Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.01.2012, 19:15   #1
nicky_jana
 
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Unglücklich

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?



Hallo zusammen,

ich weiß, dass man sein Problem möglichst exakt definieren sollte, allerdings ist das nicht so einfach.
Mein Rechner ist seit kurzem extrem langsam, das alleine nervt schon sehr. Außerdem verstellt sich aber auch immer öfter der Desktop nach dem Neustart, d.h. der Hintergrund ist weg, die Taskleiste verschwunden,...

Kann mir jemand von euch sagen, was zu tun ist um rauszukriegen, wo das Problem liegt?

Besten Dank!

Nicky

Alt 19.01.2012, 19:30   #2
markusg
/// Malware-holic
 
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?



hiho
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 19.01.2012, 21:29   #3
nicky_jana
 
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?



So, hier nun also die Ergebnisse:

OTL.txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.01.2012 19:40:14 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Jana und Nicky\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 51,42% Memory free
6,19 Gb Paging File | 4,79 Gb Available in Paging File | 77,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 114,51 Gb Free Space | 76,83% Space Free | Partition Type: NTFS
Drive D: | 137,32 Gb Total Space | 134,92 Gb Free Space | 98,25% Space Free | Partition Type: NTFS
 
Computer Name: JANAUNDNICKY-PC | User Name: Jana und Nicky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.01.19 19:36:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jana und Nicky\Downloads\OTL.exe
PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.09 01:44:22 | 004,616,064 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SUPERAntiSpyware.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASCORE.EXE
PRC - [2011.06.15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010.10.29 14:49:28 | 000,505,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.09.20 00:43:04 | 000,204,800 | ---- | M] (ATK) -- C:\Program files\P4G\BatteryLife.exe
PRC - [2008.07.24 11:16:01 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.07.19 03:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008.07.15 19:29:00 | 007,651,328 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2008.07.15 19:22:46 | 000,217,088 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2008.06.25 03:01:08 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2008.06.24 04:16:24 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008.06.19 20:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
PRC - [2008.06.18 06:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.06.04 01:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008.01.23 18:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.01.21 03:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2008.01.12 06:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.11.05 03:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
PRC - [2007.08.15 19:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007.07.06 00:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007.05.18 10:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2005.07.06 23:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.01.19 19:03:20 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012.01.19 19:03:20 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012.01.09 21:48:23 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012.01.09 21:48:23 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008.08.27 19:05:06 | 000,015,872 | ---- | M] () -- C:\Program files\P4G\OvrClk.dll
MOD - [2008.08.20 23:49:56 | 000,016,384 | ---- | M] () -- C:\Program files\P4G\DevMng.dll
MOD - [2008.07.19 03:52:08 | 000,649,704 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008.06.09 17:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2008.01.12 06:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
MOD - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007.11.12 23:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll
MOD - [2007.08.14 21:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007.07.12 21:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007.07.12 21:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2007.06.15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
MOD - [2007.06.02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
MOD - [2007.03.10 00:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASCORE.EXE -- (!SASCORE)
SRV - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008.01.21 03:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 03:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007.05.18 10:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.08.02 17:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.04.27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.09.13 16:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010.09.07 03:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010.09.07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010.09.07 03:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010.09.07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010.08.19 21:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010.08.19 21:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010.08.19 21:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2008.09.19 13:20:59 | 007,404,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.09.05 21:20:19 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.08.28 16:48:45 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.08.06 09:26:07 | 000,124,928 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.06.03 07:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.05.29 18:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)
DRV - [2008.04.01 08:13:57 | 001,807,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.02.16 01:42:42 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.08.11 04:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007.08.03 05:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.30 19:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.07.30 18:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.07.24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2006.12.14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {795828a9-f271-43a8-8536-4484bb991d3d} - No CLSID value found
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.93\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.93\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
 
 
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {795828A9-F271-43A8-8536-4484BB991D3D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware 5.0.1142\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe (Adobe Systems, Inc.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5992A805-6A92-47A0-98D9-7D7639DDE6EF}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware 5.0.1142\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware 5.0.1142\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware 5.0.1142\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{01f8b756-d14f-11de-b1d3-002354841119}\Shell - "" = AutoRun
O33 - MountPoints2\{01f8b756-d14f-11de-b1d3-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{01f8b771-d14f-11de-b1d3-002354841119}\Shell - "" = AutoRun
O33 - MountPoints2\{01f8b771-d14f-11de-b1d3-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1b1407ba-91bd-11df-9526-002354841119}\Shell - "" = AutoRun
O33 - MountPoints2\{1b1407ba-91bd-11df-9526-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1b1407bb-91bd-11df-9526-002354841119}\Shell - "" = AutoRun
O33 - MountPoints2\{1b1407bb-91bd-11df-9526-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.09 21:48:11 | 000,000,000 | ---D | C] -- C:\Users\Jana und Nicky\AppData\Roaming\SUPERAntiSpyware.com
[2012.01.09 21:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.01.09 21:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.01.09 21:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware 5.0.1142
[2012.01.09 21:43:18 | 000,000,000 | ---D | C] -- C:\Users\Jana und Nicky\AppData\Roaming\Malwarebytes
[2012.01.09 21:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.09 21:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.09 21:42:43 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.01.09 21:40:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti Malware 1.60
[2012.01.07 15:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.07 15:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.01.07 15:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.01.07 15:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2012.01.06 18:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2008.06.03 07:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.19 19:02:18 | 000,032,726 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.01.19 19:02:13 | 000,032,726 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.01.19 19:02:13 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.19 19:01:59 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012.01.19 19:01:46 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012.01.19 19:01:42 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.19 19:01:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.19 19:01:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.19 19:01:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.19 19:00:50 | 3220,295,680 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.19 14:23:22 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.01.13 13:11:57 | 000,635,680 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.13 13:11:57 | 000,602,238 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.13 13:11:57 | 000,129,990 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.13 13:11:57 | 000,107,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.11 19:21:06 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012.01.09 21:47:33 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.01.09 21:42:54 | 000,001,196 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.07 15:50:53 | 000,024,206 | ---- | M] () -- C:\Users\Jana und Nicky\AppData\Roaming\UserTile.png
[2012.01.07 15:34:40 | 000,001,671 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.07 15:29:47 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012.01.07 15:29:06 | 000,000,628 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2012.01.06 18:58:03 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.06 18:41:44 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.01.06 18:41:44 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.01.06 18:41:27 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
 
