16 | 000,016,896 | ---- | M] (Syncrosoft GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\synasUSB.sys -- (SynasUSB) DRV - [2002.06.13 16:08:46 | 000,014,604 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2001.12.06 18:57:28 | 000,019,076 | ---- | M] (emagic Soft- und Hardware GmbH, Germany) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EMGICUSB.sys -- (EmgicUsb) DRV - [2001.12.06 18:54:28 | 000,012,564 | ---- | M] (emagic Soft- und Hardware GmbH, Germany) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EMGM4U2K.sys -- (EMGM4U2K) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search" FF - prefs.js..browser.search.defaulturl: "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q=" FF - prefs.js..browser.search.order.1: "Fast Browser Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.106 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9 FF - prefs.js..extensions.enabledItems: yslow@yahoo-inc.com:2.1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={CAB22DD1-8C29-FECF-FADD-859B3DA1B16B}&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.08.21 19:22:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.03.27 14:18:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2011.08.21 21:05:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010.07.22 21:53:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Extensions [2010.07.22 21:53:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.08.21 19:22:27 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Firefox\Profiles\ulb09ne6.default\extensions [2011.07.10 17:52:55 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Firefox\Profiles\ulb09ne6.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9} [2011.06.04 22:12:37 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Firefox\Profiles\ulb09ne6.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011.01.08 22:26:15 | 000,000,000 | ---D | M] (Web Developer) -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Firefox\Profiles\ulb09ne6.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2009.08.08 23:41:48 | 000,004,153 | ---- | M] () -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Mozilla\Firefox\Profiles\ulb09ne6.default\searchplugins\youtube.xml [2011.03.27 14:18:38 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.06.08 18:50:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.21 15:41:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.17 21:39:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.03.21 20:15:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010.06.09 20:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\SANGMEISTER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ULB09NE6.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\SANGMEISTER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ULB09NE6.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\SANGMEISTER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ULB09NE6.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\SANGMEISTER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ULB09NE6.DEFAULT\EXTENSIONS\YSLOW@YAHOO-INC.COM.XPI [2008.11.24 23:46:47 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009.09.02 08:50:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011.08.21 19:22:21 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2007.12.19 14:57:38 | 000,310,272 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll [2008.12.31 13:45:40 | 000,279,888 | ---- | M] (Musicnotes, Inc.) -- C:\Programme\mozilla firefox\plugins\npmusicn.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2009.08.26 21:28:44 | 000,003,700 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\fast.png [2009.08.26 21:28:44 | 000,001,963 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\fast.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2007.10.29 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (jZip Webmail plugin) - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Programme\jZip\WebmailPlugin.dll (Discordia Limited) O3 - HKLM\..\Toolbar: (&TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\CinergyDigital3\THCDeskBand.dll (TerraTec Electronic GmbH) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No CLSID value found. O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [QuickTime Task] C:\Programme\QTLite\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_15_Plus\Trayserver.exe (MAGIX AG) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] File not found O4 - HKCU..\Run: [MsgCenterExe] File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bginfo.exe (Sysinternals) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BOINC Manager.lnk = C:\Programme\BOINC\boincmgr.exe (Space Sciences Laboratory) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\MozyHome Status.lnk = C:\Programme\MozyHome\mozystat.exe (Mozy, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\USBDLM.exe.lnk = C:\Programme\USBDLM\USBDLM.exe (Uwe Sieber - www.uwe-sieber.de) O4 - Startup: C:\Dokumente und Einstellungen\Sangmeister\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} hxxp://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://uk.dbrasweb.db.com/dana-cached/setup/JuniperSetupSP1.cab (JuniperSetupSP1 Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.05.26 15:57:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{30c1df18-f79c-11df-9b68-001d7d4be4ba}\Shell\AutoRun\command - "" = E:\Menu.exe O33 - MountPoints2\{ea0ae1f0-7eac-11de-9a22-001d7d4be4ba}\Shell\AutoRun\command - "" = F:\WebarooPortable\WebarooPortable.