Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne

Mülltonne: OLT.TXT Editor

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 23.09.2012, 19:02   #1
ortsag
 
OLT.TXT Editor - Standard

OLT.TXT Editor



OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23.09.2012 18:54:46 - Run 1
OTL by OldTimer - Version 3.2.66.0 Folder = C:\Users\Norton\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 0.71 Gb Available Physical Memory | 35.74% Memory free
4.23 Gb Paging File | 2.70 Gb Available in Paging File | 63.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225.43 Gb Total Space | 49.56 Gb Free Space | 21.99% Space Free | Partition Type: NTFS
Drive D: | 7.45 Gb Total Space | 2.52 Gb Free Space | 33.86% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: cindy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 11.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Migros Photo Service] -- "C:\Program Files\Migros\Migros Photo Service\Migros Photo Service.exe" "%1" ()
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1DEBF4ED-17F2-47ED-9775-BB346857AF1A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{AB1AE703-CDAF-4373-A815-BFE268459DFF}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0542B8CE-6699-47D9-A103-D4BECCD5190D}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager 1.0\mediamanager.exe | 
"{1416CF1D-5A1E-4717-BB07-7F876F556D45}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | 
"{1437DF27-6446-4B07-A62F-4463CBF2D47B}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqpsapp.exe | 
"{2291E337-FA1B-4363-B20B-5563758440A4}" = protocol=17 | dir=in | app=c:\users\cindy\appdata\local\temp\sweetimreinstall\sweetimsetup[1].exe | 
"{4DF06265-14E6-4E8B-A23E-BC76C773ECA9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{618A5717-F229-44DF-96C9-BCA6C66B04F1}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{638D4E59-D819-4568-AC70-466E3AE83D66}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | 
"{63A6DD91-9ECB-4F44-A179-4E218F0170E8}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager 1.0\mediamanager.exe | 
"{690DD7BE-5509-4F40-880B-628E202F2ED2}" = protocol=17 | dir=in | app=c:\users\cindy\appdata\local\microsoft\windows\temporary internet files\content.ie5\d32uymq7\sweetimsetup[1].exe | 
"{7BF6E091-F041-4F33-A00A-CD7CA07DDFB3}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | 
"{8FFE8B2A-6F46-495A-8E75-A4DC425D9B5A}" = protocol=6 | dir=in | app=c:\users\cindy\appdata\local\temp\wzse0.tmp\symnrt.exe | 
"{944C4F93-7882-4FCB-98F1-5E53E1E792F3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9C62A9FA-C445-4663-88DC-C901C1CB97DE}" = protocol=6 | dir=in | app=c:\users\cindy\appdata\local\temp\sweetimreinstall\sweetimsetup[1].exe | 
"{A225722E-A8DD-439F-966B-E1F42C59AC70}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqpse.exe | 
"{ABBDDC12-A45A-4D37-BD83-F5D8FEB1B8B6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B31B12C5-AE20-4C07-A799-5399C7F1FF63}" = dir=in | app=c:\program files\msn messenger\livecall.exe | 
"{B6033723-D7DB-4C28-8362-8C7456B1FA21}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{BC6266B6-724F-4FCE-A803-268A49F9F862}" = protocol=17 | dir=in | app=c:\users\cindy\appdata\local\temp\wzse1.tmp\symnrt.exe | 
"{C184952E-99B1-406B-A766-6EFD864B5F88}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{C461A8A5-92F3-4E92-A051-A483FC2996C2}" = protocol=6 | dir=in | app=c:\users\cindy\appdata\local\microsoft\windows\temporary internet files\content.ie5\d32uymq7\sweetimsetup[1].exe | 
"{D3EB1D26-B3D1-421B-A7F2-0DF6CCB8103B}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqsudi.exe | 
"{D7AF7C59-870B-49AC-B078-D0C2FA9915B9}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E227C14D-F1E2-4720-A1D5-39D4597E91B1}" = protocol=6 | dir=in | app=c:\users\cindy\appdata\local\temp\wzse1.tmp\symnrt.exe | 
"{FF011384-D5F0-4C8E-A07F-69FA6472EB2E}" = protocol=17 | dir=in | app=c:\users\cindy\appdata\local\temp\wzse0.tmp\symnrt.exe | 
"TCP Query User{138C974B-A302-48BC-A597-14A98110379E}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe | 
"UDP Query User{819D9F96-2BB1-4518-BB74-07B79562BDA7}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{047B9A6A-21E7-45CF-8825-0A061EEF9B23}" = SweetIM Toolbar for Internet Explorer 4.3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0ABA40AF-288D-41F1-B735-C5155692CD7D}" = VeriSoft Access Manager
"{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}" = Norton 360 HTMLHelp
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1429F2EA-5147-407D-80CA-0758EDA3D0A4}" = MP Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{194C14D5-3CB0-4977-8886-A79DFC00E820}" = MSCU for Microsoft Vista