========== Files Created - No Company Name ==========
 
[2012.01.09 21:47:33 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.01.09 21:42:54 | 000,001,196 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.07 15:50:53 | 000,024,206 | ---- | C] () -- C:\Users\Jana und Nicky\AppData\Roaming\UserTile.png
[2012.01.07 15:34:40 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.07 15:29:47 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2012.01.07 15:29:47 | 000,001,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2012.01.06 18:41:27 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.10.23 08:36:20 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010.08.21 15:11:12 | 000,000,680 | ---- | C] () -- C:\Users\Jana und Nicky\AppData\Local\d3d9caps.dat
[2009.11.14 20:40:07 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.10.20 16:58:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.10.20 16:58:49 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.07.21 21:39:35 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.07.17 21:34:00 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.07.17 21:19:47 | 000,032,726 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.07.17 20:40:33 | 000,032,726 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.07.16 20:54:56 | 000,005,120 | ---- | C] () -- C:\Users\Jana und Nicky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.16 19:50:44 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009.07.16 19:09:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2009.03.09 19:54:21 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.07.02 03:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
[2008.04.16 12:11:34 | 000,635,680 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 12:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 12:11:34 | 000,129,990 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 12:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 11:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008.04.01 08:13:57 | 001,807,744 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007.05.10 00:39:28 | 000,003,584 | ---- | C] () -- C:\Windows\System32\CNCFLcNL.DLL
[2007.05.09 08:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,392,904 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,602,238 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,107,014 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.09 02:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
 
========== LOP Check ==========
 
[2010.06.19 22:17:50 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\FileZilla
[2009.11.05 14:04:08 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\Leadertech
[2009.11.05 13:16:37 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\Nordic Games
[2009.07.16 20:39:56 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\OpenOffice.org
[2012.01.19 14:23:22 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2010.04.06 20:03:35 | 000,000,000 | -H-D | M] -- C:\$AVG
[2009.07.16 19:21:00 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2009.03.09 21:47:06 | 000,000,000 | -H-D | M] -- C:\ASUS.SYS
[2009.10.22 09:55:23 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.03.03 14:15:29 | 000,000,000 | ---D | M] -- C:\Casino
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.03.09 20:58:52 | 000,000,000 | ---D | M] -- C:\Intel
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.01.09 21:46:02 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.01.11 19:21:06 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.10.23 08:42:57 | 000,000,000 | -H-D | M] -- C:\Recycle.Bin
[2012.01.19 19:45:01 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009.07.16 19:09:21 | 000,000,000 | R--D | M] -- C:\Users
[2012.01.09 21:53:59 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2008.09.12 06:32:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\drivers\iaStor.sys
[2008.09.12 06:32:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3c4af4a0\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\drivers\MpNWMon.sys
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2012.01.19 19:52:25 | 002,883,584 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT
[2012.01.19 19:52:25 | 000,262,144 | -H-- | M] () -- C:\Users\Jana und Nicky\ntuser.dat.LOG1
[2009.07.16 19:09:22 | 000,000,000 | -H-- | M] () -- C:\Users\Jana und Nicky\ntuser.dat.LOG2
[2012.01.19 14:23:44 | 000,065,536 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2012.01.19 14:23:44 | 000,524,288 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2011.06.10 10:48:30 | 000,524,288 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2009.07.16 19:09:23 | 000,000,020 | -HS- | M] () -- C:\Users\Jana und Nicky\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
         
--- --- ---


Extras.txt:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 19.01.2012 19:40:14 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Jana und Nicky\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 51,42% Memory free
6,19 Gb Paging File | 4,79 Gb Available in Paging File | 77,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 114,51 Gb Free Space | 76,83% Space Free | Partition Type: NTFS
Drive D: | 137,32 Gb Total Space | 134,92 Gb Free Space | 98,25% Space Free | Partition Type: NTFS
 
