www.searchqu.com/410 als Startseite trotz Antivir "Trojaner verdacht"

colmontdraco · 12.09.2011, 11:29

Guten Tag

Seit gester Abend habe ich als Starseite folgendes: www.searchqu.com/410 als Startseite.

Als ich das sofort gesehen habe suchte ich sofort in google und ja, es ist ein trojaner, und ich hab hab schon OTL ausgeführt und das ist das resultat.

OTL.txt
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 12.09.2011 11:47:07 - Run 3
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Dokumente und Einstellungen\dragoncolmont\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.013,00 Mb Total Physical Memory | 427,00 Mb Available Physical Memory | 42,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 133,42 Gb Total Space | 69,26 Gb Free Space | 51,91% Space Free | Partition Type: NTFS
Drive D: | 15,61 Gb Total Space | 0,74 Gb Free Space | 4,72% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JORGE_COLMONT
Current User Name: dragoncolmont
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
PRC - C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Dokumente und Einstellungen\dragoncolmont\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Programme\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe (OptionNV)
PRC - C:\Programme\Mobile Partner\Mobile Partner.exe ()
PRC - C:\WINDOWS\system32\mmrtkrnl.exe (AlcaTech)
PRC - C:\Programme\System Control Manager\MGSysCtrl.exe (Mirco-Star International  CO., LTD.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\System Control Manager\MSIService.exe ()
PRC - C:\Programme\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\WINDOWS\system32\PSIService.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\dragoncolmont\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCORE.EXE File not found
SRV - (Akamai) -- c:\Programme\Gemeinsame Dateien\Akamai\netsession_win_2da1ebd.dll ()
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Application Updater) -- C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (GtDetectSc) -- C:\Programme\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe (OptionNV)
SRV - (Micro Star SCM) -- C:\Programme\System Control Manager\MSIService.exe ()
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS File not found
DRV - (PCASp50) -- C:\WINDOWS\System32\Drivers\PCASp50.sys File not found
DRV - (catchme) -- C:\cofi\catchme.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (NWADI) -- C:\WINDOWS\system32\drivers\NWADIenum.sys (Novatel Wireless Inc)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbdev) -- C:\WINDOWS\system32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (s1018mdm) -- C:\WINDOWS\system32\drivers\s1018mdm.sys (MCCI Corporation)
DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\WINDOWS\system32\drivers\s1018unic.sys (MCCI Corporation)
DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s1018mgmt.sys (MCCI Corporation)
DRV - (s1018obex) -- C:\WINDOWS\system32\drivers\s1018obex.sys (MCCI Corporation)
DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\WINDOWS\system32\drivers\s1018bus.sys (MCCI Corporation)
DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\WINDOWS\system32\drivers\s1018nd5.sys (MCCI Corporation)
DRV - (s1018mdfl) -- C:\WINDOWS\system32\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (WDC_SAM) -- C:\WINDOWS\system32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (massfilter_hs) -- C:\WINDOWS\system32\drivers\massfilter_hs.sys (ZTE Incorporated)
DRV - (MMRTKRNL) -- C:\WINDOWS\system32\drivers\mmrtkrnl.sys (AlcaTech)
DRV - (RSUSBSTOR) -- C:\WINDOWS\system32\drivers\RTS5121.sys (Realtek Semiconductor Corporation)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (RT80x86) -- C:\WINDOWS\system32\drivers\rt2860.sys (Ralink Technology, Corp.)
DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (Huawei) -- C:\WINDOWS\system32\drivers\ewdcsc.sys (Huawei Tech. Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.23.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: @TitlebarTweaksPlus:10.03.07
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.2.7rc2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11
FF - prefs.js..extensions.enabledItems: compatibility@addons.mozilla.org:0.8.7
FF - prefs.js..extensions.enabledItems: {7fd52b87-ab55-46ec-bfe4-030fa7d9550b}:1.0
FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com//web?src=ffb&appid=0&systemid=410&sr=0&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Programme\AutocompletePro\support@predictad.com [2011.07.27 01:20:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.12.23 14:08:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.12.23 14:08:19 | 000,000,000 | ---D | M]
 
