Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
HEUR/HTML.Malware - Heuristic

HEUR/HTML.Malware - Heuristic


Plagegeister aller Art und deren Bekämpfung: HEUR/HTML.Malware - Heuristic

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 08.07.2010, 21:28   #1
Kira68
 
HEUR/HTML.Malware - Heuristic - Standard

HEUR/HTML.Malware - Heuristic


hallo zusammen,
bin gerade neu hier gelandet und hoffe auf eure hilfe!
hatte wegen dem HEUR/HTML.Malware - Heuristic schon nachgelesen und mir dann auch von hier die empfohlene OTL exe gedownloadet.

bei mir öffnet sich nach anklicken des IE oder mailnachrichten-wie eure beim anmelden,bis zu 8 antivir fenster

achso,hab das HEUR/HTML.Malware - Heuristic erst seit heute-!

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 08.07.2010 21:23:57 - Run 1
OTL by OldTimer - Version 3.2.8.1     Folder = C:\Users\***\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584,50 Gb Total Space | 181,46 Gb Free Space | 31,05% Space Free | Partition Type: NTFS
Drive D: | 11,67 Gb Total Space | 1,57 Gb Free Space | 13,46% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
"VistaSp2" = 10 D4 0B FB 85 89 CA 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4A99AD06-DC45-47DA-B727-28B16B5B2285}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{77B78561-F184-4A53-BDDD-01F0C527E666}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09DA0F9A-F657-4A84-9CE0-5B91F142C903}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbtray.exe | 
"{0F704D11-1DAE-473A-B903-794978F327A4}" = protocol=6 | dir=in | app=c:\program files (x86)\empire of sports\networkdiagnostic.exe | 
"{44695C2A-686D-4B63-A818-0DCAFC5F7A44}" = protocol=17 | dir=in | app=c:\users\sammi\appdata\local\f4\clientupdater\clientupdater.exe | 
"{4841F65C-A4C9-4F88-9010-8E77D25B46F1}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{4E9BD0DB-1BB6-4955-AACD-5CE6A8147E27}" = protocol=6 | dir=in | app=c:\users\sammi\appdata\local\f4\clientupdater\clientupdater.exe | 
"{6335DC55-E74B-4248-9E49-7B4B4339AC39}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbir.exe | 
"{724485CF-2452-4F19-9E9A-CB1EBD1C832C}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orb.exe | 
"{727AE6F2-D43D-4ABC-AA16-6A8FF507134B}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{91CE9E57-C824-45C6-B0A5-F2DA00100501}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbstreamerclient.exe | 
"{973E9824-CD6C-486A-AE81-AE63E5D84250}" = protocol=17 | dir=in | app=c:\program files (x86)\empire of sports\networkdiagnostic.exe | 
"{9889B0FB-DB3B-49BC-A810-25F97992EC46}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orb.exe | 
"{9FAC6B9C-4CFA-4052-A8DC-47C1AAC42813}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{A4AB7126-2277-4288-B2A6-1931504400CA}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{AF64169F-BAF3-4C82-B531-C44972A0BBC8}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbtray.exe | 
"{C8411ED6-A556-4B7E-96FD-5B8E3B07A44A}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbir.exe | 
"{CCCC859D-83A3-4AAE-87EB-9E10904843AF}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbstreamerclient.exe | 
"{D02CE5A1-7F6F-4F3A-8229-8C7CE0A60E15}" = protocol=6 | dir=in | app=c:\program files (x86)\empire of sports\empireofsports.exe | 
"{E564F2D3-D399-4CD2-9637-BA88A86DEC10}" = protocol=17 | dir=in | app=c:\program files (x86)\empire of sports\empireofsports.exe | 
"{E98C47AD-48CE-46DC-B9B3-0A52D2E08A59}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{FC086C8A-F581-44E0-85EB-8268C8D600B7}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"TCP Query User{073C1560-0E4F-4916-B9EE-3E2F825D52C4}C:\moove\_adv.exe" = protocol=6 | dir=in | app=c:\moove\_adv.exe | 
"TCP Query User{076F0DC0-8795-40C8-8D2B-19764FD6624B}C:\program files (x86)\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veoh\veohclient.exe | 