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.08.30 23:16:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\OTL.exe [2011.08.17 20:06:16 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2011.08.17 20:05:43 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys [2011.08.15 22:55:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Avira [2011.08.15 22:35:56 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax [2011.08.15 22:35:56 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax [2011.08.15 22:31:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Sangmeister\Recent [2011.08.14 21:53:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner [2011.08.07 00:24:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sangmeister\Recent(2) [2011.08.07 00:18:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Malwarebytes [2011.08.07 00:18:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2011.08.07 00:18:09 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.08.07 00:18:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2011.08.07 00:18:04 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011.08.07 00:18:04 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.08.07 00:17:10 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\mbam-setup-1.51.1.1800.exe [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.08.30 23:19:00 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B29ED1EA-B1DD-47BE-AC63-3988E113932F}.job [2011.08.30 23:16:02 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\OTL.exe [2011.08.30 22:54:56 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011.08.30 22:50:52 | 007,056,054 | ---- | M] () -- C:\WINDOWS\BGInfo.bmp [2011.08.30 22:49:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.08.30 22:49:32 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.08.30 22:49:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.08.30 22:48:56 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs [2011.08.30 22:48:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad [2011.08.30 08:34:00 | 000,001,234 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3240184748-827947968-3144426994-1005UA.job [2011.08.30 08:30:00 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.08.29 23:34:01 | 000,001,182 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3240184748-827947968-3144426994-1005Core.job [2011.08.24 22:20:34 | 000,089,088 | ---- | M] () -- C:\WINDOWS\System32\mbr.exe [2011.08.24 22:20:34 | 000,089,088 | ---- | M] () -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\mbr.exe [2011.08.24 21:42:08 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\49v2z8ge.exe [2011.08.24 20:00:39 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011.08.17 23:34:10 | 000,461,250 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.08.17 23:34:10 | 000,442,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.08.17 23:34:10 | 000,085,662 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.08.17 23:34:10 | 000,072,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.08.17 23:32:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.08.15 22:43:26 | 000,684,297 | ---- | M] () -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\unhide.exe [2011.08.07 00:18:10 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.08.07 00:17:24 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\mbam-setup-1.51.1.1800.exe [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.08.24 22:22:42 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\mbr.exe [2011.08.24 22:20:34 | 000,089,088 | ---- | C] () -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\mbr.exe [2011.08.24 21:42:08 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\49v2z8ge.exe [2011.08.15 22:55:01 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.08.15 22:43:25 | 000,684,297 | ---- | C] () -- C:\Dokumente und Einstellungen\Sangmeister\Desktop\unhide.exe [2011.08.06 18:09:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvuvc.hs [2011.08.06 18:09:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\logiflt.iad [2010.12.18 19:49:56 | 000,134,874 | ---- | C] () -- C:\WINDOWS\HPHins12.dat [2010.12.18 19:49:56 | 000,014,916 | ---- | C] () -- C:\WINDOWS\hphmdl12.dat [2009.12.20 23:57:53 | 000,088,896 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2009.12.12 21:51:52 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009.06.13 08:35:22 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2009.06.13 08:35:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe [2009.06.13 08:35:11 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini [2009.03.09 23:56:14 | 000,520,267 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll [2009.01.05 23:32:14 | 000,001,476 | ---- | C] () -- C:\WINDOWS\tefview.ini [2008.12.16 22:58:54 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2008.12.16 22:50:56 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLgFT.dll [2008.12.04 22:26:30 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll [2008.12.04 22:25:24 | 000,007,119 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2008.11.25 23:26:11 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe [2008.11.25 23:26:11 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe [2008.11.25 23:26:11 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe [2008.11.25 23:26:11 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe [2008.11.25 23:26:11 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2008.11.20 23:50:39 | 000,120,195 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp [2008.11.20 23:50:39 | 000,006,947 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp [2008.09.03 22:26:29 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\winscp.rnd [2008.06.22 09:46:06 | 000,021,317 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008.06.15 23:03:45 | 000,081,110 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2008.06.11 21:22:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008.06.11 21:22:11 | 000,080,896 | ---- | C] () -- C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.06.11 09:58:28 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat [2008.06.10 21:36:48 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll [2008.06.10 18:52:54 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2008.06.10 18:52:40 | 000,000,166 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini [2008.06.10 18:52:11 | 000,000,734 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2008.06.10 18:50:07 | 000,109,411 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2008.06.10 18:49:35 | 000,006,947 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat [2008.05.29 15:09:33 | 000,001,826 | ---- | C] () -- C:\WINDOWS\mozver.dat [2008.05.29 14:56:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2008.05.29 12:31:25 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2008.05.27 15:01:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2008.05.26 16:52:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008.05.26 16:52:08 | 000,419,040 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2008.05.26 16:47:28 | 000,002,480 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2008.05.26 16:47:20 | 000,461,250 