Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Google-Link und andere Probleme!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.01.2013, 14:14   #31
Aviator1985
 
Google-Link und andere Probleme! - Standard

Google-Link und andere Probleme!



Oh sry... hier sind die richtigen Logs

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.01.2013 14:00:48 - Run 6
OTL by OldTimer - Version 3.2.69.0     Folder = C:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 83,82% Memory free
4,84 Gb Paging File | 4,53 Gb Available in Paging File | 93,51% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 24,66 Gb Total Space | 2,50 Gb Free Space | 10,12% Space Free | Partition Type: NTFS
Drive D: | 70,18 Gb Total Space | 3,22 Gb Free Space | 4,59% Space Free | Partition Type: NTFS
Drive E: | 54,20 Gb Total Space | 4,09 Gb Free Space | 7,54% Space Free | Partition Type: NTFS
Drive F: | 97,66 Gb Total Space | 2,80 Gb Free Space | 2,86% Space Free | Partition Type: NTFS
Drive G: | 51,38 Gb Total Space | 5,23 Gb Free Space | 10,17% Space Free | Partition Type: NTFS
Drive H: | 4,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: JULIA | User Name: Amadeo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - D:\Process Lasso\ProcessGovernor.exe (Bitsum Technologies)
PRC - D:\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
PRC - D:\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group)
PRC - C:\Programme\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()
 
 
========== Services (SafeList) ==========
 
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SbieSvc) -- D:\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (Mobile Partner. RunOuc) -- D:\Mobile Partner\UpdateDog\ouc.exe ()
SRV - (Steam Client Service) -- C:\Programme\Gemeinsame Dateien\Steam\SteamService.exe (Valve Corporation)
SRV - (HWDeviceService.exe) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe ()
SRV - (STacSV) -- C:\WINDOWS\system32\stacsv.exe (IDT, Inc.)
SRV - (pgsql-8.3) -- C:\Programme\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (cpuz132) --  File not found
DRV - (cpudrv) -- C:\Programme\SystemRequirementsLab\cpudrv.sys File not found
DRV - (Changer) --  File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (a4o7z9b1) --  File not found
DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (SbieDrv) -- D:\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (ewusbnet) -- C:\WINDOWS\system32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_enumerator) -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (epmntdrv) -- C:\WINDOWS\system32\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\WINDOWS\system32\EuGdiDrv.sys ()
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AtiHDAudioService) -- C:\WINDOWS\system32\drivers\AtihdXP3.sys (Advanced Micro Devices)
DRV - (VX1000) -- C:\WINDOWS\system32\drivers\VX1000.sys (Microsoft Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (cmuda3) -- C:\WINDOWS\system32\drivers\cmudax3.sys (C-Media Inc)
DRV - (chdrvr02) -- C:\WINDOWS\system32\drivers\chdrvr02.sys (CH Products)
DRV - (chdrvr03) -- C:\WINDOWS\system32\drivers\chdrvr03.sys (CH Products)
DRV - (chdrvr01) -- C:\WINDOWS\system32\drivers\chdrvr01.sys (CH Products)
DRV - (USB_RNDIS) -- C:\WINDOWS\system32\drivers\usb8023.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
DRV - (cmpci) -- C:\WINDOWS\system32\drivers\cmaudio.sys (C-Media Inc)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.at
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.tuwien.ac.at
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.at
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.tuwien.ac.at
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1003\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1025\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.at
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1025\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.tuwien.ac.at
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1025\..\SearchScopes,DefaultScope = 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\01035
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.10.29 10:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.12.19 01:47:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{A396240B-27B6-4007-9588-064E96278BAD}: C:\WINDOWS\system32\01022
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\01035
 