"{199C20D6-10D3-4210-B361-4760209F56AE}" = Citrix Online Plug-in (Web)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21829177-4DED-4209-AD08-490B3AC9C01A}" = Norton 360
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24DF7221-644B-4C3A-A478-459502D40522}" = Backup
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger
"{290B83AA-093A-45BF-A917-D1C4A1E8D917}" = HP Active Support Library
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360
"{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Foto-Manager 2009
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3ECCB578-504E-4F7A-A8B4-CF4F3B939B44}" = Citrix Online Plug-in (USB)
"{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}" = Norton 360
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45690715-80A6-4445-B61D-ADEC5888E8CD}" = Symantec Technical Support Controls
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2
"{4E79A62F-7A2D-4058-BCE0-94E6B9E2F162}" = USB Disk Win98 Driver
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4F1DCA42-2030-437C-A94E-736692A499C1}" = Nokia Connectivity Cable Driver
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{580EC579-E476-469F-9EBF-F82D696FC67A}" = iClone SE
"{5C72622B-643D-4296-B57D-5D53D0C68509}" = Sony Ericsson Media Manager 1.0
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{678094A1-6250-476B-9AFF-4376E48F135C}" = Citrix Online Plug-in (DV)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Foto- und Bildbearbeitung 2.0 All-in-One Treiber 
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7968EB30-5580-4955-8925-4A17CD625118}" = ESU for Microsoft Vista
"{7D9B8EE1-7E8E-411C-8F36-2A26D2D20D5F}" = HotFix Q0306270
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{9061CEF2-51F5-42C9-8A70-9ED351C6597A}" = HP Help and Support
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Foto- und Bildbearbeitung 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F67AC89-5FA6-4F3F-95DB-92F322C8C2EB}" = USB Flash Disk Utility
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = HP Integrated Module with Bluetooth wireless technology
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Speicher-Disc
"{B61B6668-A674-4A06-8405-51944D5CCDDD}" = AuthenTec Fingerprint Sensor Minimum Install
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{DDFD9BA2-8E26-4E49-92AE-882424DAB1BC}" = HP User Guides 0057
"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software
"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11
"{E7C74144-EC10-48D9-B250-E7E1EA571B3F}" = SymNet
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{E9BC886E-0D8A-4EF5-B793-30DB776C6E2C}" = PC Connectivity Solution
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA365307-1963-4D16-BD44-113C8F037AAD}" = Citrix Online Plug-in (HDX)
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"7333-8794-1629-3209" = steuern.lu.2010 nP 6.0.2
"7-Zip" = 7-Zip 4.56 beta
"9004-7442-8537-0667" = steuern.lu.2011 nP 7.0.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7)
"CitrixOnlinePluginPackWeb" = Citrix Online Plug-in - Web
"expertfoto bookmaker_is1" = expertfoto bookmaker
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Fotopick FotoFun-Designer" = Fotopick FotoFun-Designer
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 5.1.5
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.11.727
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ifolor-OrderClient" = ifolor Bestellsoftware 3.7
"MAGIX Foto Manager 2008 D" = MAGIX Foto Manager 2008 5.0.0.255 (D)
"MAGIX Fotobuch" = MAGIX Fotobuch 3.2
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MAGIX PC Visit D" = MAGIX PC Visit
"MAGIX Video deluxe 2008 PLUS D" = MAGIX Video deluxe 2008 PLUS 7.5.0.20 (D)
"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6 6.0.22.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Migros Photo Service" = Migros Photo Service
"MouseSuite98" = Mouse Suite
"Mufin MusicFinder Base D" = Mufin MusicFinder Base 1.0.1.229 (D)
"NVIDIA Drivers" = NVIDIA Drivers
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360 (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Zattoo" = Zattoo 3.1.1 Beta
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-718447124-1030447495-3968581107-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3568062574.client.my-silverx.com" = Fotopick FotoFun-Designer
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16.09.2012 09:17:10 | Computer Name = Büro-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10982252
 