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2008.05.26 16:47:20 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2008.05.26 16:47:20 | 000,085,662 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2008.05.26 16:47:20 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2008.05.26 16:47:10 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008.05.26 16:47:09 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008.05.26 16:47:09 | 000,442,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008.05.26 16:47:09 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008.05.26 16:47:09 | 000,072,292 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008.05.26 16:47:09 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008.05.26 16:47:09 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008.05.26 16:47:08 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2008.05.26 16:47:07 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008.05.26 16:47:07 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008.05.26 16:47:03 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008.05.26 16:47:02 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2008.05.26 16:40:09 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2008.05.26 16:03:51 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini [2008.05.26 15:58:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2008.05.26 15:55:59 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2007.12.05 01:41:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007.12.05 01:41:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2007.12.05 01:41:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007.12.05 01:41:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2007.12.05 01:41:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007.12.05 01:41:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007.12.05 01:41:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2007.12.05 01:41:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2007.12.05 01:41:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2001.07.07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini ========== LOP Check ========== [2008.08.03 17:03:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations [2008.05.29 18:14:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe [2008.12.04 22:29:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX [2008.12.31 14:23:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Musicnotes [2009.08.09 00:13:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Native Instruments [2009.03.10 00:02:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PACE Anti-Piracy [2008.06.09 15:08:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite [2010.01.19 18:15:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TechSmith [2010.01.17 01:24:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2008.06.12 20:23:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TerraTec [2008.05.29 15:13:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip [2009.08.09 00:21:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{2E36EF44-3E35-4623-B1DD-517C334DF1C5} [2010.07.18 20:12:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009.08.09 00:15:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{52ED8FE1-21DE-43A8-9F02-2EB85424469C} [2009.09.20 15:26:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009.06.07 12:24:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009.03.07 19:04:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{9C36D948-8394-4450-B5B9-025B8EC0198D} [2009.08.09 00:13:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2} [2008.05.29 13:01:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~0 [2008.11.13 00:13:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Anthropics [2010.02.02 00:41:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Blender Foundation [2011.08.30 22:51:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Dropbox [2011.04.21 22:22:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\gtk-2.0 [2009.01.05 00:20:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Inkscape [2009.08.10 21:28:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Juniper Networks [2008.09.21 10:41:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Leadertech [2008.06.12 12:37:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Multimedia Player [2009.01.13 23:57:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\OpenOffice.org [2009.07.23 19:36:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Opera [2009.03.10 00:02:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\PACE Anti-Piracy [2008.06.09 15:08:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\PC Suite [2009.10.18 17:05:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Revolver Preferences [2008.08.03 17:03:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Samsung [2009.09.11 00:13:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\SecondLife [2008.08.20 22:28:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Steinberg [2010.06.13 00:07:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Stellarium [2008.06.12 20:23:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\TerraTec [2010.07.22 21:53:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Thunderbird [2009.03.11 22:48:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\WholeSecurity [2011.08.30 23:19:00 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{B29ED1EA-B1DD-47BE-AC63-3988E113932F}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 < End of report > |
|
30.08.2011, 22:31
| #5 |
| | Alle Dateien und Programme weg, Desktop schwarz Und hier die Extras.txt OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 30.08.2011 23:16:50 - Run 1
OTL by OldTimer - Version 3.2.26.7 Folder = C:\Dokumente und Einstellungen\Sangmeister\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 48,94% Memory free
3,85 Gb Paging File | 2,94 Gb Available in Paging File | 76,38% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298,08 Gb Total Space | 166,15 Gb Free Space | 55,74% Space Free | Partition Type: NTFS
Computer Name: BERND2 | User Name: Sangmeister | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.ini [@ = UltraEdit.ini] -- C:\Programme\UltraEdit\uedit32.exe (IDM Computer Solutions, Inc.)
.js [@ = UltraEdit.js] -- C:\Programme\UltraEdit\uedit32.exe (IDM Computer Solutions, Inc.)