"TCP Query User{09EC5466-91C1-41A1-94A0-4A27E79D0F84}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"TCP Query User{0AB187C2-CDE2-4616-8028-832ACA969D1A}C:\program files (x86)\concept design\onlinetv 5\onlinetv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\concept design\onlinetv 5\onlinetv.exe | 
"TCP Query User{169CFA40-0F43-497D-848A-A7F6EE10F024}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{16AA25B6-4350-49DD-95F9-DDF926855DC4}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{2CA310D1-58E9-4184-B351-AA690704EA2F}C:\program files (x86)\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files (x86)\zattoo\zattood.exe | 
"TCP Query User{43BA4B46-6225-44AA-A22B-DA7F3627A70E}C:\program files (x86)\winamp remote\bin\orbtray.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbtray.exe | 
"TCP Query User{69853193-CAC1-415D-BCCB-0FC799BE9457}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | 
"TCP Query User{72901FA4-3F94-46A5-856F-6F844D2200C4}C:\program files (x86)\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\secondlife\slvoice.exe | 
"TCP Query User{79C95E34-1A88-458A-B732-2E59F7782165}C:\program files (x86)\concept design\onlinetv 5\onlinetv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\concept design\onlinetv 5\onlinetv.exe | 
"TCP Query User{8FC04BF3-98B3-40E5-B696-982A76C4F3EA}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | 
"TCP Query User{BCF2F529-D3F1-4CA4-AA92-D0AA3D4E847A}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"TCP Query User{C0FA8216-C0AB-4F87-9EC1-9E06FF70EE70}C:\program files (x86)\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\secondlife\slvoice.exe | 
"TCP Query User{D6520A05-5330-487B-AB36-DEA38A817881}C:\program files (x86)\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veoh\veohclient.exe | 
"TCP Query User{E3F50860-D483-4CB2-A01A-4CF8B328DA5C}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"TCP Query User{F09C8792-3DBB-4F99-BE03-D6EE3CD834C8}C:\moove\_adv.exe" = protocol=6 | dir=in | app=c:\moove\_adv.exe | 
"UDP Query User{0177C6A4-5C4E-4F52-8FF3-36913243D0E3}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"UDP Query User{06FC21F5-E221-4BCB-B019-8D6108B27BCB}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | 
"UDP Query User{0C2730E9-8C54-41B8-BAC3-814CE6832039}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"UDP Query User{2E3AC077-9D72-46BF-9BE1-A9865DF8FDB9}C:\program files (x86)\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veoh\veohclient.exe | 
"UDP Query User{3F58E54A-0EF5-48E4-B089-D89075C5B893}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | 
"UDP Query User{953118E6-97AB-4E56-A59F-65B2DD57AEEB}C:\program files (x86)\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\secondlife\slvoice.exe | 
"UDP Query User{B1A949AE-3DD3-4F42-AAEA-6F6EFCBBC094}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"UDP Query User{B2F4E66D-A9FD-4E4A-B698-EADA3756F33E}C:\program files (x86)\concept design\onlinetv 5\onlinetv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\concept design\onlinetv 5\onlinetv.exe | 
"UDP Query User{C2A6887A-BC48-458B-A7BA-B4D2BBAE9872}C:\program files (x86)\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\secondlife\slvoice.exe | 
"UDP Query User{D398DE9B-727A-4900-9366-3FBAD17D4272}C:\program files (x86)\winamp remote\bin\orbtray.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbtray.exe | 
"UDP Query User{D49AA289-3F80-481E-9B63-C7A91487A333}C:\program files (x86)\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veoh\veohclient.exe | 
"UDP Query User{D4C36DC4-F1A2-4EC3-8634-8A4D0EFCAC3D}C:\program files (x86)\concept design\onlinetv 5\onlinetv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\concept design\onlinetv 5\onlinetv.exe | 
"UDP Query User{E21922C6-B48D-4CE4-9802-3EAEDE28557F}C:\moove\_adv.exe" = protocol=17 | dir=in | app=c:\moove\_adv.exe | 