[2011.09.12 00:41:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Mozilla\Extensions
[2011.09.12 00:41:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Mozilla\Firefox\Profiles\4qy57v7o.default\extensions
[2010.09.01 20:16:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Mozilla\Firefox\Profiles\4qy57v7o.default\extensions\@TitlebarTweaksPlus
[2010.04.27 09:30:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Mozilla\Firefox\Profiles\4qy57v7o.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.08.19 21:09:43 | 000,000,000 | ---D | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Mozilla\Firefox\Profiles\4qy57v7o.default\extensions\{7fd52b87-ab55-46ec-bfe4-030fa7d9550b}
[2011.09.12 00:41:14 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Mozilla\Firefox\Profiles\4qy57v7o.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011.08.31 13:52:36 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Mozilla\Firefox\Profiles\4qy57v7o.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.08.19 21:09:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Mozilla\Firefox\Profiles\4qy57v7o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.08.19 21:09:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Mozilla\Firefox\Profiles\4qy57v7o.default\extensions\compatibility@addons.mozilla.org
[2011.08.11 13:57:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Mozilla\Firefox\Profiles\4qy57v7o.default\extensions\DeviceDetection@logitech.com
[2011.09.12 00:41:23 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.20 09:32:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.10 03:56:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.23 14:21:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.22 02:45:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.25 19:39:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.07.04 19:23:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.08.17 22:49:45 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\FirefoxPortable\App\Firefox\extensions
[2011.08.17 22:49:45 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\FirefoxPortable\App\Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.08.19 16:44:25 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\FirefoxPortable\Data\profile\extensions
[2011.08.19 16:44:25 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\FirefoxPortable\Data\profile\extensions\staged
[2011.08.12 08:13:04 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll
[2011.08.12 06:19:37 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.08.12 06:14:12 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2011.08.12 06:19:37 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.08.12 06:19:37 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.09.12 00:40:00 | 000,002,503 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\SearchResults.xml
[2011.08.12 06:19:37 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.08.12 06:19:37 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.09.05 19:19:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Programme\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\HomeCinema\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [MGSysCtrl] C:\Programme\System Control Manager\MGSysCtrl.exe (Mirco-Star International  CO., LTD.)
O4 - HKLM..\Run: [Realtime Audio Engine] C:\WINDOWS\System32\mmrtkrnl.exe (AlcaTech)
O4 - HKLM..\Run: [RemoteControl] C:\Programme\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SearchSettings] C:\Programme\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Programme\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Mobile Partner] C:\Programme\Mobile Partner\Mobile Partner.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\dragoncolmont\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1234167832968 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1234167782890 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll) - C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll) - C:\Programme\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\dragoncolmont\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\dragoncolmont\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2008.08.07 11:29:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.23 14:07:30 | 013,818,528 | ---- | C] (Mozilla) -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\Firefox Setup 6.0.exe
[2011.09.12 00:41:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\searchqutoolbar
[2011.09.12 00:40:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2011.09.12 00:39:57 | 000,000,000 | ---D | C] -- C:\Programme\Windows Searchqu Toolbar
[2011.09.12 00:39:52 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\WMAFile.dll
[2011.09.12 00:39:42 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2011.09.12 00:39:39 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2011.09.12 00:39:37 | 000,000,000 | ---D | C] -- C:\Programme\Free mp3 Wma Converter
[2011.09.06 19:24:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\dek fist
[2011.09.05 00:29:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\2011-09-02 Difused, Suidakra, Adorned Brood @ Kulturrampe Krefeld
[2011.09.05 00:27:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\2011-08-24 Jorges Geburtstag im Gogo
[2011.09.05 00:25:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\2011-07-30 Monster Metal Gronau
[2011.09.05 00:23:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\2011-09-03 Münster Metal Massaker 2
[2011.08.31 13:56:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\dragoncolmont\dwhelper
[2011.08.27 02:24:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp
[2011.08.19 21:08:03 | 008,440,840 | ---- | C] (Mozilla) -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\Firefox_Setup_3.6.20.exe
[2011.08.17 22:51:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\Downloads
[2011.08.17 22:47:32 | 013,917,848 | ---- | C] (PortableApps.com) -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\FirefoxPortable_4.0.1_German.paf.exe
[2011.08.13 15:58:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.23 14:38:55 | 000,128,882 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\Screen shot mein desktop.JPG
[2011.12.23 14:08:35 | 000,000,700 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2011.12.23 14:07:47 | 013,818,528 | ---- | M] (Mozilla) -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\Firefox Setup 6.0.exe
[2011.12.23 14:01:33 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.09.12 11:37:14 | 007,340,032 | -H-- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\NTUSER.DAT
[2011.09.12 11:12:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011.09.12 11:12:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.09.12 11:12:51 | 1062,526,976 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.12 11:11:51 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\ntuser.ini
[2011.09.12 11:11:41 | 004,812,832 | -H-- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2011.09.12 01:18:19 | 004,900,451 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\Light intd.wma
[2011.09.12 01:08:15 | 000,010,752 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\d.MSWMM
[2011.09.12 01:07:55 | 000,208,384 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.12 01:05:55 | 007,612,208 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\Difused - Compulsion.mp3
[2011.09.12 00:15:00 | 003,494,795 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\Difused - Compulsion.wma
[2011.09.11 19:59:00 | 047,259,515 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\Difused WOA 2011.mp3
[2011.09.08 16:55:04 | 000,456,885 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\Musik.m3u
[2011.09.08 15:29:41 | 000,138,697 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\RyanairBoardingPass.pdf
[2011.09.08 01:26:28 | 000,039,205 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\new.JPG
[2011.09.08 01:15:39 | 000,021,428 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\l.jpg
[2011.09.07 22:47:04 | 000,518,017 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\burgerking-sparscheine.pdf
[2011.09.04 12:22:35 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.09.03 12:17:13 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011.08.31 21:47:13 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2011.08.31 12:37:43 | 000,025,600 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\Lebenslauf-jorge1.doc
[2011.08.26 19:06:10 | 000,139,657 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\freddy.JPG
[2011.08.26 16:56:44 | 001,607,650 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\The silence.3gp
[2011.08.23 20:16:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.08.23 12:29:30 | 000,011,264 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\Difused Setlist.doc
[2011.08.19 22:22:55 | 000,075,639 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\37245_418657858543_704443543_4415124_2693487_n.jpg
[2011.08.19 21:08:23 | 008,440,840 | ---- | M] (Mozilla) -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\Firefox_Setup_3.6.20.exe
[2011.08.18 19:37:53 | 000,029,532 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\301173_10150290225303544_704443543_7625025_2878045_n.jpg
[2011.08.18 12:17:06 | 000,255,136 | ---- | M] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\170010_10150099161896866_109117856865_6105190_8000480_o.jpg
[2011.08.17 22:48:15 | 013,917,848 | ---- | M] (PortableApps.com) -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\FirefoxPortable_4.0.1_German.paf.exe
 