Computer Name: JANAUNDNICKY-PC | User Name: Jana und Nicky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18B40C1C-0830-4369-94DE-09CD8C651EF5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{276F8F68-8226-43FB-AAE3-B5448730731B}" = rport=139 | protocol=6 | dir=out | app=system | 
"{3621FF72-0F16-4333-B2F0-6141CEA142E4}" = lport=137 | protocol=17 | dir=in | app=system | 
"{4EA2A0C4-43E0-434B-84DF-73D7C4A44AF8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{587D0214-E505-4697-AC9B-162125AFD98D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{7D134EAC-2D1A-4118-84E6-A63F6F8D5AC2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{82A78F61-C174-40C8-AF4B-2D4A734F3827}" = lport=445 | protocol=6 | dir=in | app=system | 
"{885A0D0A-0AB8-4DC4-885E-C1E78FC3C597}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{9EDD8C28-DBDA-49B7-8239-E646C4FCDAF7}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{9F86E006-E487-428C-A7C2-88B6AC6FCAC4}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B48F8A36-A54B-400C-B135-37EA582F358C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{BD01D076-7807-4F76-91C6-48FE08EB490A}" = rport=138 | protocol=17 | dir=out | app=system | 
"{CA661950-BCF3-4F9C-A76E-379AC43BEBB8}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{E8CFA5C1-52DA-4E85-9D96-BF90A2CE4E6C}" = rport=445 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01872D39-6379-4351-81B6-8ACBC652FAC4}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{02F5008D-58B8-404B-9377-1C9137F4269D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0451E882-4BBC-4BF5-AD10-CCF6247BD1CD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0470FDA4-B3B3-4EB5-9A47-C506EE7E6A80}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{079A5B39-4DCA-4FF9-9AF9-EE120BDC2611}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0AD39CCC-1AB2-42F2-A3DA-DE739096F2D9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0DEBE2C3-F67B-4B1D-8839-6A56DA2CA065}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0EA01597-E582-4A93-B85A-19BEEBD242C4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0F80572B-0E96-4670-AC3C-DEC74E9F5485}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{170E3978-AC91-4D2D-B758-3B14DEDD9A09}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2172B48D-D35E-43D9-A091-100E8AE07080}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{217F3BA4-D92F-47E9-B05D-144C4C32BE82}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{281C8D46-434C-4B2D-8886-0BCCA7878EA4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2A4853AA-3286-4E61-A1CD-5AED9AE1F956}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{2C83ECB3-DAB8-48C9-A621-FF662458F5CC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{2FBEE68A-F5D7-402E-B37D-D0466F7BEB7C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{45786974-9352-4821-857D-EEB510D05195}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{459087F0-7E28-42D2-A992-8B31236EE062}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{45FCC3DE-F822-473F-B4F6-0407942CB7C5}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{4D68187D-74AB-44EE-BE0F-6292CEA0AA1A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{4DC2181E-346A-4243-AD0F-4E87CED3441F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{544E492E-004A-41F1-AE3B-7F7F0152DF9E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{5652C260-BD7C-49B5-BBCD-443A2B38C4B4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5B91BFA5-4331-457D-9601-1E5D27BDB08F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5DC96FB3-7866-405A-97BC-758A6C60F417}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{629E75B8-1079-4DB4-9DC7-9BB0BFDAE69D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{68CEC4A8-4572-4E71-A8D6-9F7FA2FD34A2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6A8FD13D-6969-4BBB-9A6E-DAC611D0FC03}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6B394C84-B31A-4AC6-8D0E-905192ED25E1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7281E40B-1678-4751-8FBD-1D2419016794}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{73BDF3E5-A344-4B8B-BE92-3E8858C156A9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7637E6FD-C6E4-416D-AA52-3C2B8D1193DC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{77F2C600-4312-40AB-A27B-1DB19F466B19}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7996B3E6-2E9B-48DE-9610-020D66F68C33}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{7B1D3E9E-D538-42F9-A286-AA90D2E9B942}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{872C33DD-5734-4814-88E5-5E62E3C24E49}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{87B8B52A-413F-4E73-B174-9674806FD404}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{8A8A842F-8EBD-4D6F-BDCB-060AEF0BB8CD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8ABC285D-0F67-4951-8691-1AB9EBABB8D3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8C471E4A-D8E7-445B-9D76-69922C2B13B4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9920ECD5-57AB-4510-9058-8C6C1F0A1405}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{99EB0145-B60A-44BE-8702-889B5CDB7317}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9BA58841-AB3A-4FA1-B653-843679FDF983}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9DB92A0C-BCF3-4461-A103-4F379D16AEA2}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{9FD108B2-1362-4893-BCF9-4A8F809DEC19}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{9FF1B404-0EBB-4501-A30C-2D2AB1C2E57F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A0073CB2-1816-4BF5-B43C-2907AC462A3B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{A194B4EA-01F2-46EB-8889-B78CCFB942B2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A6B0B95A-80C0-4603-8288-E5AB77CB9A1A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A729DC7F-1C32-4732-94BF-4E5E3F68BE24}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{AE1CB86F-B319-41B0-B393-CB86C15F70AB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B053C84C-15E1-4D0D-9CE3-84EE4C4ACF33}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B2C3E220-2E0A-468D-87ED-759E7BBC256C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B6E6DF19-49D2-491B-91A1-A2D6514BF409}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B7B3AEB2-42CB-42FF-BAEC-DDEBDEE6FC35}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BB4ACF43-1DEF-444C-A229-1DF9304BD59C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BC1EB4F7-C498-4A19-B980-26DD96652463}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BED8B13D-0E3D-4239-AB6B-700B4DA432B9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BF9C790F-88DF-4441-96C6-699883D62624}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C44D4116-7E36-4433-8A2B-D9D7E65658F2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C6C982FA-E6E8-49E8-8C11-D867573CFF82}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C6CEBBB5-0DF2-4386-8B72-06788B31F956}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C79BFE04-BD3B-4DDB-841F-D2E0D9BAE307}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CA7D8B43-57D6-4C56-B0CA-ADE72A8DDB36}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CA7F75CD-1C24-4229-953A-8C9A99CB753E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CDD0ADBC-7A2C-41F1-8629-1385DF399A7B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D656E8BF-12C1-4AAD-901A-4F35764173E3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E0A68BF3-98C3-4D8B-B8C2-2E191807C810}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E3989692-EA23-49BE-B6D2-6B99C1A298F9}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{E86A5342-51E5-4856-9B6F-7E1615D770F8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EE45CE25-7CB5-4970-AF20-CB1A1D73A47F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F0552143-CD9C-4A1A-8B9D-6DD0D3D00364}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F8EFFA99-FE78-4F55-BC5E-22642CBED0DC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{36932D1F-3B36-4301-AB61-1984C9D8F523}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{4783F3EB-AB99-4C27-8C9D-CD69B288F776}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{317AB8DA-3C8E-4C1A-B789-2F6733808524}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{F7A54F87-F1EE-4980-B433-7BFC1C31C13F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3A608351-5980-4A47-AE08-3742C55B4016}" = Windows Live Family Safety
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.1.0.1
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DC35EF73-C7BD-4452-A793-4269990E1EA3}" = Windows Live Movie Maker-Betaversion
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ASUS_Notebook_N50" = ASUS_Notebook_N50 Screen Saver
"CCleaner" = CCleaner
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa2" = Picasa 2
"PokerStars.net" = PokerStars.net
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zylom Games Player Plugin" = Zylom Games Player Plugin
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 24.11.2010 16:23:42 | Computer Name = JanaundNicky-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.11.2010 09:11:42 | Computer Name = JanaundNicky-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.11.2010 09:13:32 | Computer Name = JanaundNicky-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 25.11.2010 09:13:39 | Computer Name = JanaundNicky-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 25.11.2010 15:17:46 | Computer Name = JanaundNicky-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.11.2010 15:19:15 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 25.11.2010 15:19:15 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 25.11.2010 15:19:16 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 25.11.2010 15:55:36 | Computer Name = JanaundNicky-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18975, Zeitstempel
 0x4c8710a6, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00066739,  Prozess-ID 0x1740, Anwendungsstartzeit
 01cb8cda54ff4ac3.
 