"UDP Query User{E87A0F8C-BB30-4A6D-B744-6E7B1397167F}C:\program files (x86)\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files (x86)\zattoo\zattood.exe | 
"UDP Query User{F1358F35-F179-4522-901B-7CC30563CE38}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"UDP Query User{F58F5161-E778-42FA-B634-A2367B9FEF26}C:\moove\_adv.exe" = protocol=17 | dir=in | app=c:\moove\_adv.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{53EAA030-4FE6-0B32-DD63-1DB9C02AA917}" = ATI Catalyst Install Manager
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DBB09F04-CD3E-CDEC-F3C7-28046FD94657}" = ccc-utility64
"{F0A36649-873E-4832-A5F1-BF5DF8600BDB}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"OfficeTrial" = Testversion von Microsoft Office Home and Student 2007
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software  1.12.37.1
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0B9F567A-A261-9D33-96A9-2F3ED15EF253}" = Catalyst Control Center Localization Danish
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B1E9E78-17BC-330C-7457-EE02D4E446EB}" = Catalyst Control Center Localization Korean
"{1D4A0D1F-AAE6-17F6-3F36-62D354A60D8A}" = Catalyst Control Center Localization French
"{1E52A991-5CD6-C991-7A1C-C525A0ABC7C9}" = CCC Help Hungarian
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{2022EC97-F172-4A8A-82CF-C3469E5D4EC5}" = Julias Abenteuer im Reiterland
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{256E8498-F0A4-716E-1DE8-BFDEEB538E24}" = Catalyst Control Center Localization German
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 20
"{2B5AB43C-747C-EAE9-E13F-6F54EA4891DC}" = Catalyst Control Center Localization Polish
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2E4609A3-F5AF-4408-B0C4-B8B84BC753DF}" = Catalyst Control Center - Branding
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A5E395C-9A26-6391-A0F4-BF7C5A1AC93F}" = Catalyst Control Center Localization Thai
"{3B262C61-9057-5E9D-A116-01CC95FA42F7}" = CCC Help Greek
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3B79C31C-017E-330E-2F43-A4DAA30AE866}" = Catalyst Control Center Localization Russian
"{3CF26D05-B485-F5D7-55BB-630B3F79BD12}" = CCC Help Finnish
"{3D5A72E1-1467-4199-8CF6-12DA8D502A6B}" = Veoh Player
"{3E4A9B38-8CE5-BBA3-6B43-1894A8951115}" = Catalyst Control Center Graphics Previews Common
"{3E71F423-BF4B-5819-D4E1-97F637DDDE24}" = CCC Help Russian
"{3F233675-A6F7-603C-11EC-978C739E5816}" = Skins
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4214E948-8BDF-2C92-2D22-7F7E66328DD8}" = CCC Help Czech
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A22192C-9A13-335F-9B78-A98DA869DDBE}" = Catalyst Control Center Localization Norwegian
"{505B3FE0-6FDD-F678-99D8-6FB0DA772EEA}" = Catalyst Control Center Localization Chinese Traditional
"{52B56D73-A4A6-BEBF-8020-3EB6069BB1DA}" = CCC Help German
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{55D45808-2A62-2AB3-3007-F2B72C4F64C0}" = Catalyst Control Center Localization Hungarian
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65EF902A-353C-F427-B38F-F15E6ADA3A4A}" = CCC Help Polish
"{66791CBF-0EC8-6692-CF6C-9AB7B97EA1BB}" = CCC Help Turkish
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{67409EEC-0910-CB45-0D10-4F87D6098F95}" = CCC Help Japanese
"{688EC4E0-5A7A-E115-7994-3E70AB076AD6}" = ccc-core-static
"{6C5781D8-1D61-34DA-210A-288D4EA288B3}" = CCC Help Chinese Standard
"{6D93B7BA-8C2B-F378-89A2-652B78614BF9}" = Catalyst Control Center Localization Italian
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76827A9C-175C-80D0-D4AF-7BAFC34898CF}" = CCC Help Spanish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78706146-05DB-32C5-1AD7-4761441A345E}" = CCC Help Swedish
"{7880C3EC-BC24-DFF5-139B-E6F7FE67E14B}" = Catalyst Control Center Localization Spanish
