Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne

Mülltonne: Westernunion als Startrseite entfernen

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 23.12.2011, 14:38   #1
kallisto
 
Westernunion als Startrseite entfernen - Standard

Westernunion als Startrseite entfernen



Servus,

ich habe mir bereits einige Dinge dazu durchgelesen und würde gern die Westernunion-Startseite gern wieder los werden. Nutze den Rechner nicht beruflich, mache keine Überweisungen etc., deshalb würde ich ungern formatieren.

Habe mir den OTL runtergeladen wie hier beschrieben und poste hier nun meine individuellen Logfiles:

Code:
ATTFilter
OTL logfile created on: 12/23/2011 11:51:53 AM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Martin\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.97 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 65.23% Memory free
5.93 Gb Paging File | 4.65 Gb Available in Paging File | 78.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 351.51 Gb Total Space | 180.32 Gb Free Space | 51.30% Space Free | Partition Type: NTFS
Drive D: | 99.15 Gb Total Space | 13.79 Gb Free Space | 13.91% Space Free | Partition Type: NTFS
 
Computer Name: M-KALLISTO-W7 | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Martin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\service4g.exe (4G Systems GmbH & Co. KG)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe ()
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\XSManager\WTGService.exe ()
PRC - C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE ()
PRC - C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
PRC - C:\Windows\System32\Rezip.exe ()
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\DAEMON Tools Pro\cryptapi.dll ()
MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3531.38495__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3531.38598__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3531.38570__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3531.38481__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3531.38537__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3531.38501__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3531.38570__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3531.38538__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3531.38551__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3531.38490__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3531.38533__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3531.38537__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3531.38571__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3531.38569__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3531.38524__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3531.38490__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3531.38595__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3531.38526__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3531.38502__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3531.38546__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3531.38532__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3531.38506__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3531.38501__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3531.38530__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3531.38530__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3531.38505__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3531.38520__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3531.38524__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3531.38531__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3498.37534__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3498.37533__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3498.37558__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3498.37615__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3498.37612__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3498.37554__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3498.37610__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3498.37541__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3498.37518__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3498.37515__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3498.37517__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3498.37674__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3498.37536__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3498.37540__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3498.37526__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3498.37551__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3498.37571__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3498.37544__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3498.37574__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3498.37547__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3498.37579__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3498.37603__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3498.37602__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3498.37575__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3498.37580__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3498.37555__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3531.38593__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3498.37583__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3498.37578__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3498.37577__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3531.38575__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3498.37557__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3498.37572__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3498.37552__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3498.37553__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3498.37535__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3531.38478__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3531.38565__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3531.38563__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3498.37522__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3498.37528__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3498.37531__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3498.37547__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3531.38559__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3531.38495__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3531.38480__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3531.38479__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3498.37546__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3498.37548__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3531.38486__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3498.37538__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3498.37549__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3498.37585__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3531.38565__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3531.38477__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3531.38478__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3871fc2b96345aa6f3be81d9e3c97160\System.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll ()
MOD - C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE ()
MOD - C:\PROGRA~1\samsung\SAMSUN~2\HMXML.dll ()
MOD - C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Program Files\DAEMON Tools Pro\Plugins\Images\bw5mount.dll ()
MOD - C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (vatpzhww) --  File not found
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (vsmon) -- C:\windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (XS Stick Service) -- C:\Windows\service4g.exe (4G Systems GmbH & Co. KG)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (OberonGameConsoleService) -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WTGService) -- C:\Program Files\XSManager\WTGService.exe ()
SRV - (yksvc) -- C:\Windows\System32\yk62x86.dll (Marvell)
SRV - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (Rezip) -- C:\Windows\System32\Rezip.exe ()
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (sptd) -- C:\windows\System32\Drivers\sptd.sys ()
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (VMC326) -- C:\Windows\System32\drivers\VMC326.sys (Vimicro Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (rtl819xp) Realtek RTL8190\RTL8192E 802.11n Wireless LAN (Mini-) -- C:\Windows\System32\drivers\rtl819xp.sys (Realtek Semiconductor Corporation                           )
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (cmnsusbser) -- C:\Windows\System32\drivers\cmnsusbser.sys (Mobile Connector)
DRV - (tcpipBM) -- C:\windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.westernunion.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.westernunion.de/"
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.0.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.99
FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0
FF - prefs.js..network.proxy.type: 0
 