[2010.08.22 10:45:51 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Amadeo\Anwendungsdaten\Mozilla\Extensions
[2012.10.29 10:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Amadeo\Anwendungsdaten\Mozilla\Firefox\Profiles\m8jc65yq.default\extensions
[2012.10.29 10:19:09 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Amadeo\Anwendungsdaten\Mozilla\Firefox\Profiles\m8jc65yq.default\extensions\nostmp
[2012.10.29 10:19:33 | 000,020,591 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Amadeo\Anwendungsdaten\Mozilla\Firefox\Profiles\m8jc65yq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2012.10.29 10:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.12.24 09:24:12 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (no name) - {184AA5E6-741D-464a-820E-94B3ABC2F3B4} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {6764C5ED-CEE4-42ae-8F31-23F02A3A661F} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.
O4 - HKLM..\Run: [ATICustomerCare] C:\Programme\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [ProcessGovernor] D:\Process Lasso\processgovernor.exe (Bitsum Technologies)
O4 - HKLM..\Run: [ProcessLassoManagementConsole] D:\Process Lasso\ProcessLasso.exe (Bitsum Technologies)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-57989841-963894560-1606980848-1003..\Run: [DAEMON Tools Lite] F:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-57989841-963894560-1606980848-1003..\Run: [DriverMax] G:\DriverMax\devices.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-57989841-963894560-1606980848-1003..\Run: [DriverMax_RESTART] G:\DriverMax\devices.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-57989841-963894560-1606980848-1003..\Run: [ICQ] F:\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-57989841-963894560-1606980848-1003..\Run: [SandboxieControl] D:\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-57989841-963894560-1606980848-1003..\Run: [SpybotSD TeaTimer] E:\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-57989841-963894560-1606980848-1003..\Run: [Steam] G:\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\Amadeo\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = D:\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-57989841-963894560-1606980848-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-57989841-963894560-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-57989841-963894560-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-57989841-963894560-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-57989841-963894560-1606980848-1025\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-57989841-963894560-1606980848-1025\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - F:\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - F:\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Dokumente und Einstellungen\Amadeo\Desktop\PartyPoker.lnk ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Dokumente und Einstellungen\Amadeo\Desktop\PartyPoker.lnk ()
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1282521036125 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} hxxp://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab (ChessControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66F64D73-0F8A-4367-86D2-17398744B2EC}: DhcpNameServer = 212.186.211.21 195.34.133.21
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.22 10:37:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006.09.12 19:11:41 | 000,000,233 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.23 12:22:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\BAHN 4.00
[2012.12.20 18:58:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Amadeo\Eigene Dateien\PKR
[2012.12.19 16:21:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.12.19 15:52:40 | 000,000,000 | ---D | C] -- C:\Programme\C-Media Oxygen HD Audio Device
[2012.12.19 01:47:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Amadeo\Lokale Einstellungen\Anwendungsdaten\Sun
[2012.12.19 01:47:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.12.19 01:47:03 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.12.19 01:47:03 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.12.19 01:46:41 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.12.19 01:46:41 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.12.19 01:46:41 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.12.19 01:26:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.12.19 00:35:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PostgreSQL 8.3
[2012.12.19 00:34:44 | 000,000,000 | ---D | C] -- C:\Programme\PostgreSQL