"{7A88D6AF-5C96-065A-7CAE-6CE8FE2FBD08}" = Catalyst Control Center Localization Greek
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80554058-0D76-AC77-9C32-A1B9B0450E1D}" = Catalyst Control Center Localization Czech
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A261769-9640-4DB4-B877-3E00C61967F3}_is1" = concept/design onlineTV 5
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E1C2A13-FC30-739E-9446-73EA102370B5}" = Catalyst Control Center Core Implementation
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9160C033-28B2-3AC7-4B7B-8B25DE370CB7}" = Catalyst Control Center Localization Chinese Standard
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96FB7D0F-A1E7-7600-2D20-E1F67F1236C8}" = Catalyst Control Center Graphics Full Existing
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D7351FA-363A-EA0E-BC75-461A9A7B3BEF}" = Catalyst Control Center Localization Japanese
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A3FB2596-0947-ACFA-D8CB-69D9718C4E59}" = CCC Help Thai
"{A5C02A59-A29F-C1B7-D4F5-F4918E52B7F6}" = CCC Help Chinese Traditional
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.4 - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C792D09B-E005-8001-620C-89AD387376F8}" = CCC Help Danish
"{C833C7B6-1140-471D-932B-391B5CA66D7D}" = Digital Video
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC4F61E2-FA71-A7E3-1097-828154E72127}" = CCC Help Korean
"{CD5336D0-D366-F202-2F8C-7B5447458ECB}" = Catalyst Control Center Localization Finnish
"{CE0AD738-E5B4-8E5C-58B9-76C4B78DD5CA}" = CCC Help Italian
"{CECF842E-5A4B-9579-3A17-923C6C352065}" = Catalyst Control Center Graphics Previews Vista
"{D82082EB-8CA7-2804-3AD2-AB85C54534E9}" = Catalyst Control Center Localization Dutch
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E0810CC2-4B5B-4439-B1D0-452306AF2D64}" = HP Active Support Library
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1321911-8D73-AA22-9083-2B8FBD9C8CF0}" = CCC Help French
"{E1476612-02D6-42A3-BDC1-E292B4115738}" = HP Easy Setup - Frontend
"{E23DD36D-44A3-8167-2E56-73E5DB8F06BE}" = CCC Help Dutch
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E447158D-1AAA-5406-2AF6-0F250BE05321}" = Catalyst Control Center Localization Portuguese
"{E7F2FEA3-9C9D-CFCC-02F7-1442A7F370C3}" = CCC Help English
"{E9FD9E47-6614-9CF9-8205-D92959262C12}" = CCC Help Portuguese
"{EC337A47-4A6B-BC9C-E656-5D7C92657962}" = Catalyst Control Center Graphics Full New
"{EFA2328F-EE03-57D8-3EC0-A0F337BB21C9}" = CCC Help Norwegian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB2AE6E0-BBF6-6E36-6150-C24046CF4DF9}" = Catalyst Control Center Localization Turkish
"{FBBD5444-17D0-E955-2292-513E48091208}" = Catalyst Control Center Graphics Light
"{FD521AF1-AE27-4BAB-B042-D23403E19EA1}" = Catalyst Control Center Localization Swedish
"{FDDB69BB-2F9A-4830-A579-ABBB7C5AF9A8}" = muvee autoProducer 6.1
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EoS-{5CCCD423-F673-4CD8-9464-9D950F49BBC3}" = Empire of Sports 1.75
"ffdshow_is1" = ffdshow [rev 1692] [2007-12-09]
"Google Desktop" = Google Desktop
"ICQToolbar" = ICQ Toolbar
"InstallShield_{3D5A72E1-1467-4199-8CF6-12DA8D502A6B}" = Veoh Player
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"IrfanView" = IrfanView (remove only)
"king.com" = king.com (remove only)
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"OpenAL" = OpenAL
"Orb" = Winamp Remote
"PC-Doctor 5 for Windows" = Hardware Diagnose Tools
"RealPlayer 12.0" = RealPlayer
"SecondLife" = SecondLife (remove only)
"WildTangent hp Master Uninstall" = My HP Games
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"XnView_is1" = XnView 1.95.2
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Zattoo" = Zattoo 3.3.4 Beta
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 24.04.2010 22:37:06 | Computer Name = ***| Source = EventSystem | ID = 4621
Description = 
 