FF - user.js..browser.startup.homepage: "hxxp://www.westernunion.de/"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon\ [2010/02/08 08:16:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011/02/17 19:47:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Martin\AppData\Roaming\5015 [2011/04/09 14:04:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/02 23:18:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/20 17:29:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/12 11:16:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/12/20 17:29:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Martin\AppData\Roaming\5015 [2011/04/09 14:04:27 | 000,000,000 | ---D | M]
 
[2009/12/19 01:44:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Extensions
[2009/12/19 01:44:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/12/20 19:24:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\kowu53au.default\extensions
[2011/07/29 23:47:44 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\kowu53au.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/12/02 23:18:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
() (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KOWU53AU.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KOWU53AU.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/11/21 05:21:43 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/21 02:17:49 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/11/21 02:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/21 02:17:49 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/11/21 02:17:49 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/21 02:17:49 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/11/21 02:17:49 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\9.0.597.107\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\9.0.597.107\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\9.0.597.107\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U18 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2011/03/20 01:40:44 | 000,000,940 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 173.192.170.88 drghwaweg45j4i6u3q32fg2h.com
O1 - Hosts: 218.10.17.178 2b.yigeyuming.com
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.50.140.248 195.50.140.246
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3CB3CEB7-7AC2-4218-97AE-D118E2FD92F9}: DhcpNameServer = 195.50.140.248 195.50.140.246
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5F71BB9-19E0-4F8B-9B81-F9E48FB3BE86}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{05fe9f92-ed02-11de-9114-00245416ef1e}\Shell - "" = AutoRun
O33 - MountPoints2\{05fe9f92-ed02-11de-9114-00245416ef1e}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{58e86f73-2ffc-11df-b364-001e101f2b52}\Shell - "" = AutoRun
O33 - MountPoints2\{58e86f73-2ffc-11df-b364-001e101f2b52}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{5beb6ce5-41aa-11e0-9ebb-f24067824f0d}\Shell - "" = AutoRun
O33 - MountPoints2\{5beb6ce5-41aa-11e0-9ebb-f24067824f0d}\Shell\AutoRun\command - "" = F:\PcOptions.exe
O33 - MountPoints2\{730ebcc9-f7e1-11df-908c-00245416ef1e}\Shell - "" = AutoRun
O33 - MountPoints2\{730ebcc9-f7e1-11df-908c-00245416ef1e}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{73a09aa6-29d8-11df-aedc-00245416ef1e}\Shell - "" = AutoRun
O33 - MountPoints2\{73a09aa6-29d8-11df-aedc-00245416ef1e}\Shell\AutoRun\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{73a09aa6-29d8-11df-aedc-00245416ef1e}\Shell\configure\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{73a09aa6-29d8-11df-aedc-00245416ef1e}\Shell\install\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{87a45b2a-5877-11df-9502-00245416ef1e}\Shell - "" = AutoRun
O33 - MountPoints2\{87a45b2a-5877-11df-9502-00245416ef1e}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{aabbfa8b-04c3-11df-8ff1-00245416ef1e}\Shell - "" = AutoRun
O33 - MountPoints2\{aabbfa8b-04c3-11df-8ff1-00245416ef1e}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{aabbfa9b-04c3-11df-8ff1-00245416ef1e}\Shell - "" = AutoRun
O33 - MountPoints2\{aabbfa9b-04c3-11df-8ff1-00245416ef1e}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{aabbfaed-04c3-11df-8ff1-001e101f859f}\Shell - "" = AutoRun