Error - 16.09.2012 09:17:10 | Computer Name = Büro-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10982252
 
Error - 23.09.2012 05:41:34 | Computer Name = Büro-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AcroRd32.exe, Version 8.1.0.137, Zeitstempel
0x46444e37, fehlerhaftes Modul Multimedia.api, Version 8.1.0.137, Zeitstempel 0x464447dc,
Ausnahmecode 0xc0000005, Fehleroffset 0x00030cbc, Prozess-ID 0x14e8, Anwendungsstartzeit
01cd996f7054c374.
 
Error - 23.09.2012 05:46:35 | Computer Name = Büro-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung DevDetect.exe, Version 5.0.50.0, Zeitstempel
0x4983485f, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x00000000, Prozess-ID 0xd90, Anwendungsstartzeit
01cd99701b103f88.
 
Error - 23.09.2012 06:25:37 | Computer Name = Büro-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 23.09.2012 08:11:10 | Computer Name = Büro-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 23.09.2012 08:48:20 | Computer Name = Büro-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AsGHost.exe, Version 2.5.0.57, Zeitstempel 0x45c99c4a,
fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
0xc0000005, Fehleroffset 0x00067db0, Prozess-ID 0x958, Anwendungsstartzeit 01cd9989b3fae125.
 
Error - 23.09.2012 12:44:55 | Computer Name = Büro-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 23.09.2012 12:44:55 | Computer Name = Büro-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 21247
 
Error - 23.09.2012 12:44:55 | Computer Name = Büro-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 21247
 
[ System Events ]
Error - 23.09.2012 08:28:42 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 23.09.2012 08:28:42 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 23.09.2012 08:28:42 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 23.09.2012 08:48:00 | Computer Name = Büro-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 23.09.2012 um 14:46:11 unerwartet heruntergefahren.
 
Error - 23.09.2012 08:49:40 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 23.09.2012 08:49:55 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 23.09.2012 08:50:04 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 23.09.2012 12:42:20 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 23.09.2012 12:42:43 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 23.09.2012 12:42:43 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7001
Description = 
 