Error - 25.11.2010 16:02:59 | Computer Name = JanaundNicky-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18975, Zeitstempel
 0x4c8710a6, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00066739,  Prozess-ID 0x16d0, Anwendungsstartzeit
 01cb8cdb14b1e853.
 
[ Media Center Events ]
Error - 14.05.2010 15:27:08 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 04.07.2010 09:59:06 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 05.09.2010 03:45:14 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 06.11.2010 02:08:55 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 29.01.2011 05:07:55 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 29.01.2011 07:07:25 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 31.01.2011 06:43:44 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 14.03.2011 14:56:09 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 23.04.2011 03:04:08 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
[ System Events ]
Error - 18.01.2012 16:13:38 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 18.01.2012 16:14:55 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 19.01.2012 06:28:54 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 19.01.2012 06:30:51 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 19.01.2012 09:12:46 | Computer Name = JanaundNicky-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 19.01.2012 09:13:19 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 19.01.2012 09:15:02 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 19.01.2012 14:02:04 | Computer Name = JanaundNicky-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 19.01.2012 14:02:34 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 19.01.2012 14:03:45 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
 
< End of report >
         
--- --- ---


Danke!!
__________________

Alt 19.01.2012, 21:33   #4
markusg
/// Malware-holic
 
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?



öffne malwarebytes, logdateien, scan berichte posten.
das selbe bei super antispyware
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.01.2012, 21:37   #5
nicky_jana
 
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?



Meinst du z.b. das hier?

2012/01/19 11:30:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/01/19 11:30:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/01/19 11:30:24 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/01/19 11:30:28 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/01/19 14:14:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/01/19 14:14:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/01/19 14:14:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/01/19 14:14:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/01/19 19:03:57 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/01/19 19:04:00 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/01/19 19:04:02 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/01/19 19:04:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/01/19 19:04:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/01/19 19:04:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.01.18.05 to version v2012.01.19.03
2012/01/19 19:04:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/01/19 19:04:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/01/19 19:04:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/01/19 19:04:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/01/19 19:04:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/01/19 19:04:25 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully


Alt 19.01.2012, 23:00   #6
nicky_jana
 
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?



Hier der Log von SUPERAntiSpyware:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 01/19/2012 at 10:58 PM

Application Version : 5.0.1142

Core Rules Database Version : 8115
Trace Rules Database Version: 5927

Scan type : Complete Scan
Total Scan Time : 01:18:57

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Administrator

Memory items scanned : 649
Memory threats detected : 0
Registry items scanned : 36533
Registry threats detected : 0
File items scanned : 68038
File threats detected : 144