O33 - MountPoints2\{aabbfaed-04c3-11df-8ff1-001e101f859f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{bedcdd92-02b2-11df-90e0-00245416ef1e}\Shell - "" = AutoRun
O33 - MountPoints2\{bedcdd92-02b2-11df-90e0-00245416ef1e}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{bedcdda2-02b2-11df-90e0-00245416ef1e}\Shell - "" = AutoRun
O33 - MountPoints2\{bedcdda2-02b2-11df-90e0-00245416ef1e}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{c557cf40-36a6-11e0-a88b-9f394dde7519}\Shell - "" = AutoRun
O33 - MountPoints2\{c557cf40-36a6-11e0-a88b-9f394dde7519}\Shell\AutoRun\command - "" = F:\PcOptions.exe
O33 - MountPoints2\{e51d67cc-6297-11e0-8eb2-d5216a6cb11c}\Shell - "" = AutoRun
O33 - MountPoints2\{e51d67cc-6297-11e0-8eb2-d5216a6cb11c}\Shell\AutoRun\command - "" = F:\PcOptions.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/12/23 11:49:42 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2011/12/22 11:11:03 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Avira
[2011/12/22 10:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/12/22 10:45:02 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys
[2011/12/22 10:45:01 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2011/12/22 10:45:01 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2011/12/22 10:45:01 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avkmgr.sys
[2011/12/22 10:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/12/22 10:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/12/22 09:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/12/22 09:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/12/20 17:32:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011/12/20 17:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011/12/20 17:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/12/20 17:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011/12/20 17:26:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011/11/28 00:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[1 C:\Users\Martin\AppData\Roaming\*.tmp files -> C:\Users\Martin\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/12/23 11:49:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2011/12/23 11:39:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/23 11:35:22 | 000,014,832 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/23 11:35:22 | 000,014,832 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/23 11:30:51 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/23 11:28:26 | 000,000,202 | ---- | M] () -- C:\windows\tasks\AutoKMS.job
[2011/12/23 11:28:02 | 000,000,318 | -HS- | M] () -- C:\windows\tasks\gzhmnb.job
[2011/12/23 11:28:02 | 000,000,300 | -HS- | M] () -- C:\windows\tasks\faiqpbab.job
[2011/12/23 11:27:57 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/12/23 11:27:47 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/20 18:23:00 | 000,714,814 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/12/20 18:23:00 | 000,665,570 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/12/20 18:23:00 | 000,155,694 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/12/20 18:23:00 | 000,125,960 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/12/20 17:41:33 | 000,614,400 | ---- | M] () -- C:\windows\AutoKMS.exe
[2011/12/20 17:41:33 | 000,000,135 | ---- | M] () -- C:\windows\AutoKMS.ini
[2011/12/20 17:38:27 | 003,787,800 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/12/15 15:00:00 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2011/12/15 15:00:00 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2011/12/15 15:00:00 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avkmgr.sys
[1 C:\Users\Martin\AppData\Roaming\*.tmp files -> C:\Users\Martin\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/12/20 17:41:33 | 000,614,400 | ---- | C] () -- C:\windows\AutoKMS.exe
[2011/12/20 17:41:33 | 000,000,202 | ---- | C] () -- C:\windows\tasks\AutoKMS.job
[2011/12/20 17:41:33 | 000,000,135 | ---- | C] () -- C:\windows\AutoKMS.ini
[2011/12/02 23:18:52 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/09/21 20:11:08 | 000,000,008 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\vg204d58on9ct1gp.dat