[2012.12.18 23:59:38 | 005,012,571 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\Amadeo\Desktop\ComboFix.exe
[2012.12.17 12:05:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Amadeo\Startmenü\Programme\GeoGebra 4.2
[2012.12.14 11:05:39 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Dokumente und Einstellungen\Amadeo\Desktop\aswMBR.exe
[2012.12.12 14:41:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2012.12.11 21:06:48 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Amadeo\Recent
[2012.12.11 20:50:00 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.04 13:41:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.01.04 13:37:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.04 10:37:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.04 10:24:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.04 10:22:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.01.03 18:39:45 | 000,192,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Amadeo\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.30 10:08:56 | 000,551,997 | ---- | M] () -- C:\Dokumente und Einstellungen\Amadeo\Desktop\adwcleaner.exe
[2012.12.29 18:00:58 | 000,004,931 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\flwjycbm.bab
[2012.12.24 09:24:12 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.12.22 23:39:07 | 000,547,175 | ---- | M] () -- C:\adwcleaner.exe
[2012.12.21 20:48:37 | 003,524,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.12.19 22:48:02 | 000,000,464 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenTTD.lnk
[2012.12.19 15:59:35 | 000,000,521 | ---- | M] () -- C:\Dokumente und Einstellungen\Amadeo\Desktop\PokerTracker 4.lnk
[2012.12.19 01:46:08 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.12.19 01:46:00 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.12.19 01:46:00 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.12.19 01:46:00 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.12.19 01:46:00 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.12.19 01:45:59 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.12.19 01:45:58 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012.12.18 23:59:53 | 005,012,571 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\Amadeo\Desktop\ComboFix.exe
[2012.12.17 12:47:36 | 000,069,100 | ---- | M] () -- C:\Dokumente und Einstellungen\Amadeo\Eigene Dateien\matheuebung2.pdf
[2012.12.17 12:05:58 | 000,001,890 | ---- | M] () -- C:\Dokumente und Einstellungen\Amadeo\Desktop\GeoGebra 4.2.lnk
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012.12.14 11:09:27 | 000,012,866 | ---- | M] () -- C:\Dokumente und Einstellungen\Amadeo\Eigene Dateien\pokerstrategie.sxw
[2012.12.14 11:06:16 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Dokumente und Einstellungen\Amadeo\Desktop\aswMBR.exe
[2012.12.14 11:03:25 | 000,302,592 | ---- | M] () -- C:\2qp3jtr4.exe
[2012.12.13 22:41:08 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2012.12.13 17:14:49 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.12.12 14:41:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2012.12.11 21:06:25 | 000,001,910 | ---- | M] () -- C:\Dokumente und Einstellungen\Amadeo\Eigene Dateien\cc_20121211_210619.reg
[2012.12.11 20:56:24 | 000,551,550 | ---- | M] () -- C:\Dokumente und Einstellungen\Amadeo\Eigene Dateien\cc_20121211_205602.reg
[2012.12.09 19:37:53 | 000,528,654 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.12.09 19:37:53 | 000,503,532 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.12.09 19:37:53 | 000,106,748 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.12.09 19:37:53 | 000,089,230 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.12.30 10:08:55 | 000,551,997 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\Desktop\adwcleaner.exe
[2012.12.29 18:00:58 | 000,004,931 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\flwjycbm.bab
[2012.12.22 23:39:06 | 000,547,175 | ---- | C] () -- C:\adwcleaner.exe
[2012.12.19 15:53:12 | 000,002,377 | ---- | C] () -- C:\WINDOWS\Cmicnfgp.ini.cfg
[2012.12.19 15:53:08 | 000,001,948 | ---- | C] () -- C:\WINDOWS\cmudaxp.ini
[2012.12.17 12:47:36 | 000,069,100 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\Eigene Dateien\matheuebung2.pdf
[2012.12.17 12:05:58 | 000,001,890 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\Desktop\GeoGebra 4.2.lnk
[2012.12.14 11:09:24 | 000,012,866 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\Eigene Dateien\pokerstrategie.sxw
[2012.12.14 11:03:24 | 000,302,592 | ---- | C] () -- C:\2qp3jtr4.exe