Error - 25.04.2010 07:11:04 | Computer Name = *** | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.04.2010 21:49:49 | Computer Name = *** | Source = EventSystem | ID = 4621
Description = 
 
Error - 26.04.2010 07:10:29 | Computer Name = *** | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.04.2010 08:08:49 | Computer Name = *** | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.04.2010 15:12:32 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18904, Zeitstempel
 0x4b835fec, fehlerhaftes Modul mgToolbarIE.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x4adc6cfd, Ausnahmecode 0xc0000005, Fehleroffset 0x05548910,  Prozess-ID 0x10b0,
 Anwendungsstartzeit 01cae605fc31e710.
 
Error - 28.04.2010 06:44:34 | Computer Name = *** | Source = WinMgmt | ID = 10
Description = 
 
Error - 28.04.2010 23:01:23 | Computer Name = *** | Source = WinMgmt | ID = 10
Description = 
 
Error - 28.04.2010 23:01:34 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18904, Zeitstempel
 0x4b835fec, fehlerhaftes Modul mgToolbarIE.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x4adc6cfd, Ausnahmecode 0xc0000005, Fehleroffset 0x05268910,  Prozess-ID 0x1398,
 Anwendungsstartzeit 01cae74832b34748.
 
Error - 29.04.2010 07:31:30 | Computer Name = *** | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 13.06.2010 07:02:02 | Computer Name = *** | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 14.06.2010 07:05:32 | Computer Name = ***| Source = Service Control Manager | ID = 7026
Description = 
 
Error - 14.06.2010 14:12:11 | Computer Name = *** | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 14.06.2010 14:48:42 | Computer Name = *** | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 14.06.2010 19:00:40 | Computer Name = *** | Source = DCOM | ID = 10016
Description = 
 
Error - 15.06.2010 07:12:56 | Computer Name = *** | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 19.06.2010 23:22:43 | Computer Name = ***| Source = DCOM | ID = 10016
Description = 
 
Error - 23.06.2010 08:49:36 | Computer Name = ***| Source = DCOM | ID = 10016
Description = 
 
Error - 23.06.2010 08:49:36 | Computer Name = *** | Source = DCOM | ID = 10016
Description = 
 
Error - 25.06.2010 20:31:42 | Computer Name =*** | Source = Service Control Manager | ID = 7043
Description = 
 
 
< End of report >
--- --- ---



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 08.07.2010 21:23:57 - Run 1
OTL by OldTimer - Version 3.2.8.1     Folder = C:\Users\Sammi\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584,50 Gb Total Space | 181,46 Gb Free Space | 31,05% Space Free | Partition Type: NTFS
Drive D: | 11,67 Gb Total Space | 1,57 Gb Free Space | 13,46% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: 
Current User Name: 
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files (x86)\Winamp\winampa.exe ()
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\ezsvc7.dll File not found
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (fsssvc) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (GoogleDesktopManager) -- C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira GmbH)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation                                            )
DRV:64bit: - (RTL8187B) -- C:\Windows\SysNative\DRIVERS\RTL8187B.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://t-online.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "hxxp://home.sweetim.com"
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "data:text/plain,keyword.URL=hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ffpro-nb&p="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.06.28 15:03:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.06.28 15:03:07 | 000,000,000 | ---D | M]
 
[2009.03.08 23:56:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.07.08 17:06:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\pc9e2to5.default\extensions
[2010.03.01 00:12:28 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\pc9e2to5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.03.01 00:12:28 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Sammi\AppData\Roaming\mozilla\Firefox\Profiles\pc9e2to5.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009.03.08 23:57:41 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\mozilla\Firefox\Profiles\pc9e2to5.default\extensions\toolbar_extras@de.yahoo.com
[2009.11.24 01:53:22 | 000,003,915 | ---- | M] () -- C:\Users\\AppData\Roaming\Mozilla\FireFox\Profiles\pc9e2to5.default\searchplugins\sweetim.xml
[2010.06.02 13:54:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.06.02 13:54:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009.03.08 23:56:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\toolbar_extras@de.yahoo.com
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009.03.18 16:03:40 | 000,214,272 | ---- | M] (Midasplayer Ltd) -- C:\Program Files (x86)\mozilla firefox\plugins\npmidas.dll
[2010.06.28 15:03:05 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.06.28 15:03:05 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.06.28 15:03:05 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.06.28 15:03:05 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.06.28 15:03:05 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,736 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files (x86)\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler]  File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Orb] C:\Program Files (x86)\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Veoh] C:\Program Files (x86)\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: moove.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game12.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://tonline.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~2\Google\GOOGLE~2\GOEC62~1.DLL (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.07.08 21:19:42 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.06.26 02:30:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.06.26 02:30:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.06.26 02:29:21 | 000,000,000 | ---D | C] -- C:\c08452743fd7f655b5
[2010.06.24 03:01:14 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010.06.24 03:01:14 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010.06.24 03:01:14 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010.06.24 03:01:14 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010.06.24 03:01:14 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010.06.24 03:01:14 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010.06.24 03:01:14 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010.06.24 03:01:14 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010.06.23 14:55:45 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2010.06.23 14:55:45 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2010.06.23 14:55:45 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2010.06.23 14:55:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2010.06.10 03:54:17 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.06.10 03:54:17 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.06.10 03:54:17 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.06.10 03:54:17 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.06.10 03:54:13 | 002,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.06.10 03:54:12 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2010.06.10 03:54:12 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010.06.10 03:54:12 | 000,706,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.06.10 03:54:12 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.06.10 03:54:12 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2010.06.10 03:54:12 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010.06.10 03:54:11 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.06.10 03:54:11 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.06.10 03:54:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.06.10 03:54:11 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010.06.10 03:54:11 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.06.10 03:54:11 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2010.06.10 03:54:11 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010.06.10 03:54:11 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2010.06.10 03:54:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010.06.10 03:54:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2010.06.10 03:54:11 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2010.06.10 03:54:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010.06.10 03:54:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2010.06.10 03:54:11 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010.06.10 03:54:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.06.10 03:54:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.06.08 22:02:14 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Shisa
 