========== Files Created - No Company Name ==========
 
[2011.12.23 14:38:54 | 000,128,882 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\Screen shot mein desktop.JPG
[2011.09.12 01:17:05 | 004,900,451 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\Light intd.wma
[2011.09.12 01:08:15 | 000,010,752 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\d.MSWMM
[2011.09.12 01:04:19 | 007,612,208 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\Difused - Compulsion.mp3
[2011.09.12 00:54:16 | 003,494,795 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\Difused - Compulsion.wma
[2011.09.12 00:53:57 | 047,259,515 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\Difused WOA 2011.mp3
[2011.09.12 00:39:43 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011.09.08 15:29:39 | 000,138,697 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\RyanairBoardingPass.pdf
[2011.09.08 01:26:28 | 000,039,205 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\new.JPG
[2011.09.08 01:15:38 | 000,021,428 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\l.jpg
[2011.09.07 22:47:01 | 000,518,017 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\burgerking-sparscheine.pdf
[2011.08.26 19:06:10 | 000,139,657 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\freddy.JPG
[2011.08.26 16:57:26 | 001,607,650 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\The silence.3gp
[2011.08.19 22:22:53 | 000,075,639 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\37245_418657858543_704443543_4415124_2693487_n.jpg
[2011.08.18 19:37:52 | 000,029,532 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\301173_10150290225303544_704443543_7625025_2878045_n.jpg
[2011.08.18 12:17:05 | 000,255,136 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Eigene Dateien\170010_10150099161896866_109117856865_6105190_8000480_o.jpg
[2011.08.17 15:39:31 | 000,456,885 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Desktop\Musik.m3u
[2010.07.19 16:13:49 | 000,000,190 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Default.PLS
[2010.01.19 14:41:12 | 000,000,051 | ---- | C] () -- C:\WINDOWS\SW_Win2000X24.DLL
[2010.01.19 14:41:06 | 001,220,608 | ---- | C] () -- C:\WINDOWS\System32\pdf2bmp.dll
[2010.01.19 14:41:04 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll
[2009.11.11 18:41:50 | 000,001,108 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009.11.07 19:35:13 | 000,208,384 | ---- | C] () -- C:\Dokumente und Einstellungen\dragoncolmont\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.20 16:52:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008.08.08 09:14:00 | 000,000,862 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008.08.07 12:01:58 | 006,184,960 | ---- | C] () -- C:\WINDOWS\System32\RTS5121icon.dll
[2008.08.07 11:51:10 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2008.04.14 14:58:40 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2005.02.17 13:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 13:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2010.05.15 13:45:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AlcaTech
[2011.09.12 00:40:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2010.10.30 23:41:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Borland
[2010.10.10 17:11:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Guitar Pro 6
[2010.01.23 15:38:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Last.fm
[2009.12.21 01:49:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2011.08.27 02:24:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp
[2008.09.26 08:13:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WildTangent
[2010.04.02 17:07:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010.05.15 13:49:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\AlcaTech
[2011.07.27 00:46:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Audacity
[2011.01.25 19:54:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Dropbox
[2010.03.30 19:13:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Facebook
[2010.10.27 13:10:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\FreeAudioPack
[2010.10.21 05:34:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Guitar Pro 6
[2011.08.30 22:36:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\ICQ
[2011.07.06 20:03:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Leadertech
[2011.07.29 02:16:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Music Editor Free
[2010.10.31 00:32:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\OpenOffice.org
[2010.10.27 14:37:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Search Settings
[2011.09.12 00:42:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\searchqutoolbar
[2010.10.04 16:32:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Telefónica
[2010.10.30 17:59:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\WinAVI
[2008.08.08 09:47:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Windows Search
 