[2012.12.13 17:14:13 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.12.11 21:06:22 | 000,001,910 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\Eigene Dateien\cc_20121211_210619.reg
[2012.12.11 20:56:07 | 000,551,550 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\Eigene Dateien\cc_20121211_205602.reg
[2012.11.22 21:42:30 | 000,005,110 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\Anwendungsdaten\IDK
[2012.11.16 11:56:18 | 000,141,608 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.05.29 11:22:44 | 000,000,061 | -HS- | C] () -- C:\WINDOWS\cnerolf.bin
[2012.05.03 13:27:47 | 000,000,092 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012.04.21 16:27:21 | 000,001,468 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2012.04.09 10:25:48 | 000,175,104 | ---- | C] () -- C:\WINDOWS\MM_Bahn_V3_Uninstall.exe
[2012.04.02 12:11:36 | 000,000,613 | ---- | C] () -- C:\WINDOWS\System32\urhtps.dat
[2012.03.21 19:22:36 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.03.21 19:22:36 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.03.21 19:22:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.03.21 19:22:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.03.21 19:22:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.01.07 14:15:22 | 003,379,470 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-57989841-963894560-1606980848-1003-0.dat
[2012.01.07 14:15:22 | 000,221,466 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011.11.26 22:04:54 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2011.11.26 22:04:54 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2011.11.26 22:04:54 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2011.11.26 22:04:54 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2011.11.26 22:04:54 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2011.11.12 12:09:23 | 000,000,136 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.11.08 21:49:21 | 000,000,056 | ---- | C] () -- C:\WINDOWS\fs9configurator.ini
[2011.09.28 15:03:13 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011.04.11 18:38:27 | 000,000,185 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\FSDreamTeam_Honolulu.reg
[2011.03.18 11:33:06 | 000,000,180 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\FSDreamTeam_ZurichX.reg
[2011.03.18 00:42:15 | 000,086,776 | ---- | C] () -- C:\WINDOWS\System32\CMCalBlk.dll
[2011.03.17 15:58:15 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2011.03.17 15:56:36 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfl
[2011.03.17 15:56:15 | 000,001,480 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfg
[2011.03.17 15:56:13 | 000,002,532 | ---- | C] () -- C:\WINDOWS\cmudax3.ini
[2011.03.15 23:01:21 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011.03.14 13:02:20 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2011.03.14 12:04:57 | 000,000,220 | ---- | C] () -- C:\WINDOWS\AISmooth.INI
[2011.03.14 02:21:41 | 000,000,199 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\QualityWings_Ultimate 757 Collection.reg
[2011.02.24 12:36:41 | 000,000,132 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\Anwendungsdaten\Adobe Targa Format CS5 Prefs
[2010.08.23 02:16:48 | 000,192,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Amadeo\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2010.08.22 10:54:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010.12.20 23:14:52 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04.01.2013 14:00:48 - Run 6
OTL by OldTimer - Version 3.2.69.0     Folder = C:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 83,82% Memory free
4,84 Gb Paging File | 4,53 Gb Available in Paging File | 93,51% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 24,66 Gb Total Space | 2,50 Gb Free Space | 10,12% Space Free | Partition Type: NTFS
Drive D: | 70,18 Gb Total Space | 3,22 Gb Free Space | 4,59% Space Free | Partition Type: NTFS
Drive E: | 54,20 Gb Total Space | 4,09 Gb Free Space | 7,54% Space Free | Partition Type: NTFS
Drive F: | 97,66 Gb Total Space | 2,80 Gb Free Space | 2,86% Space Free | Partition Type: NTFS
Drive G: | 51,38 Gb Total Space | 5,23 Gb Free Space | 10,17% Space Free | Partition Type: NTFS
Drive H: | 4,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: JULIA | User Name: Amadeo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-57989841-963894560-1606980848-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"5432:TCP" = 5432:TCP:*:Enabled:postgres