.txt [@ = UltraEdit.txt] -- C:\Programme\UltraEdit\uedit32.exe (IDM Computer Solutions, Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
jsfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"20001:UDP" = 20001:UDP:*:Enabled:MicroSAN
"80:TCP" = 80:TCP:*:Enabled:Web
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"161:UDP" = 161:UDP:*:Enabled:HP Scanning UDP 161
"427:UDP" = 427:UDP:*:Enabled:HP Scanning UDP 427
"9220:TCP" = 9220:TCP:*:Enabled:HP Scanning TCP 9220
"9500:TCP" = 9500:TCP:*:Enabled:HP Scanning TCP 9500
"9290:TCP" = 9290:TCP:*:Enabled:HP Scanning TCP 9290
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup
"C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Temp\Nero Web\SetupXu.exe" = C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Temp\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Temp\hp_webrelease\setup\HPZnet01.exe" = C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Temp\hp_webrelease\setup\HPZnet01.exe:*:Enabled:hpznet01.exe -- (Hewlett-Packard)
"C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Temp\hp_webrelease\setup\hponicifs01.exe" = C:\Dokumente und Einstellungen\Sangmeister\Lokale Einstellungen\Temp\hp_webrelease\setup\hponicifs01.exe:*:Enabled:hponicifs01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\CinergyDigital3\CinergyDvrHelper.exe" = C:\Programme\CinergyDigital3\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)
"C:\Programme\CinergyDigital3\CinergyDvr.exe" = C:\Programme\CinergyDigital3\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema -- (TerraTec Electronic GmbH)
"C:\Programme\CinergyDigital3\CinergyDvrUpdate\CinergyDVRUp_Date.exe" = C:\Programme\CinergyDigital3\CinergyDvrUpdate\CinergyDVRUp_Date.exe:*:Enabled:TerraTec Auto Update
"C:\WINDOWS\system32\HPZipm12.exe" = C:\WINDOWS\system32\HPZipm12.exe:*:Enabled:HPZipm12.exe -- (HP)
"C:\WINDOWS\system32\HPZinw12.exe" = C:\WINDOWS\system32\HPZinw12.exe:*:Enabled:HPZinw12.exe -- (HP)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer
"C:\Programme\WinSCP\WinSCP.exe" = C:\Programme\WinSCP\WinSCP.exe:*:Enabled:SFTP, FTP and SCP client -- (Martin Prikryl)
"C:\Programme\CinergyDigital3\InstTool.exe" = C:\Programme\CinergyDigital3\InstTool.exe:*:Enabled:TerraTec Home Cinema (Setup) -- (TerraTec Electronic GmbH)
"C:\Programme\CinergyDigital3\tvtvSetup\tvtv_Wizard.exe" = C:\Programme\CinergyDigital3\tvtvSetup\tvtv_Wizard.exe:*:Enabled:TerraTec Home Cinema (tvtv Setup) -- (TerraTec Electronic GmbH)
"C:\Dokumente und Einstellungen\Sangmeister\Desktop\HP_WebRelease\setup\HPZnet01.exe" = C:\Dokumente und Einstellungen\Sangmeister\Desktop\HP_WebRelease\setup\HPZnet01.exe:*:Enabled:hpznet01.exe
"C:\Programme\Java\jre6\launch4j-tmp\VoiceNotesSync.exe" = C:\Programme\Java\jre6\launch4j-tmp\VoiceNotesSync.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe" = C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe:*:Enabled:Juniper Terminal Services Client
"D:\Autorun.exe" = D:\Autorun.exe:*:Enabled:CD navigator
"C:\Programme\RAIDar\RAIDar.exe" = C:\Programme\RAIDar\RAIDar.exe:*:Enabled:Monitor ReadyNAS device -- (Netgear Inc.)