 
< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.09.2012 18:54:46 - Run 1
OTL by OldTimer - Version 3.2.66.0 Folder = C:\Users\Norton\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 0.71 Gb Available Physical Memory | 35.74% Memory free
4.23 Gb Paging File | 2.70 Gb Available in Paging File | 63.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225.43 Gb Total Space | 49.56 Gb Free Space | 21.99% Space Free | Partition Type: NTFS
Drive D: | 7.45 Gb Total Space | 2.52 Gb Free Space | 33.86% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: cindy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Norton\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\gnzarjuv.exe ()
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil11c_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Programme\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Programme\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Windows\System32\wercon.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\ieuser.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\ACD Systems\DE\DevDetect.exe (ACD Systems)
PRC - C:\Programme\Common Files\Symantec Shared\CCSVCHST.EXE (Symantec Corporation)
PRC - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Java\jre1.6.0\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - c:\Programme\Bioscrypt\VeriSoft\Bin\asghost.exe (Cognizance Corporation)
PRC - C:\Programme\MSN Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Windows\System32\PELMICED.EXE (Primax Electronics Ltd.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Windows\System32\ICO.EXE (Primax Electronics Ltd.)
PRC - C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Programme\USB Disk Win98 Driver\Res.exe (ali)
PRC - C:\Programme\A-DATA\USB Flash Disk Utility\PLBkMon.exe (Prolific Technology Inc.)
PRC - C:\Windows\System32\HotFixQ0306270.exe (Prolific Technology Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\ProgramData\gnzarjuv.exe ()
MOD - C:\Programme\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLTinyDB.dll ()
MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLCapEngine.dll ()
MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLSchMgr.dll ()
MOD - C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll ()
MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Windows\System32\btwhidcs.dll ()
MOD - C:\Programme\Motorola\SMSERIAL\sm56ita.dll ()
MOD - C:\Programme\Motorola\SMSERIAL\sm56esp.dll ()
MOD - C:\Programme\Motorola\SMSERIAL\sm56brz.dll ()
MOD - C:\Programme\Motorola\SMSERIAL\sm56kor.dll ()
MOD - C:\Programme\Motorola\SMSERIAL\sm56ger.dll ()
MOD - C:\Programme\Motorola\SMSERIAL\sm56fra.dll ()
MOD - C:\Programme\Motorola\SMSERIAL\sm56dnk.dll ()
MOD - C:\Programme\Motorola\SMSERIAL\sm56jpn.dll ()
MOD - C:\Programme\Motorola\SMSERIAL\sm56cht.dll ()
MOD - C:\Programme\Motorola\SMSERIAL\sm56chs.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (NAUpdate) -- C:\Programme\Nero\Update\NASvc.exe (Nero AG)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Symantec Core LC) -- C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (LiveUpdate Notice) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (comHost) -- C:\Programme\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)
SRV - (CLSched) -- C:\Programme\HP\QuickPlay\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) -- C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (ASBroker) -- c:\Programme\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll (Cognizance Corporation)
SRV - (usnjsvc) -- C:\Programme\MSN Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (UPnPService) -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (ASChannel) -- c:\Programme\Bioscrypt\VeriSoft\Bin\ASChnl.dll (Cognizance Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120922.008\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120922.008\NAVENG.SYS (Symantec Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20120919.001\IDSvix86.sys (Symantec Corporation)
DRV - (ctxusbm) -- C:\Windows\System32\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV - (AFS) -- C:\Windows\System32\drivers\AFS.SYS (Oak Technology Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation)
DRV - (SYMNDISV) -- C:\Windows\System32\drivers\symndisv.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\Windows\System32\drivers\symtdi.sys (Symantec Corporation)
DRV - (SYMFW) -- C:\Windows\System32\drivers\symfw.sys (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\drivers\symredrv.sys (Symantec Corporation)
DRV - (SYMDNS) -- C:\Windows\System32\drivers\symdns.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (COH_Mon) -- C:\Windows\System32\drivers\COH_Mon.sys (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (CO_Mon) -- C:\Windows\System32\drivers\CO_Mon.sys (Symantec Corporation)
DRV - (acehlp10) -- C:\Windows\System32\drivers\acehlp10.sys (Protect Software GmbH)
DRV - (acedrv10) -- C:\Windows\System32\drivers\ACEDRV10.sys (Protect Software GmbH)
DRV - (ATSWPDRV) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (eabfiltr) -- C:\Windows\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (PLFF) -- C:\Windows\System32\drivers\plff.sys (Prolific Technology Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_CH&c=73&bd=Pavilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_CH&c=73&bd=Pavilion&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope = {596F7E93-E60D-444F-A5BF-ECD98AC00052}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{596F7E93-E60D-444F-A5BF-ECD98AC00052}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={A0E666EF-42D5-11E1-8CEB-001E37035685}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bluewin.ch/
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=&apn_ptnrs=%5EAAA&apn_dtid=%5EYYYYYY%5EYY%5ECH&apn_uid=4e266162-f958-4ba9-a090-7fe37ab197c6&apn_sauid=E96B6D23-452F-42F0-A490-0F705CE83B36
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\..\SearchScopes\{596F7E93-E60D-444F-A5BF-ECD98AC00052}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={A0E666EF-42D5-11E1-8CEB-001E37035685}
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_CH&c=73&bd=Pavilion&pf=laptop
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_CH&c=73&bd=Pavilion&pf=laptop
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1001\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=de_EU&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^CH&apn_uid=4e266162-f958-4ba9-a090-7fe37ab197c6&apn_sauid=E96B6D23-452F-42F0-A490-0F705CE83B36
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1001\..\SearchScopes\{596F7E93-E60D-444F-A5BF-ECD98AC00052}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
IE - HKU\S-1-5-21-718447124-1030447495-3968581107-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\cindy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\cindy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
 