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"F:\ICQ7.5\ICQ.exe" = F:\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"D:\BitTorrent\bittorrent.exe" = D:\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"E:\Applications\eMule\emule.exe" = E:\Applications\eMule\emule.exe:*:Enabled:eMule -- (hxxp://www.emule-project.net)
"F:\Empire Earth\Empire Earth.exe" = F:\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth -- ()
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"G:\Steam\Steam.exe" = G:\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"G:\Jedi Academy\GameData\jamp.exe" = G:\Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer -- (Activision Inc)
"G:\Steam\SteamApps\common\cities in motion\Cities In Motion.exe" = G:\Steam\SteamApps\common\cities in motion\Cities In Motion.exe:*:Enabled:Cities in Motion -- ()
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen -- (Microsoft Corporation)
"C:\Programme\TeamViewer\Version7\TeamViewer.exe" = C:\Programme\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version6\TeamViewer.exe" = C:\Programme\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"F:\ICQ7.5\ICQ.exe" = F:\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"F:\Flight Simulator X\fsx.exe" = F:\Flight Simulator X\fsx.exe:*:Enabled:Microsoft Flight Simulator® -- (Microsoft Corp.)
"F:\Flight Simulator X\Flight One Software\Ultimate Traffic 2\UT2Services.exe" = F:\Flight Simulator X\Flight One Software\Ultimate Traffic 2\UT2Services.exe:*:Enabled:UT2Runtime -- (Flag Mountain Software)
"C:\Dokumente und Einstellungen\Amadeo\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Dokumente und Einstellungen\Amadeo\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player
"E:\Games\FIFA Manager 13\Manager13.exe" = E:\Games\FIFA Manager 13\Manager13.exe:*:Enabled:FUSSBALL MANAGER 13 -- (Electronic Arts Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"D:\PacificPoker\bin\poker.exe" = D:\PacificPoker\bin\poker.exe:*:Enabled:poker -- (random)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B82D6C6-9ECC-4710-97AB-5CE482E72852}_is1" = TableScan Turbo RC4 build 8
"{0C5A665C-EB82-237B-4703-88CACDE22C0C}" = Catalyst Control Center Graphics Previews Common
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E9389C0-0E8A-4174-A430-CFAFF29CC3A7}" = PokerStrategy.com Equilab
"{0ED98038-0885-F902-C419-669ADE471A46}" = ATI Stream SDK v2 Developer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{13A74C4A-1AA2-1BAC-99C0-876663ACB9CE}" = ccc-utility
"{1EC65D1D-3911-4F7D-8B6A-63C69EDBFC6E}" = EditVoicepack
"{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{219F5D37-632B-4EC2-96F4-6AE1B8C39284}" = XLNation User Interface Mod
"{22183FFB-C8A7-4740-847A-DD2FAE27B4F3}" = Microsoft Flight Simulator X SP2 SDK
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3B095ED6-8631-4E2A-9F75-3EAD0AA37850}" = ATC Voicepack SDK
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{46559469-7C15-49F4-BB76-21480BE1BEF4}" = Real Environment Xtreme FS2004
"{493687F8-8D57-47C4-87B6-D46D7C5203BF}" = EditVoicepack X
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CFCC6FD-AEA2-4208-99A6-45CBF9DFFD82}" = Real Environment Xtreme
"{4D27CE85-F519-42C1-B4AB-C0BD976FB0BA}" = Orbiter 2010-P1
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{55F78BA4-3D29-4F66-8D89-36E45C3750B6}" = Active Sky Evolution
"{576E71DA-3000-48F6-9B21-B9A70D47DFCF}" = Star Wars JK II Jedi Outcast
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{724D34D5-CC50-49ED-B5A4-587F67EF2B44}" = Overland - World Airlines for FS2004 (Airbus)
"{72FC6A11-7165-49D3-9033-061953EFD732}" = Airlines 2
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7D8EB14A-50BF-493F-A6D6-30656E04937C}" = XPax
"{80AF0300-866F-400F-A350-D53E3C3E34E0}" = FUSSBALL MANAGER 13
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{8F161264-A992-623B-5746-5AD0EF1EA516}" = ATI Catalyst Install Manager
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon® 3
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9273AF57-4CE9-48D9-B9D7-6F8B503B1D93}" = Overland - World Airlines for FSX (Boeing)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-003F-0407-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0C2B76C-DD0E-FC4F-A5D4-C9F7970FB1CD}" = ccc-core-static
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}" = Microsoft Speech SDK 5.1
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AEA944B7-D9C2-4560-92AE-64BD1D755A37}" = FS Recorder 2.01  for FS2004
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
"{BA82F3D7-40E0-CB34-B682-ACC63E7E73B6}" = CCC Help English
"{BC63C33D-2EA7-4991-8C2E-D9B8A48DD58B}" = PokerStrategy.com Elephant