[2011/03/20 00:43:52 | 000,000,216 | --S- | C] () -- C:\windows\System32\1227841333.dat
[2011/03/09 12:31:09 | 000,146,344 | -H-- | C] () -- C:\windows\System32\mlfcache.dat
[2011/01/22 21:03:16 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2010/12/15 17:48:34 | 000,000,113 | ---- | C] () -- C:\windows\(null)toolkit.ini
[2010/09/24 03:03:12 | 000,000,017 | ---- | C] () -- C:\Users\Martin\AppData\Local\resmon.resmoncfg
[2010/03/15 08:48:49 | 000,000,544 | ---- | C] () -- C:\windows\eReg.dat
[2010/02/21 16:03:08 | 000,000,062 | ---- | C] () -- C:\windows\wininit.ini
[2010/02/21 15:57:53 | 000,004,096 | ---- | C] () -- C:\windows\d3dx.dat
[2010/02/02 11:29:37 | 000,008,192 | ---- | C] () -- C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/24 16:29:36 | 000,000,047 | ---- | C] () -- C:\windows\nfsc_patch.ini
[2009/12/30 12:21:18 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2009/12/20 12:13:11 | 000,000,094 | ---- | C] () -- C:\Users\Martin\AppData\Local\fusioncache.dat
[2009/12/20 02:45:10 | 000,022,328 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys
[2009/12/20 02:45:10 | 000,022,328 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\PnkBstrK.sys
[2009/12/20 02:44:51 | 000,103,736 | ---- | C] () -- C:\windows\System32\PnkBstrB.exe
[2009/12/20 02:44:48 | 000,066,872 | ---- | C] () -- C:\windows\System32\PnkBstrA.exe
[2009/12/20 02:44:46 | 000,669,184 | ---- | C] () -- C:\windows\System32\pbsvc.exe
[2009/12/20 01:40:11 | 000,168,448 | ---- | C] () -- C:\windows\System32\unrar.dll
[2009/12/20 01:40:11 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2009/12/20 01:40:10 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2009/12/20 01:40:10 | 000,881,664 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2009/12/20 01:40:10 | 000,205,824 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2009/12/20 01:40:09 | 000,085,504 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2009/12/18 16:13:16 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2009/12/18 15:57:05 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/09/17 15:19:57 | 000,714,814 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2009/09/17 15:19:57 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2009/09/17 15:19:57 | 000,155,694 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2009/09/17 15:19:57 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2009/09/17 15:02:34 | 000,294,912 | ---- | C] () -- C:\windows\System32\ATIODE.exe
[2009/09/17 15:02:34 | 000,197,654 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2009/09/17 15:02:34 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe
[2009/09/17 14:41:26 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2009/09/16 23:27:24 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2009/09/16 22:57:47 | 000,311,296 | ---- | C] () -- C:\windows\System32\Rezip.exe
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 05:33:53 | 003,787,800 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,665,570 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,125,960 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/07/14 00:19:28 | 000,006,672 | ---- | C] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1s.dat
[2009/07/14 00:19:28 | 000,005,648 | ---- | C] () -- C:\windows\System32\adsldpy.dat
[2009/07/14 00:11:12 | 001,659,648 | ---- | C] () -- C:\windows\System32\qjuypxzd.dat
[2009/07/14 00:11:12 | 000,633,600 | ---- | C] () -- C:\windows\System32\ivnlinuq.dat
[2009/07/14 00:11:12 | 000,152,320 | ---- | C] () -- C:\windows\System32\xfmnnvbd.dat
[2009/07/14 00:11:12 | 000,151,296 | ---- | C] () -- C:\windows\System32\uvqqbyxj.dat
[2009/07/14 00:11:12 | 000,050,432 | ---- | C] () -- C:\windows\System32\cheonmjg.dat
[2009/07/14 00:11:12 | 000,039,680 | ---- | C] () -- C:\windows\System32\znrcygnq.dat
[2009/07/14 00:11:12 | 000,034,560 | ---- | C] () -- C:\windows\System32\hevhcplm.dat
[2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2009/06/16 13:25:02 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:5C5A503E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:E1F04E8D