========== Purity Check ==========
 
 
< End of report >

--- --- ---

OTL. Extras
OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 12.09.2011 11:47:07 - Run 3
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Dokumente und Einstellungen\dragoncolmont\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.013,00 Mb Total Physical Memory | 427,00 Mb Available Physical Memory | 42,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 133,42 Gb Total Space | 69,26 Gb Free Space | 51,91% Space Free | Partition Type: NTFS
Drive D: | 15,61 Gb Total Space | 0,74 Gb Free Space | 4,72% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JORGE_COLMONT
Current User Name: dragoncolmont
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2333:TCP" = 2333:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\ICQ7.0\ICQ.exe" = C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Programme\ICQ7.0\aolload.exe" = C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Ares\Ares.exe" = C:\Programme\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)
"C:\WINDOWS\system32\Nagasoft\FFVJPlayer.exe" = C:\WINDOWS\system32\Nagasoft\FFVJPlayer.exe:*:Enabled:FFVJPlayer Module -- File not found
"C:\Programme\Winamp\winamp.exe" = C:\Programme\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\dragoncolmont\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- File not found
"C:\Programme\ICQ7.0\ICQ.exe" = C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Programme\ICQ7.0\aolload.exe" = C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{127A1C55-771B-4881-9668-832D6791ADC3}" = Option WWAN Driver 5.0.32.0 Installer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 26
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{82F2B38B-1426-443D-874C-AC25675E7BEB}" = Windows Live Mail
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{884BB5CC-108E-41a9-936D-955C999C06A1}_x" = Option WWAN Driver 5.0.32.0 Installer 
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC2BA148-EE9C-4F1A-AFCE-F38C2C71D29B}" = Mobile Broadband Generic Drivers
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D10CB652-9332-4242-B7A9-2D61570144F7}" = USB 2.0 Card Reader
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3D92514-CD5D-4E96-BE88-8258EB9BF85A}" = Azurewave Wireless LAN
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Alcatech BPM Studio Professional v4.9.1" = Alcatech BPM Studio Professional v4.9.1
"Ares" = Ares 2.1.1
"AutocompletePro2_is1" = AutocompletePro
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Eufony Free FLAC MP3 Converter" = Eufony Free FLAC MP3 Converter
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 2.0
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Broadband Generic Drivers" = Mobile Broadband Generic Drivers
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 6.0 (x86 de)" = Mozilla Firefox 6.0 (x86 de)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Music Editor Free" = Music Editor Free
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Searchqu 0 MediaBar" = Windows Searchqu Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZTE USB Driver" = ZTE USB Driver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 07.06.2011 18:04:59 | Computer Name = JORGE_COLMONT | Source = MsiInstaller | ID = 11321
Description = Produkt: Skype™ 5.3 -- Fehler 1321. Sie besitzen keine ausreichenden
 Berechtigungen, um diese Datei zu ändern: C:\Programme\Skype\Plugin Manager\skypePM.exe.
 
Error - 07.06.2011 18:05:01 | Computer Name = JORGE_COLMONT | Source = MsiInstaller | ID = 11321
Description = Produkt: Skype™ 5.3 -- Fehler 1321. Sie besitzen keine ausreichenden
 Berechtigungen, um diese Datei zu ändern: C:\Programme\Skype\Plugin Manager\skypePM.exe.
 
Error - 13.06.2011 18:16:08 | Computer Name = JORGE_COLMONT | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung vlc.exe, Version 1.1.4.0, Stillstandmodul 
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 31.07.2011 11:16:08 | Computer Name = JORGE_COLMONT | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung wmplayer.exe, Version 9.0.0.4503, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 04.08.2011 06:20:03 | Computer Name = JORGE_COLMONT | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung moviemk.exe, Version 2.1.4028.0, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x0000cc0b.
 