"{BD7CA7F2-FF0A-46C8-8428-38D5BE805C1A}" = Overland - World Airlines for FS2004 (Boeing)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB71DCD9-6D02-4FB4-A81F-27415DA07007}" = Overland - World Airlines for FSX (Airbus)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}" = Microsoft Flight Simulator X Service Pack 2
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EB74294F-B8FC-4387-BEBF-275E36C6076C}" = FS Recorder 2.1  for FSX
"{ED654F5D-5DC9-46EA-9D10-621231527F98}" = FS9 Configurator
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F200693E-3746-4CAF-B38B-AD760AC08555}" = ProTrain - Romatisches Rheintal
"{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"888poker" = 888poker
"Accu-Feel" = Accu-Feel
"ADE9xSetup_is1" = Airport Design Editor 9x Version 1.50.18.197
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AeroDesigns A340  - 313 House Livery" = AeroDesigns A340  - 313 House Livery
"Airport Simulator" = Airport Simulator
"Audacity_is1" = Audacity 2.0
"BAHN384r3a_is1" = BAHN 3.84r3a
"BitTorrent" = BitTorrent
"bwin Poker_is1" = bwin Poker
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CHControlManager_is1" = CH Control Manager Software
"Cities XL 2011" = Cities XL 2011
"C-Media Oxygen HD Sound" = C-Media Oxygen HD Audio Device
"C-Media PCI Sound" = C-Media PCI Audio Device
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CPU-Control_is1" = CPU-Control
"DAEMON Tools Lite" = DAEMON Tools Lite
"Die Gilde Gold-Edition" = Die Gilde Gold-Edition
"DMX5_is1" = DriverMax 5
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"eMule" = eMule
"EZdok Camera for Microsoft Flight Simulator X" = EZdok Camera for Microsoft Flight Simulator X
"F1UT2" = Ultimate Traffic 2 - Summer Schedule Update
"F1UT2PP" = Ultimate Traffic 2 Power Pack
"Foxit Reader_is1" = Foxit Reader
"Fraps" = Fraps (remove only)
"FS Water Configurator" = FS Water Configurator 3.15
"Google Chrome" = Google Chrome
"HoldemManager2" = Holdem Manager 2
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"Installation Stellwerk Bremen" = Installation Stellwerk Bremen
"Installation Stellwerk Hamburg-Altona" = Installation Stellwerk Hamburg-Altona
"Installation Stellwerk Hannover" = Installation Stellwerk Hannover
"Installation Stellwerk Kempten" = Installation Stellwerk Kempten
"Installation Stellwerk Neumünster" = Installation Stellwerk Neumünster
"InstallShield_{72FC6A11-7165-49D3-9033-061953EFD732}" = Airlines 2
"InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"JBChtzDrdnBAHN386rel1_is1" = BAHN 3.86r1
"JBChtzDrdnBAHN386rel2_is1" = BAHN 3.86r2
"JBChtzDrdnBAHN400beta1_is1" = BAHN 4.00b1a
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"MM Eisenbahn-Bildschirmschoner V3" = MM Eisenbahn-Bildschirmschoner V3
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"NoLimits Coasters full" = NoLimits Coasters 1.7 (remove only)
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.2.3
"Origin" = Origin
"PartyPoker" = PartyPoker
"PCI Audio Driver" = PCI Audio Driver
"PKR" = PKR
"Poker 770" = Poker 770
"PokerStars" = PokerStars
"PokerTracker4" = PokerTracker 4 (remove only)
"ProcessLasso" = Process Lasso
"Real Color KLAX" = Real Color KLAX
"Sandboxie" = Sandboxie 3.68 (32-bit)
"Shockwave" = Shockwave
"SP1_F535B2CF-C9BB-4162-B03A-02D6971F32CC" = Microsoft Flight Simulator X Service Pack 1
"SS CFM56-7B 700_800" = SS CFM56-7B 700_800
"Star Alliance TravelDesk_is1" = Star Alliance TravelDesk
"Steam App 73010" = Cities in Motion
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"TrafficGiant-Gold Edition" = TrafficGiant-Gold Edition
"tsimsbgrx9" = São Paulo - Guarulhos / SBGR FS9
"TSS Airbus CFM56 5B FS2004" = TSS Airbus CFM56 5B FS2004
"TSS Airbus CFM56 5B FSX" = TSS Airbus CFM56 5B FSX
"TSS Boeing 767 GE Sound" = TSS Boeing 767 GE Sound
"TSS Boeing 767 PW Sound" = TSS Boeing 767 PW Sound
"TSS Boeing 767 RR" = TSS Boeing 767 RR
"TSS Fokker 100 RR-Tay" = TSS Fokker 100 RR-Tay
"TSS MD11 GE fs2004" = TSS MD11 GE fs2004
"UK2000 Heathrow Xtreme" = Remove UK2000 Heathrow Xtreme files
"Vehicle Simulator_is1" = Vehicle Simulator
"Virtual Sailor_is1" = Virtual Sailor 7
"VLC media player" = VLC media player 2.0.4
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-57989841-963894560-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"80b77bf0c209b804" = Emulator Starter
"GeoGebra 4.2" = GeoGebra 4.2
"GeoGebraPrim" = GeoGebraPrim
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 20.12.2012 17:22:45 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung pokertracker4.exe, Version 4.5.9.0, fehlgeschlagenes
 Modul pokertracker4.exe, Version 4.5.9.0, Fehleradresse 0x00280073.
 