< End of report >
         
Hier das EXTRA-log:

Code:
ATTFilter
OTL Extras logfile created on: 12/23/2011 11:51:53 AM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Martin\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.97 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 65.23% Memory free
5.93 Gb Paging File | 4.65 Gb Available in Paging File | 78.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 351.51 Gb Total Space | 180.32 Gb Free Space | 51.30% Space Free | Partition Type: NTFS
Drive D: | 99.15 Gb Total Space | 13.79 Gb Free Space | 13.91% Space Free | Partition Type: NTFS
 
Computer Name: M-KALLISTO-W7 | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0613F79E-C012-BC98-6E9C-5A47AEE6D37A}" = CCC Help Korean
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A8CE3AA-99F2-5632-A8D2-636BE6CFE856}" = Catalyst Control Center Core Implementation
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1664EB8B-057B-0E23-7245-ECE92849FF4C}" = ccc-core-static
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client
"{1B343C8C-F170-4829-8481-E163317C5830}" = iTunes
"{1D1D8ADC-BF08-4E61-9393-5FA305B16864}" = Microsoft SQL Server Native Client
"{1DBD8607-39EE-B7F3-CDE6-A2095B0EE0C9}" = CCC Help Chinese Traditional
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20167022-64F2-4836-B9C9-1DBAA6721FD4}" = CCC Help Hungarian
"{204DD5C2-441A-DADC-E765-595B5C1EDE88}" = CCC Help Norwegian
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{218E2C0C-4740-DBCB-C8E8-D67201A6500A}" = CCC Help English
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{26D20F5D-1D37-5BD1-34AB-6411AC34E2A9}" = ccc-utility
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3501AF2D-A97E-F6DB-521A-4E64EAEF5BDC}" = CCC Help Thai
"{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A7C46AC-060B-6CBF-1862-969F79A5B758}" = CCC Help French
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EB37B26-432C-467C-9FBC-9BDA0E6FBDD7}" = Catalyst Control Center InstallProxy
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{411429D5-83D1-2F9B-9F53-4524DCE99E6D}" = CCC Help Portuguese
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP1
"{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54FBC914-82D7-E646-2916-B3C6D320E0B4}" = Catalyst Control Center Graphics Previews Vista
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C759B74-34F4-43C6-A5D9-039CB754C5E9}" = Microsoft SQL Server VSS Writer
"{5D221DF2-F206-681F-75FE-1C7620BE69A7}" = CCC Help Greek
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6848704E-C8D4-4F4F-9181-5926D4A11E98}" = ATI Catalyst Install Manager
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B9EFC04-713D-F238-E388-F3CDA52E7880}" = Catalyst Control Center Graphics Light
"{6CB778E6-693F-7A2A-C5AD-C7743500D249}" = CCC Help Turkish
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115246907}" = Elf Bowling Hawaiian Vacation
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8D88074D-4378-C049-4264-EB3EE8AC155C}" = CCC Help Japanese
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{93E42FF5-065E-0D52-2777-8A1849CB8574}" = CCC Help Swedish
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{94D5097B-46D0-A1D9-8983-284E3C675CA9}" = Catalyst Control Center Localization All
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{961B4059-D1C0-43C8-095B-75A18BD0F8C8}" = CCC Help Polish
"{9781A96F-71AC-4738-984B-5AB597DFE678}" = WER WIRD MILLIONÄR VIERTE EDITION
"{9B84A151-81CC-6133-D844-A189FDA1C34F}" = CCC Help Chinese Standard
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}" = BatteryLifeExtender
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{AE86495C-42F9-F5BE-E878-7798456A509A}" = CCC Help Spanish
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}" = Easy Network Manager
"{B6D8DC8C-F077-4631-A221-4D5E1D8E87E7}" = Catalyst Control Center - Branding
"{B7493783-F638-BEAE-C8C7-665C5A03E652}" = CCC Help Dutch
"{B82ABF2C-CBD3-5528-26DF-F1161A2B34BF}" = Catalyst Control Center Graphics Full New
"{B9B1B5D9-F96D-0257-A23C-8EA9ACCCF8CB}" = CCC Help Czech
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C3181764-B8F3-A705-5362-86E37C476710}" = Catalyst Control Center Graphics Full Existing
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA146D61-5542-2F55-C5E4-49D26EBAAA5B}" = CCC Help Russian
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{DB0EF3C1-8AF4-1E28-267E-024999C11828}" = CCC Help Finnish
"{DBB62E6B-66F5-09D2-D2CC-C1877CDD9A8B}" = CCC Help Italian
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5141E62-8A90-D9A1-EB2D-C4D0D9940D90}" = CCC Help German
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F293A67D-04BB-6960-5D13-13F158796960}" = CCC Help Danish
"{F2BC3383-F000-410C-A038-3846ADBE8D90}" = REALTEK Wireless LAN Software
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windows-Treiberpaket - Nokia Modem  (10/07/2010 4.6)
"7-Zip" = 7-Zip 9.20
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Avira AntiVir Desktop" = Avira Free Antivirus
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP1
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Crash Time III_is1" = Crash Time III
"DivX Setup.divx.com" = DivX-Setup
"E5372C32E8562C76C24DBA6525002B1031495F34" = Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.8)
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.9.5 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"LSI Soft Modem" = LSI HDA Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de)
"Mozilla Thunderbird (3.1.11)" = Mozilla Thunderbird (3.1.11)
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"Nokia PC Suite" = Nokia PC Suite
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"RACE_is1" = RACE
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Trillian" = Trillian
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"XSManager" = XSManager
"ZoneAlarm" = ZoneAlarm
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"GameRanger" = GameRanger
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12/8/2011 7:00:55 PM | Computer Name = M-Kallisto-W7 | Source = Avira AntiVir | ID = 4117
Description = 
 