Error - 26.08.2011 20:30:11 | Computer Name = JORGE_COLMONT | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung YouCam.exe, Version 1.0.0.1622, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 10.09.2011 23:23:45 | Computer Name = JORGE_COLMONT | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung ICQ.exe, Version 7.2.0.3525, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 11.09.2011 18:04:14 | Computer Name = JORGE_COLMONT | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung moviemk.exe, Version 2.1.4028.0, fehlgeschlagenes
 Modul quartz.dll, Version 6.5.2600.5933, Fehleradresse 0x0001bd6e.
 
Error - 12.09.2011 05:44:49 | Computer Name = JORGE_COLMONT | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.11.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 12.09.2011 05:44:53 | Computer Name = JORGE_COLMONT | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.11.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ System Events ]
Error - 08.09.2011 22:14:51 | Computer Name = JORGE_COLMONT | Source = SCardSvr | ID = 610
Description = Smartcardleser "HUAWEI USB SmartCard Reader 1" verweigerte IOCTL GET_STATE:
 Das Gerät wurde entfernt.
 
Error - 09.09.2011 04:59:44 | Computer Name = JORGE_COLMONT | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SAS Core Service" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%3
 
Error - 09.09.2011 04:59:44 | Computer Name = JORGE_COLMONT | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HID Input Service" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 09.09.2011 04:59:46 | Computer Name = JORGE_COLMONT | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SASKUTIL
 
Error - 10.09.2011 22:10:57 | Computer Name = JORGE_COLMONT | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SAS Core Service" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%3
 
Error - 10.09.2011 22:10:57 | Computer Name = JORGE_COLMONT | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HID Input Service" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 10.09.2011 22:10:58 | Computer Name = JORGE_COLMONT | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SASKUTIL
 
Error - 12.09.2011 05:13:22 | Computer Name = JORGE_COLMONT | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SAS Core Service" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%3
 
Error - 12.09.2011 05:13:22 | Computer Name = JORGE_COLMONT | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HID Input Service" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 12.09.2011 05:13:29 | Computer Name = JORGE_COLMONT | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SASKUTIL
 
 
< End of report >

--- --- ---

All processes killed
========== OTL ==========
Prefs.js: "hxxp://www.searchqu.com/410" removed from browser.startup.homepage
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{202eb9d8-34f8-11e0-b5ef-001b38c87f56}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{202eb9d8-34f8-11e0-b5ef-001b38c87f56}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{202eb9d8-34f8-11e0-b5ef-001b38c87f56}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{202eb9d8-34f8-11e0-b5ef-001b38c87f56}\ not found.
File G:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fcdae59-ad4a-11e0-b56c-001583430b58}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8fcdae59-ad4a-11e0-b56c-001583430b58}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fcdae59-ad4a-11e0-b56c-001583430b58}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8fcdae59-ad4a-11e0-b56c-001583430b58}\ not found.
File G:\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a40c519c-126c-11de-8ded-001b38c87f56}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a40c519c-126c-11de-8ded-001b38c87f56}\ not found.
File F:\Menu.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: dragoncolmont
->Temp folder emptied: 909774077 bytes
->Temporary Internet Files folder emptied: 482663748 bytes
->Java cache emptied: 277462 bytes
->FireFox cache emptied: 54345412 bytes
->Flash cache emptied: 514 bytes

User: Gast
->Temp folder emptied: 1940005 bytes
->Temporary Internet Files folder emptied: 1395012 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 13099276 bytes
->Flash cache emptied: 456 bytes

User: Jorge
->Temp folder emptied: 3380661 bytes
->Temporary Internet Files folder emptied: 2075498 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 296392670 bytes
->Flash cache emptied: 4463 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 1572936 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4187322 bytes
RecycleBin emptied: 3868744124 bytes

Total Files Cleaned = 5.379,00 mb

OTL by OldTimer - Version 3.2.11.0 log created on 09122011_115621

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7a4.dat not found!

Registry entries deleted on Reboot...

Ich hab den rechner neugestartet und es ist immer noch da

www.searchqu.com/410 als Startseite trotz Antivir "Trojaner verdacht"

Log-Analyse und Auswertung: www.searchqu.com/410 als Startseite trotz Antivir "Trojaner verdacht"

www.searchqu.com/410 als Startseite trotz Antivir "Trojaner verdacht"

Ähnliche Themen: www.searchqu.com/410 als Startseite trotz Antivir "Trojaner verdacht"