Adware.Tracking Cookie
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\OIBRXIHV.txt [ /tracking.quisma.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\U91669E3.txt [ /ads.creative-serving.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\OR2V7QPN.txt [ /ad.adnet.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\JI0JFDER.txt [ /adtech.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\59P77PE9.txt [ /ad.ad-srv.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\YZ4393W9.txt [ /ad.zanox.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\QQM80QTU.txt [ /atdmt.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\XGL8VSWS.txt [ /dyntracker.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\P89B9ENI.txt [ /www.zanox-affiliate.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\29YHR0RS.txt [ /apmebf.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\D2LDUMHT.txt [ /eas.apm.emediate.eu ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\VMXSYYYI.txt [ /ad4.adfarm1.adition.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\8OLERRTN.txt [ /olympiaverlag.122.2o7.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\HROMIPG6.txt [ /advertising.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\QP0SAQXX.txt [ /adform.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\L8H65U3P.txt [ /imrworldwide.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\V76PMH06.txt [ /adviva.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\G4XJCRNO.txt [ /zanox-affiliate.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\4DKNRPXD.txt [ /track.adform.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\ID5C4GDX.txt [ /adserver.adtechus.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\DY85XZEF.txt [ /adfarm1.adition.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\5VPQOZ67.txt [ /bs.serving-sys.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\ERJL0JPL.txt [ /traffictrack.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\FQU48GFP.txt [ /banners.victor.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\XH7CWUHJ.txt [ /tradedoubler.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\ABLG0Z4P.txt [ /ad.360yield.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\SYBR1KL9.txt [ /smartadserver.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\XO87HBSY.txt [ /ad.yieldmanager.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\9ZWI0MVA.txt [ /serving-sys.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\W2GX5FRB.txt [ /specificclick.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\KB6FWZ45.txt [ /de.sitestat.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\NE6RWFI6.txt [ /ad.adc-serv.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\WXQIODFU.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\VBP68BDT.txt [ /a.revenuemax.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\3HQX5H8F.txt [ /ad3.adfarm1.adition.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\RKYA1W2Y.txt [ /invitemedia.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\4Q015XUF.txt [ /de.sitestat.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\JWRFYQFU.txt [ /mediaplex.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\H9JP76Z6.txt [ /webmasterplan.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\LJ94AESD.txt [ /revsci.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\WPZRSB4V.txt [ /doubleclick.net ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\PK4V0J4D.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\CE4UMDS3.txt [ /unitymedia.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\TW9NK6OE.txt [ /media.gan-online.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\GGQ0TNKL.txt [ /de.sitestat.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\E086DWBK.txt [ /ads.gea.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\EWMLXM3M.txt [ /xiti.com ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\X3CPYMX1.txt [ /im.banner.t-online.de ]
C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\AAFQZ5N8.txt [ /zanox.com ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1RPLUHBF.txt [ Cookie:jana und nicky@tracking.quisma.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\MJY0QGK3.txt [ Cookie:jana und nicky@www.pornme.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\0BEJ6Z6G.txt [ Cookie:jana und nicky@pornsextub.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\JJZGBDOU.txt [ Cookie:jana und nicky@adtech.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6H5VZBLF.txt [ Cookie:jana und nicky@ad.adnet.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\RI3BO5BB.txt [ Cookie:jana und nicky@bijpornos.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\90XQVNMV.txt [ Cookie:jana und nicky@adbrite.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\WPQOCI54.txt [ Cookie:jana und nicky@atdmt.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1SPR925E.txt [ Cookie:jana und nicky@rachesex.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\F2D38LF8.txt [ Cookie:jana und nicky@ad.dyntracker.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z3C2AW10.txt [ Cookie:jana und nicky@go.dynamic-tracking.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\TXLI513Y.txt [ Cookie:jana und nicky@questionmarket.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\TCVO0EDJ.txt [ Cookie:jana und nicky@apmebf.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XQWMKKXE.txt [ Cookie:jana und nicky@2o7.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\73648H7R.txt [ Cookie:jana und nicky@adserver2.clipkit.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\JW49WHLR.txt [ Cookie:jana und nicky@olympiaverlag.122.2o7.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\T6KT826D.txt [ Cookie:jana und nicky@advertising.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\FFVSCTY7.txt [ Cookie:jana und nicky@www.traffective-tracking.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\4A03X25H.txt [ Cookie:jana und nicky@adform.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\D7ZTP31F.txt [ Cookie:jana und nicky@edates.traffective-tracking.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\WG2P5JKR.txt [ Cookie:jana und nicky@zanox-affiliate.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y60Y0ZS8.txt [ Cookie:jana und nicky@adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XRW38WIZ.txt [ Cookie:jana und nicky@banners.victor.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\IE7Y7UDL.txt [ Cookie:jana und nicky@www.rachesex.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DJ4AOV4I.txt [ Cookie:jana und nicky@traffictrack.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\G31TSIYW.txt [ Cookie:jana und nicky@tradedoubler.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\O2VF2KBG.txt [ Cookie:jana und nicky@www.bijpornos.