[2010.05.03 19:47:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cindy\AppData\Roaming\mozilla\Extensions
[2010.05.03 19:47:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cindy\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
 
========== Chrome ==========
 
CHR - homepage: hxxp://home.sweetim.com/?barid={A0E666EF-42D5-11E1-8CEB-001E37035685}
CHR - default_search_provider: SweetIM Search (Enabled)
CHR - default_search_provider: search_url = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={A0E666EF-42D5-11E1-8CEB-001E37035685}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://home.sweetim.com/?barid={A0E666EF-42D5-11E1-8CEB-001E37035685}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\cindy\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\cindy\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\cindy\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Reg Error: Value error.) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (VeriSoft Access Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Programme\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-718447124-1030447495-3968581107-1001\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-718447124-1030447495-3968581107-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-718447124-1030447495-3968581107-1001\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ADATA_PLUtil] C:\Programme\A-DATA\USB Flash Disk Utility\PLBkMon.exe (Prolific Technology Inc.)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CognizanceTS] c:\Programme\Bioscrypt\VeriSoft\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\Windows\System32\ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton 360\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PLFFAP] C:\Windows\System32\HotFixQ0306270.exe (Prolific Technology Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_2008_PLUS\Trayserver.exe (MAGIX AG)
O4 - HKLM..\Run: [USB Storage Toolbox] C:\Programme\USB Disk Win98 Driver\Res.exe (ali)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-718447124-1030447495-3968581107-1000..\Run: [Device Detector] DevDetect.exe -autorun File not found
O4 - HKU\S-1-5-21-718447124-1030447495-3968581107-1000..\Run: [gnzarjuvxdvelkm] C:\ProgramData\gnzarjuv.exe ()
O4 - HKU\S-1-5-21-718447124-1030447495-3968581107-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-718447124-1030447495-3968581107-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-718447124-1030447495-3968581107-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-718447124-1030447495-3968581107-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\cindy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\cindy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Web-Suche - C:\Programme\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-718447124-1030447495-3968581107-1000\..Trusted Domains: hotelgastro.ch ([remote] https in Vertrauenswürdige Sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} https://remote.hotelgastro.ch/XTSAC.cab (XTSAC Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab (Steuerung des DownloadManager )
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.2.17.60 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BA914CA-27AE-4720-AAEB-EDE67BA08586}: DhcpNameServer = 62.2.17.60 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F06DC31-5662-41C3-A1F3-0B70652AA0F3}: DhcpNameServer = 62.2.17.60 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - C:\Windows\System32\APSHook.dll (Cognizance Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Wave.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Wave.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{0630849d-50d0-11dd-9acd-001e37035685}\Shell\Auto\command - "" = C:\Windows\System32\cmd.exe -- [2008.01.19 09:33:04 | 000,318,976 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{0630849d-50d0-11dd-9acd-001e37035685}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
O33 - MountPoints2\{c47e9473-6d70-11de-92aa-001e37035685}\Shell\Auto\command - "" = F:\launcher.exe
O33 - MountPoints2\{c47e9473-6d70-11de-92aa-001e37035685}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.23 15:53:15 | 000,000,000 | ---D | C] -- C:\Users\cindy\AppData\Roaming\Malwarebytes
[2012.09.23 15:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.23 15:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.23 15:53:04 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.23 15:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.09.23 11:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\fqfazmcjxgaxcct
[2012.09.22 16:08:12 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.09.22 16:08:12 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.09.22 16:08:12 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.09.22 16:08:12 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.09.22 16:08:12 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.09.22 16:08:12 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.09.22 16:08:12 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.09.22 16:08:12 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.09.22 16:08:12 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.09.16 10:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.16 10:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.09.16 10:20:29 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.23 19:00:08 | 000,000,392 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BC26DC3D-63AD-4136-8FB3-B4FA24DE08C9}.job
[2012.09.23 18:57:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-718447124-1030447495-3968581107-1000UA.job
[2012.09.23 18:57:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-718447124-1030447495-3968581107-1000Core.job
[2012.09.23 18:48:52 | 000,596,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.23 18:48:51 | 000,628,942 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.23 18:48:51 | 000,126,460 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.23 18:48:51 | 000,104,270 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.23 18:47:10 | 000,000,148 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2012.09.23 18:47:00 | 000,136,860 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.09.23 18:46:40 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.23 18:45:54 | 000,136,860 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.09.23 18:44:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.23 18:40:48 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 18:40:48 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 18:40:40 | 2143,784,960 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.23 18:39:02 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.09.23 18:07:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.23 15:53:06 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.23 11:42:01 | 000,096,176 | ---- | M] () -- C:\ProgramData\yejfqvemjtfenxb
[2012.09.23 11:41:32 | 000,087,040 | ---- | M] () -- C:\ProgramData\gnzarjuv.exe
[2012.09.17 21:59:15 | 299,241,889 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.09.16 10:20:33 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.09.15 19:05:05 | 000,002,042 | ---- | M] () -- C:\Users\cindy\Desktop\Google Chrome.lnk
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.08.26 13:29:59 | 000,081,262 | ---- | M] () -- C:\Users\cindy\Desktop\bild 1.JPG
 