Error - 23.12.2012 06:51:57 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
 Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
 
Error - 25.12.2012 04:41:52 | Computer Name = JULIA | Source = PostgreSQL | ID = 0
Description = pg_ctl: could not start service "pgsql-8.3": error code 1063 
 
Error - 27.12.2012 23:54:58 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
 Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
 
Error - 29.12.2012 04:20:46 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
 Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
 
Error - 29.12.2012 19:42:45 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
 Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
 
Error - 30.12.2012 14:03:54 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung postgres.exe, Version 8.3.0.831, fehlgeschlagenes
 Modul msvcr80.dll, Version 8.0.50727.6195, Fehleradresse 0x000324cb.
 
Error - 30.12.2012 14:08:03 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ezca.exe, Version 1.1.5.0, fehlgeschlagenes
 Modul kernel32.dll, Version 5.1.2600.6293, Fehleradresse 0x00012fd3.
 
Error - 02.01.2013 11:24:44 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 6.0.60.126, fehlgeschlagenes
 Modul kernel32.dll, Version 5.1.2600.6293, Fehleradresse 0x0000984e.
 
Error - 03.01.2013 05:40:47 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
 Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
 
[ Application Events ]
Error - 20.12.2012 17:22:45 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung pokertracker4.exe, Version 4.5.9.0, fehlgeschlagenes
 Modul pokertracker4.exe, Version 4.5.9.0, Fehleradresse 0x00280073.
 
Error - 23.12.2012 06:51:57 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
 Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
 
Error - 25.12.2012 04:41:52 | Computer Name = JULIA | Source = PostgreSQL | ID = 0
Description = pg_ctl: could not start service "pgsql-8.3": error code 1063 
 
Error - 27.12.2012 23:54:58 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
 Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
 
Error - 29.12.2012 04:20:46 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
 Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
 
Error - 29.12.2012 19:42:45 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
 Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
 
Error - 30.12.2012 14:03:54 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung postgres.exe, Version 8.3.0.831, fehlgeschlagenes
 Modul msvcr80.dll, Version 8.0.50727.6195, Fehleradresse 0x000324cb.
 
Error - 30.12.2012 14:08:03 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ezca.exe, Version 1.1.5.0, fehlgeschlagenes
 Modul kernel32.dll, Version 5.1.2600.6293, Fehleradresse 0x00012fd3.
 
Error - 02.01.2013 11:24:44 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 6.0.60.126, fehlgeschlagenes
 Modul kernel32.dll, Version 5.1.2600.6293, Fehleradresse 0x0000984e.
 
Error - 03.01.2013 05:40:47 | Computer Name = JULIA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
 Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
 
[ System Events ]
Error - 03.01.2013 12:47:47 | Computer Name = JULIA | Source = Service Control Manager | ID = 7034
Description = Dienst "HWDeviceService.exe" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 03.01.2013 12:48:17 | Computer Name = JULIA | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 04.01.2013 05:22:25 | Computer Name = JULIA | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 62.178.222.171 für die Netzwerkkarte mit der Netzwerkadresse
 00E07DDE68F5 wurde durch  den DHCP-Server 195.34.134.211 abgelehnt (der DHCP-Server
 hat eine DHCPNACK-Meldung gesendet).
 
Error - 04.01.2013 05:22:40 | Computer Name = JULIA | Source = a4o7z9b1 | ID = 262148
Description = 
 
Error - 04.01.2013 05:22:40 | Computer Name = JULIA | Source = a4o7z9b1 | ID = 262148
Description = 
 
Error - 04.01.2013 05:23:55 | Computer Name = JULIA | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Mobile
 Partner. OUC.
 
Error - 04.01.2013 05:23:55 | Computer Name = JULIA | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
Error - 04.01.2013 05:35:07 | Computer Name = JULIA | Source = Service Control Manager | ID = 7034
Description = Dienst "WMI-Leistungsadapter" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 04.01.2013 05:35:10 | Computer Name = JULIA | Source = Service Control Manager | ID = 7034
Description = Dienst "HWDeviceService.exe" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 04.01.2013 05:35:14 | Computer Name = JULIA | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
 
< End of report >
         
--- --- ---

Alt 04.01.2013, 16:48   #32
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google-Link und andere Probleme! - Standard

Google-Link und andere Probleme!



Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
:OTL
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startfenster.com
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1003\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-57989841-963894560-1606980848-1025\..\SearchScopes,DefaultScope = 
O2 - BHO: (no name) - {184AA5E6-741D-464a-820E-94B3ABC2F3B4} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {6764C5ED-CEE4-42ae-8F31-23F02A3A661F} - No CLSID value found.
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.
[2012.12.29 18:00:58 | 000,004,931 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\flwjycbm.bab
[2012.05.29 11:22:44 | 000,000,061 | -HS- | C] () -- C:\WINDOWS\cnerolf.bin
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________

__________________

Alt 04.01.2013, 18:05   #33
Aviator1985
 
Google-Link und andere Probleme! - Standard

Google-Link und andere Probleme!



Code:
ATTFilter
All processes killed
========== OTL ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKU\S-1-5-21-57989841-963894560-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-57989841-963894560-1606980848-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-57989841-963894560-1606980848-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-57989841-963894560-1606980848-1025\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6764C5ED-CEE4-42ae-8F31-23F02A3A661F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6764C5ED-CEE4-42ae-8F31-23F02A3A661F}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ not found.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\flwjycbm.bab moved successfully.
C:\WINDOWS\cnerolf.bin moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\cmd.bat deleted successfully.
C:\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Administrator.JULIA
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Amadeo
->Temp folder emptied: 4747547 bytes
->Temporary Internet Files folder emptied: 18141956 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 379472376 bytes
->Flash cache emptied: 3137 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 384,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 01042013_175506

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
__________________

Alt 04.01.2013, 19:21   #34
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google-Link und andere Probleme! - Standard

Google-Link und andere Probleme!



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Google-Link und andere Probleme!
acrobat, andere, andere probleme, funktionieren, geleitet, klicke, lösung, natürlich, nicht öffnen, offen, problem, probleme, programme, reader, seite, sämtliche, thread, win, win xp, öffnen



Ähnliche Themen: Google-Link und andere Probleme!


  1. Google Chrome - öffnet eine andere Seite beim Starten von Google Chrome (Win7)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (29)
  2. Probleme bei google-Weiterleitung, link führt zu "ihavenet.com"
    Log-Analyse und Auswertung - 24.05.2013 (8)
  3. Google.de nicht erreichbar - andere Seiten sehr langsam - andere normal DNS-Provider Problem oder Trojaner?
    Log-Analyse und Auswertung - 05.09.2012 (2)
  4. Google leitet mich immer auf andere Websites( manchmal sogar auf google selbst)
    Plagegeister aller Art und deren Bekämpfung - 29.03.2012 (21)
  5. Abnow-Virus (Google-Link wird umgeleitet)
    Plagegeister aller Art und deren Bekämpfung - 11.03.2012 (30)
  6. Google schaltet bei Link klick auf Werbeseiten um
    Log-Analyse und Auswertung - 07.02.2012 (8)
  7. Falsche Link-Weiterleitung bei Google - Trojaner?
    Log-Analyse und Auswertung - 17.01.2012 (30)
  8. 95p.com google Link Virus
    Log-Analyse und Auswertung - 12.01.2012 (13)
  9. 95p.com google Link
    Plagegeister aller Art und deren Bekämpfung - 11.01.2012 (9)
  10. Google Such Link leitet auf eine andere Seite um
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (13)
  11. mal wieder virus durch facebook link plus paar andere glaub ich^^
    Log-Analyse und Auswertung - 01.11.2011 (3)
  12. Google leitet mich auf andere Seiten um wenn ich auf einen Link klicke
    Plagegeister aller Art und deren Bekämpfung - 21.07.2011 (35)
  13. Google Redirect, Pop-Ups & andere Probleme
    Plagegeister aller Art und deren Bekämpfung - 21.07.2011 (5)
  14. Google leitet Link um
    Log-Analyse und Auswertung - 09.06.2011 (26)
  15. google falsche Link
    Log-Analyse und Auswertung - 28.01.2009 (0)
  16. Google falscher link weiterleitung
    Plagegeister aller Art und deren Bekämpfung - 10.11.2007 (37)
  17. Falscher Google-Link
    Log-Analyse und Auswertung - 14.04.2006 (8)

Zum Thema Google-Link und andere Probleme! - Oh sry... hier sind die richtigen Logs OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 04.01.2013 14:00:48 - Run 6 OTL by OldTimer - Version 3.2.69.0 Folder - Google-Link und andere Probleme!...
Archiv
Du betrachtest: Google-Link und andere Probleme! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.