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\AK97TGZR.txt [ Cookie:jana und nicky@smartadserver.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\2XGHGRNO.txt [ Cookie:jana und nicky@ad.yieldmanager.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\GDUH1IYR.txt [ Cookie:jana und nicky@serving-sys.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1TC0XT1Q.txt [ Cookie:jana und nicky@pornme.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\PQ784SGD.txt [ Cookie:jana und nicky@specificclick.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\KDGZHC6U.txt [ Cookie:jana und nicky@ero-advertising.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\S5GG1IDY.txt [ Cookie:jana und nicky@insightexpressai.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\NRT0GLVK.txt [ Cookie:jana und nicky@ads.crakmedia.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\39OVU1DE.txt [ Cookie:jana und nicky@tracking.mindshare.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\H4A1ZJUK.txt [ Cookie:jana und nicky@de.sitestat.com/laola1/thesportsman-tv/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\U67TFVS1.txt [ Cookie:jana und nicky@ad1.adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\N318SOWO.txt [ Cookie:jana und nicky@www.googleadservices.com/pagead/conversion/1039866069/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\QZC0QEF3.txt [ Cookie:jana und nicky@a.revenuemax.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\09L78VQR.txt [ Cookie:jana und nicky@tiniporn.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\VVBO68HJ.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\9KWWXQMG.txt [ Cookie:jana und nicky@media6degrees.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\530CNCWU.txt [ Cookie:jana und nicky@mediaplex.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\3SS02NDU.txt [ Cookie:jana und nicky@webmasterplan.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\73SUNUKY.txt [ Cookie:jana und nicky@ad2.adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\3VY5QS59.txt [ Cookie:jana und nicky@doubleclick.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DREYMLIQ.txt [ Cookie:jana und nicky@unitymedia.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\BL4R76Q5.txt [ Cookie:jana und nicky@wlw.122.2o7.net/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\UH58NDMR.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/sport1-de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\VRXDG1FP.txt [ Cookie:jana und nicky@xiti.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DN07V7C4.txt [ Cookie:jana und nicky@im.banner.t-online.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\YU984QA1.txt [ Cookie:jana und nicky@adserv.kwick.de/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XIHWGRSA.txt [ Cookie:jana und nicky@lfstmedia.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\TGWZBH20.txt [ Cookie:jana und nicky@zanox.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\5308Y83I.txt [ Cookie:jana und nicky@www.vagosex.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6Z3HJTIB.txt [ Cookie:jana und nicky@r1-ads.ace.advertising.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\8KYDW7Z9.txt [ Cookie:jana und nicky@www.googleadservices.com/pagead/conversion/1017131048/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\4CCKZ1NF.txt [ Cookie:jana und nicky@ru4.com/ ]
C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\0Y6SDYBR.txt [ Cookie:jana und nicky@server.adform.net/ ]
C:\USERS\JANA UND NICKY\Cookies\OIBRXIHV.txt [ Cookie:jana und nicky@tracking.quisma.com/ ]
C:\USERS\JANA UND NICKY\Cookies\OR2V7QPN.txt [ Cookie:jana und nicky@ad.adnet.de/ ]
C:\USERS\JANA UND NICKY\Cookies\JI0JFDER.txt [ Cookie:jana und nicky@adtech.de/ ]
C:\USERS\JANA UND NICKY\Cookies\QQM80QTU.txt [ Cookie:jana und nicky@atdmt.com/ ]
C:\USERS\JANA UND NICKY\Cookies\29YHR0RS.txt [ Cookie:jana und nicky@apmebf.com/ ]
C:\USERS\JANA UND NICKY\Cookies\D2LDUMHT.txt [ Cookie:jana und nicky@eas.apm.emediate.eu/ ]
C:\USERS\JANA UND NICKY\Cookies\8OLERRTN.txt [ Cookie:jana und nicky@olympiaverlag.122.2o7.net/ ]
C:\USERS\JANA UND NICKY\Cookies\HROMIPG6.txt [ Cookie:jana und nicky@advertising.com/ ]
C:\USERS\JANA UND NICKY\Cookies\QP0SAQXX.txt [ Cookie:jana und nicky@adform.net/ ]
C:\USERS\JANA UND NICKY\Cookies\G4XJCRNO.txt [ Cookie:jana und nicky@zanox-affiliate.de/ ]
C:\USERS\JANA UND NICKY\Cookies\DY85XZEF.txt [ Cookie:jana und nicky@adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\Cookies\ERJL0JPL.txt [ Cookie:jana und nicky@traffictrack.de/ ]
C:\USERS\JANA UND NICKY\Cookies\FQU48GFP.txt [ Cookie:jana und nicky@banners.victor.com/ ]
C:\USERS\JANA UND NICKY\Cookies\XH7CWUHJ.txt [ Cookie:jana und nicky@tradedoubler.com/ ]
C:\USERS\JANA UND NICKY\Cookies\SYBR1KL9.txt [ Cookie:jana und nicky@smartadserver.com/ ]
C:\USERS\JANA UND NICKY\Cookies\XO87HBSY.txt [ Cookie:jana und nicky@ad.yieldmanager.com/ ]
C:\USERS\JANA UND NICKY\Cookies\9ZWI0MVA.txt [ Cookie:jana und nicky@serving-sys.com/ ]
C:\USERS\JANA UND NICKY\Cookies\W2GX5FRB.txt [ Cookie:jana und nicky@specificclick.net/ ]
C:\USERS\JANA UND NICKY\Cookies\KB6FWZ45.txt [ Cookie:jana und nicky@de.sitestat.com/laola1/thesportsman-tv/ ]
C:\USERS\JANA UND NICKY\Cookies\WXQIODFU.txt [ Cookie:jana und nicky@ad1.adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\Cookies\VBP68BDT.txt [ Cookie:jana und nicky@a.revenuemax.de/ ]
C:\USERS\JANA UND NICKY\Cookies\4Q015XUF.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/ ]
C:\USERS\JANA UND NICKY\Cookies\JWRFYQFU.txt [ Cookie:jana und nicky@mediaplex.com/ ]
C:\USERS\JANA UND NICKY\Cookies\H9JP76Z6.txt [ Cookie:jana und nicky@webmasterplan.com/ ]
C:\USERS\JANA UND NICKY\Cookies\WPZRSB4V.txt [ Cookie:jana und nicky@doubleclick.net/ ]
C:\USERS\JANA UND NICKY\Cookies\PK4V0J4D.txt [ Cookie:jana und nicky@ad2.adfarm1.adition.com/ ]
C:\USERS\JANA UND NICKY\Cookies\CE4UMDS3.txt [ Cookie:jana und nicky@unitymedia.de/ ]
C:\USERS\JANA UND NICKY\Cookies\GGQ0TNKL.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/sport1-de/ ]
C:\USERS\JANA UND NICKY\Cookies\EWMLXM3M.txt [ Cookie:jana und nicky@xiti.com/ ]
C:\USERS\JANA UND NICKY\Cookies\X3CPYMX1.txt [ Cookie:jana und nicky@im.banner.t-online.de/ ]
C:\USERS\JANA UND NICKY\Cookies\AAFQZ5N8.txt [ Cookie:jana und nicky@zanox.com/ ]
cdn1.static.pornhub.phncdn.com [ C:\USERS\JANA UND NICKY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7253Y72G ]
data-ero-advertising.com [ C:\USERS\JANA UND NICKY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7253Y72G ]
media.adxpansion.com [ C:\USERS\JANA UND NICKY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7253Y72G ]
s0.2mdn.net [ C:\USERS\JANA UND NICKY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7253Y72G ]