========== Files Created - No Company Name ==========
 
[2012.09.23 15:53:06 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.23 14:47:55 | 2143,784,960 | -HS- | C] () -- C:\hiberfil.sys
[2012.09.23 11:42:00 | 000,087,040 | ---- | C] () -- C:\ProgramData\gnzarjuv.exe
[2012.09.23 11:41:33 | 000,096,176 | ---- | C] () -- C:\ProgramData\yejfqvemjtfenxb
[2012.09.16 10:20:33 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.26 13:29:53 | 000,081,262 | ---- | C] () -- C:\Users\cindy\Desktop\bild 1.JPG
[2009.12.05 13:08:13 | 000,136,860 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.12.05 13:08:04 | 000,136,860 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.04.03 20:09:30 | 000,000,000 | ---- | C] () -- C:\Users\cindy\AppData\Roaming\wklnhst.dat
[2008.01.05 11:31:05 | 000,103,589 | ---- | C] () -- C:\Users\cindy\AppData\Roaming\nvModes.001
[2008.01.05 11:31:04 | 000,103,589 | ---- | C] () -- C:\Users\cindy\AppData\Roaming\nvModes.dat
[2007.12.18 20:20:45 | 000,000,368 | ---- | C] () -- C:\Users\cindy\Bilder - Verknüpfung.lnk
[2007.11.17 19:00:55 | 000,000,680 | ---- | C] () -- C:\Users\cindy\AppData\Local\d3d9caps.dat
[2007.11.10 16:41:41 | 000,163,328 | ---- | C] () -- C:\Users\cindy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2009.09.12 14:08:24 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\ACD Systems
[2008.08.12 20:12:40 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\CoSoSys
[2010.03.13 17:01:23 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\digital publishing
[2011.08.07 16:21:54 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\DVDVideoSoft
[2011.08.07 16:12:27 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.11.09 23:15:16 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\ICAClient
[2012.01.24 21:39:15 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\ifolor
[2011.02.20 13:50:58 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\Information Factory
[2009.09.12 13:54:54 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\MAGIX
[2009.09.12 13:51:37 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\MAGIX-Fotobuch
[2009.07.10 21:14:05 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\MPMAN
[2010.05.02 16:02:49 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\Nokia
[2010.05.02 15:38:12 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\PC Suite
[2010.05.02 16:15:41 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\Sony
[2008.04.03 20:09:30 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\Template
[2010.05.03 19:47:41 | 000,000,000 | ---D | M] -- C:\Users\cindy\AppData\Roaming\TomTom
 