"C:\Programme\SecondLife\SLVoice.exe" = C:\Programme\SecondLife\SLVoice.exe:*:Enabled:SLVoice
"C:\Programme\Aptana\Aptana Studio 1.5\AptanaStudio.exe" = C:\Programme\Aptana\Aptana Studio 1.5\AptanaStudio.exe:*:Enabled:AptanaStudio
"C:\Programme\Revolver 7\Revolver Office.exe" = C:\Programme\Revolver 7\Revolver Office.exe:*:Enabled:Revolver Office 7.1.2 -- ()
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)
"C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\Sangmeister\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"D:\Software\x_misc\fritz.box_wlan_3270_v3.04.87.recover-image.exe" = D:\Software\x_misc\fritz.box_wlan_3270_v3.04.87.recover-image.exe:*:Enabled:AvmRecover
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 24
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A316611-45D1-429C-AA26-B71259C44689}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DEC294A-ECF1-46D4-BA04-1B880D768E33}" = UltraEdit v14.00b
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{53EF6570-21A4-47ED-A40A-E6470A5677A3}" = Studio 8
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}" = msxml4
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{6890BB45-8983-47C3-8FE5-4A03CB7554FE}" = Native Instruments Compilation Vol. 1
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{86B77B5A-B157-6386-37B0-DB2494DEEAFF}" = MozyHome Remote Backup
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{937B232D-9776-471E-92BD-D424E514EF14}" = Logitech QuickCam
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{ADF69C76-13FF-49F0-A078-922725A8B1B6}" = BOINC
"{B19F9155-9337-4807-B5EF-ED471DDB2CCE}" = hph_software_req
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B80954EE-5CA9-4202-BB8C-0DC3E332F47F}" = Native Instruments Kontakt 3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1AE6D4D-C37A-487d-83D8-C333125B2459}" = HP Photosmart and Deskjet 7.0 Software (deu)
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{e7394a0f-3f80-45b1-87fc-abcd51893246}" = Python 2.6.4
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AKAI professional DCVocoder 1.0" = AKAI professional DCVocoder 1.0
"AKAI professional DecaBuddy 1.0" = AKAI professional DecaBuddy 1.0
"AKAI professional PitchRight 1.0" = AKAI professional PitchRight 1.0
"AKAI professional QuadComp 1.0" = AKAI professional QuadComp 1.0
"AKAI professional Rotator 1.0" = AKAI professional Rotator 1.0
"Audacity_is1" = Audacity 1.2.6
"Audiograbber" = Audiograbber 1.83 SE
"Avira AntiVir Desktop" = Avira AntiVir Premium
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Best Service Artist Drums" = Best Service Artist Drums
"Blender" = Blender (remove only)
"Cinergy XS Series" = Cinergy XS Series V5.09.0304.00a
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"FreePDF_XP" = FreePDF XP (Remove only)
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"HijackThis" = HijackThis 2.0.2
"Hollywood FX 4.6" = Pinnacle Hollywood FX 4.6
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Inkscape" = Inkscape 0.46
"jZip" = jZip
"legacyqcam_11.10" = Logitech Legacy USB Camera-Treiberpaket
"lvdrivers_11.90" = Logitech QuickCam-Treiberpaket
"MAGIX 3D Maker D" = MAGIX 3D Maker (embeded)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"MAGIX Video deluxe 15 Plus Download-Version D" = MAGIX Video deluxe 15 Plus Download-Version 8.0.1.2 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0 (x86 de)" = Mozilla Firefox 6.0 (x86 de)
"Mozilla Thunderbird (6.0)" = Mozilla Thunderbird (6.0)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Native Instruments AC Box Combo" = Native Instruments AC Box Combo
"Native Instruments Compilation Vol. 1" = Native Instruments Compilation Vol. 1
"Native Instruments Kontakt 3" = Native Instruments Kontakt 3
"Native Instruments Kore Player" = Native Instruments Kore Player
"Native Instruments Plexi Combo" = Native Instruments Plexi Combo
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Twang Combo" = Native Instruments Twang Combo
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OpenLibraries" = OpenLibraries
"Picasa2" = Picasa 2
"qt7lite_is1" = QT Lite 2.6.0
"RAIDar 4.00c1-p1" = RAIDar 4.00c1-p1
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Revolver Office_is1" = Revolver Office 7.1.2
"Saffire_is1" = Saffire 2.5
"Steinberg Cubase SE 3" = Steinberg Cubase SE 3
"Steinberg VSTi Collection" = Steinberg VSTi Collection
"Stellarium_is1" = Stellarium 0.10.5
"SUPER ©" = SUPER © Version 2008.bld.33 (Sep 2, 2008)
"Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle
"VLC media player" = VLC media player 1.0.1
"Waldorf Edition" = Waldorf Edition
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"winscp3_is1" = WinSCP 4.1.6
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 15.08.2011 16:42:37 | Computer Name = BERND2 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich 791574109.