Alt 20.01.2012, 13:17   #7
markusg
/// Malware-holic
 
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?



ja, halt alle Malwarebytes logs die vorhanden sind.
hast du das mit der proxy einstellung und dem hintergrund hinbekommen?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.04.2012, 16:49   #8
nicky_jana
 
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?



Sorry für die lange Abwesenheit... Problem besteht nach wie vor.
Wie soll ich strukturiert vorgehen, um Klarheit darüber zu erhalten, was mit der Kiste los ist?
Problem ist, dass der Rechner von mehreren genutzt wird - und keiner sich wirklich darum kümmert...

Alt 05.04.2012, 16:53   #9
markusg
/// Malware-holic
 
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?



naja, die frage ist ja immernoch, gibt es mehr Malwarebytes berichte als du gepostet hast?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.04.2012, 17:16   #10
nicky_jana
 
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?



Leider nicht.
Lasse gerade Malwarebytes laufen, den Log könnte ich noch posten sobald er fertig ist.
Sonst noch was, was ich machen könnte?

So, hier mal ein Auszug aus den Log Dateien von Malwarebytes...

2012/04/06 10:23:10 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/06 10:23:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/06 10:23:16 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/06 10:23:18 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/04/05 12:58:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/04/05 12:58:23 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.24.03 to version v2012.04.05.04
2012/04/05 13:58:18 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/05 13:58:28 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/05 13:58:31 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/05 13:58:34 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/05 16:35:20 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/05 16:35:23 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/05 16:35:26 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/05 16:35:28 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/05 16:37:11 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/04/05 16:37:11 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/04/05 16:37:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/04/05 16:37:17 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/04/05 16:37:17 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/05 16:37:19 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/04/04 12:14:49 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/04 12:14:51 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/04 12:14:54 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/04 12:14:56 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/04 12:39:18 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/04 12:39:21 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/04 12:39:24 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/04 12:39:26 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/04 14:07:36 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/04 14:07:39 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/04 14:07:42 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/04 14:07:43 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/04/03 18:25:03 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/03 18:25:06 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/03 18:25:09 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/03 18:25:11 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/03 20:23:49 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/03 20:23:52 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/03 20:23:55 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/03 20:23:56 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/04/01 13:37:24 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/01 13:37:26 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/01 13:37:29 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/01 13:37:31 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/04/01 14:09:41 +0200 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 50703, Process: iexplore.exe)
2012/04/01 14:09:41 +0200 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 50705, Process: iexplore.exe)
2012/04/01 20:25:27 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/04/01 20:25:29 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/04/01 20:25:32 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/04/01 20:25:55 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/31 21:37:54 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/31 21:37:57 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/31 21:38:00 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/31 21:38:01 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/30 13:02:42 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/30 13:02:45 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/30 13:02:48 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/30 13:02:50 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/25 09:43:02 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/25 09:43:05 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/25 09:43:08 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/25 09:43:10 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/25 20:53:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/25 20:53:15 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/25 20:53:16 +0200 JANAUNDNICKY-PC Jana und Nicky ERROR Scheduled update failed: No address found failed with error code 11004
2012/03/25 20:53:16 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/25 20:53:19 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/25 20:53:21 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/24 20:14:12 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/24 20:14:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/24 20:14:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/24 20:14:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/24 20:18:54 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent QUARANTINE
2012/03/24 20:19:46 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION c:\users\jana und nicky\appdata\local\microsoft\windows\temporary internet files\content.ie5\k35b0xjw\pdfconvertersetup.exe Adware.Agent DENY
2012/03/24 20:19:49 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION c:\users\jana und nicky\appdata\local\microsoft\windows\temporary internet files\content.ie5\k35b0xjw\pdfconvertersetup.exe Adware.Agent DENY
2012/03/24 20:21:57 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/24 20:22:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/03/24 20:22:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.20.07 to version v2012.03.24.03
2012/03/24 20:22:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/03/24 20:22:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/03/24 20:22:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/03/24 20:22:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/24 20:22:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/22 21:32:37 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/22 21:32:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/22 21:32:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/22 21:32:45 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/22 22:14:56 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW
2012/03/22 22:14:56 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW
2012/03/22 22:15:07 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW
2012/03/22 22:15:07 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW

2012/03/21 19:18:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/21 19:18:26 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/21 19:18:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/21 19:18:30 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/20 19:34:32 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/20 19:34:35 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/20 19:34:38 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/20 19:34:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/20 19:46:33 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/20 19:46:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/03/20 19:46:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.15.05 to version v2012.03.20.07
2012/03/20 19:46:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/03/20 19:46:51 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/03/20 19:46:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/03/20 19:46:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/20 19:46:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/20 19:51:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/20 19:51:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/20 19:51:22 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/20 19:51:25 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/18 07:15:11 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/18 07:15:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/18 07:15:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/18 07:15:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/18 11:45:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/18 11:45:11 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/18 11:45:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/18 11:45:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/18 12:10:37 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 50982, Process: iexplore.exe)
2012/03/18 12:10:37 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 50983, Process: iexplore.exe)

2012/03/17 14:18:02 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/17 14:18:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/17 14:18:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/17 14:18:10 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/17 14:52:50 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/17 14:52:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/17 14:53:01 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/17 14:53:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/16 21:24:00 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/16 21:24:03 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/16 21:24:06 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/16 21:24:07 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/15 09:04:33 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/15 09:04:36 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/15 09:04:39 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/15 09:04:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/15 12:31:09 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/15 12:31:11 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/15 12:31:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/15 12:31:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/15 19:03:44 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/15 19:03:44 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/15 19:03:47 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/15 19:03:50 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/15 19:03:51 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/15 19:03:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.10.02 to version v2012.03.15.05
2012/03/15 19:03:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/03/15 19:03:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/03/15 19:03:56 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/03/15 19:03:59 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/03/15 19:03:59 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/15 19:04:00 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/14 20:56:39 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/14 20:56:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/14 20:56:44 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/14 20:56:46 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/13 12:56:13 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/13 12:56:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/13 12:56:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/13 12:56:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/13 21:34:35 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/13 21:34:38 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/13 21:34:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/13 21:34:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/11 13:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/11 13:20:42 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/11 13:20:45 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/11 13:20:47 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/11 19:49:46 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/11 19:49:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/11 19:49:51 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/11 19:49:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/11 20:29:06 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/11 20:29:09 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/11 20:29:12 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/11 20:29:13 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/11 20:30:08 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 49191, Process: iexplore.exe)
2012/03/11 20:30:08 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 49196, Process: iexplore.exe)