Error - 12/8/2011 7:01:10 PM | Computer Name = M-Kallisto-W7 | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 12/8/2011 7:01:16 PM | Computer Name = M-Kallisto-W7 | Source = Lavasoft Ad-Aware Service | ID = 0
Description = 
 
Error - 12/8/2011 7:01:21 PM | Computer Name = M-Kallisto-W7 | Source = Lavasoft Ad-Aware Service | ID = 0
Description = 
 
Error - 12/9/2011 8:53:02 PM | Computer Name = M-Kallisto-W7 | Source = Lavasoft Ad-Aware Service | ID = 0
Description = 
 
Error - 12/9/2011 8:53:03 PM | Computer Name = M-Kallisto-W7 | Source = Avira AntiVir | ID = 4110
Description = 
 
Error - 12/9/2011 8:53:03 PM | Computer Name = M-Kallisto-W7 | Source = Avira AntiVir | ID = 4117
Description = 
 
Error - 12/9/2011 8:53:05 PM | Computer Name = M-Kallisto-W7 | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 12/9/2011 8:53:11 PM | Computer Name = M-Kallisto-W7 | Source = Lavasoft Ad-Aware Service | ID = 0
Description = 
 
Error - 12/9/2011 8:53:16 PM | Computer Name = M-Kallisto-W7 | Source = Lavasoft Ad-Aware Service | ID = 0
Description = 
 
[ System Events ]
Error - 12/22/2011 5:25:57 PM | Computer Name = M-Kallisto-W7 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Bluetooth Radio USB Support" wurde mit folgendem Fehler
 beendet:   %%126
 
Error - 12/22/2011 5:26:03 PM | Computer Name = M-Kallisto-W7 | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Lavasoft Ad-Aware Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 12/22/2011 5:26:03 PM | Computer Name = M-Kallisto-W7 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 12/22/2011 5:26:10 PM | Computer Name = M-Kallisto-W7 | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Lavasoft Ad-Aware Service" wurde unerwartet beendet. Dies
 ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 12/22/2011 5:26:16 PM | Computer Name = M-Kallisto-W7 | Source = Service Control Manager | ID = 7034
Description = Dienst "Lavasoft Ad-Aware Service" wurde unerwartet beendet. Dies 
ist bereits 3 Mal passiert.
 