Error - 15.08.2011 17:00:47 | Computer Name = BERND2 | Source = Avira AntiVir | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 15.08.2011 17:01:21 | Computer Name = BERND2 | Source = Avira AntiVir | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 15.08.2011 17:02:01 | Computer Name = BERND2 | Source = Avira AntiVir | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 15.08.2011 17:06:24 | Computer Name = BERND2 | Source = Avira AntiVir | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 15.08.2011 17:06:26 | Computer Name = BERND2 | Source = Avira AntiVir | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 17.08.2011 13:15:50 | Computer Name = BERND2 | Source = Avira AntiVir | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 17.08.2011 13:57:37 | Computer Name = BERND2 | Source = Avira AntiVir | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 21.08.2011 13:07:36 | Computer Name = BERND2 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 24.08.2011 16:15:21 | Computer Name = BERND2 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
[ System Events ]
Error - 24.08.2011 16:00:51 | Computer Name = BERND2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 24.08.2011 16:02:58 | Computer Name = BERND2 | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst NVSvc.
Error - 24.08.2011 16:04:18 | Computer Name = BERND2 | Source = System Error | ID = 1003
Description = Fehlercode 1000000a, 1. Parameter 000000f8, 2. Parameter 00000002,
3. Parameter 00000001, 4. Parameter 806e884a.
Error - 24.08.2011 16:12:12 | Computer Name = BERND2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 24.08.2011 16:14:49 | Computer Name = BERND2 | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst NVSvc.
Error - 24.08.2011 16:15:21 | Computer Name = BERND2 | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst WMI-Leistungsadapter.
Error - 24.08.2011 16:15:21 | Computer Name = BERND2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WMI-Leistungsadapter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 24.08.2011 16:16:50 | Computer Name = BERND2 | Source = System Error | ID = 1003
Description = Fehlercode 1000000a, 1. Parameter 000000f8, 2. Parameter 00000002,
3. Parameter 00000001, 4. Parameter 806e884a.
Error - 29.08.2011 16:38:21 | Computer Name = BERND2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 30.08.2011 16:49:27 | Computer Name = BERND2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
[/code] |
|
30.08.2011, 22:39
| #6 |
| | Alle Dateien und Programme weg, Desktop schwarz Und zu guter Letzt noch Ccleaner.txt: Code:
ATTFilter Adobe Flash Player 10 Plugin Adobe Systems Incorporated 30.08.2011 10.3.183.5
Adobe Flash Player ActiveX Adobe Systems Incorporated 30.08.2011 9.0.124.0
Adobe Photoshop 7.0 Adobe Systems, Inc. 30.08.2011 7.0
Adobe Reader 8.1.2 - Deutsch Adobe Systems Incorporated 26.05.2008 101,3MB 8.1.2
Adobe Shockwave Player 11 Adobe Systems, Inc. 30.08.2011 11
AKAI professional DCVocoder 1.0 30.08.2011
AKAI professional DecaBuddy 1.0 30.08.2011
AKAI professional PitchRight 1.0 30.08.2011
AKAI professional QuadComp 1.0 30.08.2011
AKAI professional Rotator 1.0 30.08.2011
Apple Application Support Apple Inc. 30.01.2011 54,5MB 1.4.1
Apple Mobile Device Support Apple Inc. 30.01.2011 21,7MB 3.3.1.3
Apple Software Update Apple Inc. 21.09.2008 2,16MB 2.1.1.116
Audacity 1.2.6 30.08.2011
Audiograbber 1.83 SE Audiograbber Deutschland 30.08.2011 1.83 SE
Avira AntiVir Premium Avira GmbH 30.08.2011 10.2.0.728
Best Service Artist Drums 30.08.2011
Blender (remove only) 30.08.2011
BOINC Space Sciences Laboratory, U.C. Berkeley 07.06.2008 13,3MB 5.10.45
Camtasia Studio 6 TechSmith Corporation 30.09.2009 79,3MB 6.0.3
CCleaner Piriform 30.08.2011 3.10
Cinergy XS Series V5.09.0304.00a 30.08.2011 5.09.0304.00a
Dropbox Dropbox, Inc. 30.08.2011 1.1.35