2012/03/10 12:09:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/10 12:09:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/10 12:09:27 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/10 12:09:30 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/10 12:20:24 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/10 12:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/03/10 12:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.06.06 to version v2012.03.10.02
2012/03/10 12:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/03/10 12:20:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/03/10 12:20:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/03/10 12:20:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/10 12:20:57 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/10 20:56:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/10 20:56:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/10 20:56:24 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/10 20:56:25 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/07 19:00:09 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/07 19:00:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/07 19:00:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/07 19:00:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/07 19:55:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/07 19:55:34 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/07 19:55:37 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/07 19:55:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/06 13:04:30 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/06 13:04:35 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/06 13:04:38 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/06 13:04:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/06 20:07:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/06 20:07:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/06 20:07:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/06 20:07:26 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/06 20:07:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/06 20:07:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh
2012/03/06 20:07:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.02.29.04 to version v2012.03.06.06
2012/03/06 20:07:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection
2012/03/06 20:07:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped
2012/03/06 20:07:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully
2012/03/06 20:07:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/06 20:07:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/05 12:17:22 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/05 12:17:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/05 12:17:32 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/05 12:17:37 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/05 19:39:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/05 19:39:26 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/05 19:39:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/05 19:39:33 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/05 19:49:47 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 94.100.17.25 (Type: outgoing, Port: 55324, Process: skype.exe)
2012/03/05 19:49:56 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 94.100.17.25 (Type: outgoing, Port: 55324, Process: skype.exe)

2012/03/04 12:29:59 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/04 12:30:04 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/04 12:30:07 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/04 12:30:10 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/04 12:31:59 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 83.128.67.0 (Type: outgoing, Port: 55324, Process: skype.exe)

2012/03/03 12:51:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/03 12:51:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily
2012/03/03 12:51:46 +0100 JANAUNDNICKY-PC Jana und Nicky ERROR Scheduled update failed: Net Exception failed with error code 10093
2012/03/03 12:51:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/03 12:51:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/03 12:51:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/03 19:51:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/03 19:51:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/03 19:52:01 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/03 19:52:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully
2012/03/03 22:52:46 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/03 22:52:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/03 22:52:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/03 22:53:01 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

2012/03/01 11:16:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection
2012/03/01 11:16:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully
2012/03/01 11:16:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection
2012/03/01 11:16:20 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully

Hier noch die Log-Datei von SuperAntiSpyware...

SUPERAntiSpyware Scann-Protokoll
hxxp://www.superantispyware.com

Generiert 04/06/2012 bei 11:47 AM

Version der Applikation : 5.0.1144

Version der Kern-Datenbank : 8115
Version der Spur-Datenbank : 5927

Scan Art : kompletter Scann
Totale Scann-Zeit : 00:48:38

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Gescannte Speicherelemente : 652
Erfasste Speicher-Bedrohungen : 0
Gescannte Register-Elemente : 36549
Erfasste Register-Bedrohungen : 0
Gescannte Datei-Elemente : 39533
Erfasste Datei-Elemente : 0

Alt 06.04.2012, 17:41   #11
markusg
/// Malware-holic
 
Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Standard

Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?



dann machen wir das gerät einmal komplett neu.
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
[/code]
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?
desktop, extrem, extrem langsam, hallo zusammen, hintergrund, kurzem, langsam, nervt, neustart, problem, rechner, taskleiste, verschwunden, verstellt, zusammen, öfter



Ähnliche Themen: Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?


  1. Win 7: Rechner ist extrem langsam
    Plagegeister aller Art und deren Bekämpfung - 21.01.2015 (12)
  2. Ständig Skriptfehler, PC extrem langsam und viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 15.01.2015 (36)
  3. windows 7 es öffnen sich ständig neue fenster rechner ist sehr langsam, ist auch schon mit blue screen abgestürtzt
    Log-Analyse und Auswertung - 09.09.2014 (1)
  4. Internet extrem langsam an Desktop PC. An anderen Geräten normal!
    Plagegeister aller Art und deren Bekämpfung - 18.08.2014 (14)
  5. Win 8 nach Neuinstallation immernoch extrem langsam und stürzt ständig ab
    Log-Analyse und Auswertung - 17.05.2014 (1)
  6. Netbook ständig 100% ausgelastet und extrem langsam
    Log-Analyse und Auswertung - 31.05.2013 (12)
  7. Rechner (Internet) extrem langsam langsam und hackelig!Leerlaufprozess Task Manager ständig zw. 70-98 %
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (17)
  8. PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg
    Plagegeister aller Art und deren Bekämpfung - 06.04.2013 (19)
  9. Inet-Browser extrem langsam, Ständig abstürze mit FF
    Log-Analyse und Auswertung - 16.12.2012 (18)
  10. HTML/Rce.Gen, ständig Virusmeldungen, System extrem langsam
    Plagegeister aller Art und deren Bekämpfung - 01.12.2010 (48)
  11. Rechner extrem langsam - Internetseitenaufbau langsam/ ladehemmungen
    Log-Analyse und Auswertung - 21.07.2010 (1)
  12. Rechner extrem langsam
    Log-Analyse und Auswertung - 03.07.2009 (1)
  13. Ewig ffnet sich neue Seite was kann es sein?
    Plagegeister aller Art und deren Bekämpfung - 16.05.2008 (3)
  14. Rechner ist extrem langsam
    Log-Analyse und Auswertung - 05.10.2007 (1)
  15. Brauche dringend Hilfe...Rechner is zu langsam und hängst sich ständig auf......
    Log-Analyse und Auswertung - 24.01.2007 (1)
  16. Desktop verstellt sich automatisch/ spyware warnungen
    Log-Analyse und Auswertung - 30.09.2006 (3)
  17. PC stürzt ständig ab und ist extrem langsam
    Log-Analyse und Auswertung - 17.06.2006 (9)

Zum Thema Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? - Hallo zusammen, ich weiß, dass man sein Problem möglichst exakt definieren sollte, allerdings ist das nicht so einfach. Mein Rechner ist seit kurzem extrem langsam, das alleine nervt schon sehr. - Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?...
Archiv
Du betrachtest: Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.