Error - 12/23/2011 6:28:04 AM | Computer Name = M-Kallisto-W7 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Bluetooth Radio USB Support" wurde mit folgendem Fehler
 beendet:   %%126
 
Error - 12/23/2011 6:28:15 AM | Computer Name = M-Kallisto-W7 | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Lavasoft Ad-Aware Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 12/23/2011 6:28:15 AM | Computer Name = M-Kallisto-W7 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 12/23/2011 6:28:22 AM | Computer Name = M-Kallisto-W7 | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Lavasoft Ad-Aware Service" wurde unerwartet beendet. Dies
 ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 12/23/2011 6:28:27 AM | Computer Name = M-Kallisto-W7 | Source = Service Control Manager | ID = 7034
Description = Dienst "Lavasoft Ad-Aware Service" wurde unerwartet beendet. Dies 
ist bereits 3 Mal passiert.
 
 
< End of report >
         
Wie geht es jetzt weiter, welche Passage müsste ich in das OTL kopieren?

Danke für eure Hilfe!

Alt 23.12.2011, 16:50   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Westernunion als Startrseite entfernen - Standard

Westernunion als Startrseite entfernen



http://www.trojaner-board.de/106789-...-loeschen.html

Bitte nur einen Strnag eröffnen! Dieser hier wandert in die Tonne!
__________________

__________________

 

Themen zu Westernunion als Startrseite entfernen
7-zip, ad-aware, alternate, antivir, avira, bho, bonjour, branding, document, entfernen, error, firefox, flash player, google chrome, google earth, helper, home, install.exe, installation, microsoft office 2003, microsoft office word, mozilla, mozilla thunderbird, object, office 2007, plug-in, realtek, registry, scan, sched.exe, security, senden, software, stick, taskhost.exe, teamspeak, updates, version=1.0, vodafone, webcheck, windows



Ähnliche Themen: Westernunion als Startrseite entfernen


  1. Babylon toolbar entfernen, BrowserCompanion entfernen, DealPly entfernen, GinyasBrowserCompanions entfernen
    Log-Analyse und Auswertung - 17.12.2014 (9)
  2. WhiteSmoke.com entfernen entfernen
    Anleitungen, FAQs & Links - 07.10.2013 (2)
  3. Firefox startet immer mit Westernunion Startseite
    Log-Analyse und Auswertung - 24.09.2013 (10)
  4. Ratlos! Westernunion lässt sich nicht als Startseite entfernen
    Plagegeister aller Art und deren Bekämpfung - 09.02.2012 (1)
  5. Westernunion Startseite löschen
    Plagegeister aller Art und deren Bekämpfung - 24.12.2011 (6)
  6. WesternUnion als Startbildschirm. Lässt sich nicht entfernen. Virus?
    Log-Analyse und Auswertung - 06.11.2011 (15)
  7. WesternUnion seid gestern als Startseite
    Plagegeister aller Art und deren Bekämpfung - 04.11.2011 (11)
  8. fire fox startseite westernunion.de
    Log-Analyse und Auswertung - 31.10.2011 (2)
  9. Startseite kommt immer Westernunion
    Log-Analyse und Auswertung - 22.10.2011 (5)
  10. w*w.westernunion(dot)com als unerwünschte startseite in ie9
    Log-Analyse und Auswertung - 21.10.2011 (7)
  11. Westernunion die dritte...
    Plagegeister aller Art und deren Bekämpfung - 20.10.2011 (16)
  12. Trojaner TR/crypt.xpack.gen u. win32.dnschanger entfernen entfernen
    Plagegeister aller Art und deren Bekämpfung - 03.02.2009 (14)

Zum Thema Westernunion als Startrseite entfernen - Servus, ich habe mir bereits einige Dinge dazu durchgelesen und würde gern die Westernunion-Startseite gern wieder los werden. Nutze den Rechner nicht beruflich, mache keine Überweisungen etc., deshalb würde ich - Westernunion als Startrseite entfernen...
Archiv
Du betrachtest: Westernunion als Startrseite entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.