Firebird SQL Server - MAGIX Edition MAGIX AG 04.12.2008 2.0.1.13
FreeMind 12.02.2009 0.8.1
FreePDF XP (Remove only) 30.08.2011
GIMP 2.6.7 19.11.2009
Google Chrome Google Inc. 03.09.2008 13.0.782.215
Google Desktop Google 30.08.2011 5.7.0802.22438
Google Earth Google 26.06.2011 84,7MB 6.0.3.2197
Google SketchUp 6 Google 26.06.2008 6.0.01337
Google Updater Google Inc. 30.08.2011 2.4.1536.6592
GPL Ghostscript 8.64 30.08.2011
High Definition Audio Driver Package - KB888111 Microsoft Corporation 30.08.2011 20040219.000000
HijackThis 2.0.2 TrendMicro 30.08.2011 2.0.2
HP Imaging Device Functions 7.0 HP 30.08.2011 7.0
HP Photosmart and Deskjet 7.0 Software (deu) HP 30.08.2011 7.1
HP Photosmart, Officejet and Deskjet 7.0.A HP 30.08.2011 7.0
Inkscape 0.46 30.08.2011 0.46
iPhone-Konfigurationsprogramm Apple Inc. 20.09.2009 22,4MB 2.1.0.163
iTunes Apple Inc. 30.01.2011 144,7MB 10.1.2.17
Java(TM) 6 Update 24 Sun Microsystems, Inc. 24.11.2008 90,5MB 6.0.240
Java(TM) 6 Update 4 Sun Microsystems, Inc. 07.06.2008 137,7MB 1.6.0.40
Java(TM) 6 Update 6 Sun Microsystems, Inc. 29.05.2008 114,3MB 1.6.0.60
Java(TM) 6 Update 7 Sun Microsystems, Inc. 23.07.2008 114,3MB 1.6.0.70
jZip Discordia Limited. 30.08.2011
Logitech Legacy USB Camera-Treiberpaket 30.08.2011
Logitech QuickCam Logitech Inc. 20.01.2009 44,1MB 11.90.1263
Logitech QuickCam-Treiberpaket 30.08.2011
Logitech Updater Ihr Firmenname 13.06.2010 1,30MB 1.70
MAGIX 3D Maker (embeded) MAGIX AG 04.12.2008 6.0.0.3
MAGIX Screenshare 4.3.6.1987 (D) MAGIX AG 04.12.2008 4.3.6.1987
MAGIX Video deluxe 15 Plus Download-Version 8.0.1.2 (D) MAGIX AG 04.12.2008 8.0.1.2
Malwarebytes' Anti-Malware Version 1.51.1.1800 Malwarebytes Corporation 15.08.2011 1.51.1.1800
Microsoft .NET Framework 1.1 06.10.2010
Microsoft .NET Framework 2.0 Language Pack - DEU Microsoft Corporation 26.05.2008
Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 17.08.2011 184,4MB 2.2.30729
Microsoft .NET Framework 3.0 German Language Pack Microsoft Corporation 26.05.2008
Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 24.06.2010 209MB 3.2.30729
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 06.10.2010
Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation 29.05.2008 1
Microsoft Office File Validation Add-In Microsoft Corporation 29.06.2011 7,92MB 14.0.5130.5003
Microsoft Office Home and Student 2007 Microsoft Corporation 16.06.2011 12.0.6425.1000
Microsoft Silverlight Microsoft Corporation 16.06.2011 174,9MB 4.0.60531.0
Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Corporation 29.05.2008
Microsoft Virtual PC 2007 SP1 Microsoft Corporation 22.08.2008 38,0MB 6.0.192.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 29.07.2009 0,11MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 16.06.2011 5,28MB 8.0.61001
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 04.08.2009 0,15MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 04.08.2009 10,3MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.06.2011 10,2MB 9.0.30729.6161
Mozilla Firefox 6.0 (x86 de) Mozilla 30.08.2011 6.0
Mozilla Thunderbird (6.0) Mozilla 30.08.2011 6.0 (de)
MozyHome Remote Backup Mozy, Inc. 17.01.2010 16,7MB 1.16.4.0
MSXML 4.0 SP2 (KB936181) Microsoft Corporation 30.05.2008 2,62MB 4.20.9848.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 12.11.2008 2,67MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 25.11.2009 2,77MB 4.20.9876.0
MSXML 6.0 Parser (KB933579) Microsoft Corporation 26.05.2008 1,34MB 6.10.1200.0
msxml4 Default Company Name 14.09.2008 48,00KB 1.0.0
Native Instruments AC Box Combo 30.08.2011
Native Instruments Compilation Vol. 1 Native Instruments 07.03.2009
Native Instruments Kontakt 3 Native Instruments 09.08.2009
Native Instruments Kontakt Factory Selection
Native Instruments Kore Player Native Instruments 30.08.2011
Native Instruments Plexi Combo 30.08.2011
Native Instruments Service Center Native Instruments 09.08.2009