========== Purity Check ==========
 
 
 
< End of report >
         
--- --- ---

Alt 24.09.2012, 11:49   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
OLT.TXT Editor - Standard

OLT.TXT Editor



PROBLEMBESCHREIBUNG??
__________________

__________________

Alt 24.09.2012, 21:34   #3
ortsag
 
OLT.TXT Editor - Standard

Malwarebytes mbam-log 2012-09-24 (20-15-32) - Editor



Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.24.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Norton :: BÜRO-PC [limited]

Protection: Enabled

24.09.2012 20:15:32
mbam-log-2012-09-24 (20-15-32).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 397543
Time elapsed: 2 hour(s), 14 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\ProgramData\gnzarjuv.exe (Trojan.Winlock) -> Delete on reboot.

(end)
__________________

Alt 25.09.2012, 10:25   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
OLT.TXT Editor - Standard

OLT.TXT Editor



Zu faul zum Lesen oder was?

 

Themen zu OLT.TXT Editor
32 bit, 7-zip, adobe, anti-malware, bho, bonjour, browser, c:\windows\system32\cmd.exe, converter, defender, delete, detected, disabled, editor, error, excel, explorer, file, firefox, flash player, format, google, helper, home, homepage, iexplore.exe, install.exe, launch, limited, logfile, malicious, malwarebytes, malwarebytes anti-malware, memory, minute, mp3, ntdll.dll, object, office 2007, programdata, realtek, registry, rundll, scan, security, server, service, service pack 2, software, startup, svchost.exe, symantec, system, tcp, temp, troja, trojan.winlock, udp, usb, version, vista, visual studio


« Müll | Doppelt »

Ähnliche Themen: OLT.TXT Editor


  1. Bios ist verschwunden nach easy BCD Editor
    Alles rund um Windows - 27.09.2014 (1)
  2. hijackthis editor datei erstellt, was nun?
    Plagegeister aller Art und deren Bekämpfung - 10.02.2013 (33)
  3. Jede .exe wird nur noch mit Editor geöffnet
    Plagegeister aller Art und deren Bekämpfung - 11.02.2010 (4)
  4. Batch dateien im windows editor
    Alles rund um Windows - 10.10.2008 (11)
  5. hijack this editor file posten zur analyse
    Mülltonne - 04.09.2008 (0)
  6. alle Progr. mit Editor gestartet!!!
    Plagegeister aller Art und deren Bekämpfung - 08.09.2006 (3)
  7. Assoziationen sind alle auf Editor
    Plagegeister aller Art und deren Bekämpfung - 17.03.2006 (18)
  8. ntuser- und indexdatei starten bei allem den editor
    Plagegeister aller Art und deren Bekämpfung - 10.03.2006 (6)
  9. Programm Trojanar als Editor
    Mülltonne - 08.02.2006 (4)
  10. wysiwig editor???
    Alles rund um Windows - 04.11.2004 (4)
  11. Editor mit Syntax-Highlighting
    Alles rund um Mac OSX & Linux - 15.08.2004 (1)
  12. GESUCHT: gentoo && php-editor
    Alles rund um Mac OSX & Linux - 19.03.2003 (6)
  13. HTML Editor
    Alles rund um Mac OSX & Linux - 20.01.2003 (18)

Zum Thema OLT.TXT Editor - OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL Extras logfile created on: 23.09.2012 18:54:46 - Run 1 OTL by OldTimer - Version 3.2.66.0 Folder = C:\Users\Norton\Desktop Windows Vista Home Premium - OLT.TXT Editor...
Archiv
Du betrachtest: OLT.TXT Editor auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.