Native Instruments Twang Combo 30.08.2011
NVIDIA Drivers 30.08.2011
Octoshape add-in for Adobe Flash Player 30.08.2011
OpenLibraries
OpenOffice.org 3.1 OpenOffice.org 14.06.2009 370MB 3.1.9399
Opera 9.64 Opera Software ASA 23.07.2009 16,1MB 9.64
Picasa 2 Google, Inc. 30.08.2011 2.0
Pinnacle Hollywood FX 4.6 30.08.2011
Python 2.6.4 Python Software Foundation 01.02.2010 49,3MB 2.6.4150
QT Lite 2.6.0 27.07.2008 2.6.0
QuickTime Apple Inc. 30.01.2011 73,7MB 7.69.80.9
RAIDar 4.00c1-p1 Netgear Inc. 30.08.2011
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 26.05.2008 5.10.0.5605
RedMon - Redirection Port Monitor 30.08.2011
Revolver Office 7.1.2 Mono Systems GmbH 18.10.2009
Safari Apple Inc. 22.11.2009 38,8MB 5.31.21.10
Saffire 2.5 Focusrite Audio Engineering Ltd. 09.03.2009 2.5
Skype™ 5.3 Skype Technologies S.A. 04.07.2011 16,6MB 5.3.120
Spelling Dictionaries Support For Adobe Reader 8 Adobe Systems 29.05.2008 32,5MB 8.0.0
Steinberg Cubase SE 3 Steinberg Media Technologies GmbH 30.08.2011
Steinberg VSTi Collection 29.08.2011
Stellarium 0.10.5 13.06.2010
Studio 8 Pinnacle Systems 30.08.2011 8.7.0.0
SUPER © Version 2008.bld.33 (Sep 2, 2008) eRightSoft 25.11.2008 Version 2008.bld.33 (Sep 2, 2008)
Syncrosofts Lizenz Kontrolle Syncrosoft Hard- Und Software GmbH 30.08.2011
TerraTec Home Cinema 30.08.2011 5.118.0
UltraEdit v14.00b IDM Computer Solutions, Inc. 14.06.2008 34,2MB 14.0.12
VLC media player 1.0.1 VideoLAN Team 30.08.2011 1.0.1
Waldorf Edition 30.08.2011
Windows Genuine Advantage Validation Tool (KB892130) Microsoft Corporation 29.05.2008
Windows Internet Explorer 8 Microsoft Corporation 05.07.2009 20090308.140743
Windows Media Format 11 runtime 30.08.2011
Windows Media Player 11 30.08.2011
Windows XP Service Pack 3 Microsoft Corporation 30.08.2008 20080414.031514
WinSCP 4.1.6 Martin Prikryl 03.09.2008 4.1.6
WinZip 11.1 WinZip Computing, S.L. 29.05.2008 11,3MB 11.1.7466g
|
|
31.08.2011, 08:17
| #7 |
| /// Helfer-Team | Alle Dateien und Programme weg, Desktop schwarz 1. Fixen mit OTL
Code:
ATTFilter :OTL
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No CLSID value found.
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] File not found
O4 - HKCU..\Run: [MsgCenterExe] File not found
[2011.08.30 22:54:56 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011.08.30 22:49:32 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.30 08:34:00 | 000,001,234 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3240184748-827947968-3144426994-1005UA.job
[2011.08.30 08:30:00 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.29 23:34:01 | 000,001,182 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3240184748-827947968-3144426994-1005Core.job
@Alternate Data Stream - 98 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
:Commands
[purity]
[emptytemp]
2. Deine Javaversion ist nicht aktuell! Da aufgrund alter Sicherheitslücken ist Java sehr anfällig, deinstalliere zunächst alle vorhandenen Java-Versionen: → Systemsteuerung → Software → deinstallieren... → Rechner neu aufstarten → Downloade nun die Offline-Version von Java Version 6 Update 26 von Oracle herunter Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)! 3. Adobe Reader aktualisieren : - Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus") Adobe Reader Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..." 4. reinige dein System mit Ccleaner:
5.
6. Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung -> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
| Themen zu Alle Dateien und Programme weg, Desktop schwarz |
| antivir, anzeige, anzeigen, chkdsk, computer, dateien, desktop, extras.txt, festplatte, google, hallo zusammen, leer, log, logfile, malwarebytes, nicht mehr, platte, probleme, programme, seite, total, versteckte, versteckte dateien, virus, windows, windows xp, wordpress |
.
Hybrid-Darstellung