========== Files - Modified Within 30 Days ==========
 
[2010.07.08 21:24:27 | 006,029,312 | -HS- | M] () -- C:\Users\***\ntuser.dat
[2010.07.08 21:20:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.07.08 21:19:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.08 20:47:57 | 001,432,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.07.08 20:47:57 | 000,623,042 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.07.08 20:47:57 | 000,591,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.07.08 20:47:57 | 000,125,172 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.07.08 20:47:57 | 000,102,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.07.08 20:40:47 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.08 20:40:33 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.08 20:40:33 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.08 20:40:31 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.08 20:40:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.08 20:38:52 | 000,524,288 | -HS- | M] () -- C:\Users\***\ntuser.dat{55d50572-3e91-11df-8807-002215266ebe}.TMContainer00000000000000000001.regtrans-ms
[2010.07.08 20:38:52 | 000,065,536 | -HS- | M] () -- C:\Users\***\ntuser.dat{55d50572-3e91-11df-8807-002215266ebe}.TM.blf
[2010.07.08 20:38:42 | 003,293,631 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.07.08 04:15:38 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{70E131CE-8478-4A1A-A7ED-17404EC29A3B}.job
[2010.06.19 19:37:54 | 000,004,537 | ---- | M] () -- C:\Users\***\Desktop\Dokument.rtf
[2010.06.17 21:24:34 | 000,002,464 | ---- | M] () -- C:\Users\***\Desktop\kuchen.rtf
[2010.06.14 19:38:51 | 000,008,115 | ---- | M] () -- C:\Users\***\Desktop\GB.rtf
[2010.06.10 15:12:25 | 000,310,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2009.10.20 11:50:20 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.10.20 11:49:36 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.06 02:46:19 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2009.06.06 02:46:19 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll
[2009.06.06 02:46:19 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll
[2009.01.19 21:07:22 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.01.19 21:07:22 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008.09.15 23:58:53 | 000,091,072 | ---- | C] () -- C:\Windows\SysWow64\RoseCo2.dll
[2008.06.17 22:33:51 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008.06.17 22:33:51 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
 
========== LOP Check ==========
 
[2009.06.06 02:46:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\concept design
[2009.02.24 01:27:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\F4
[2009.02.05 23:38:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2008.11.05 00:40:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IrfanView
[2010.03.26 23:27:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PeerNetworking
[2009.06.21 03:44:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SecondLife
[2009.01.22 02:45:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Template
[2008.10.30 15:58:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinBatch
[2008.11.05 01:26:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\XnView
[2010.07.08 20:38:53 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.07.08 04:15:38 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{70E131CE-8478-4A1A-A7ED-17404EC29A3B}.job
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---

was kann ich tun? danke und liebe grüße

 

Themen zu HEUR/HTML.Malware - Heuristic
acroiehelper.dll, antivir, autorun, avgntflt.sys, avira, bho, c:\windows\system32\rundll32.exe, components, error, exe, firefox, flash player, format, google, home, home premium, iastor.sys, iexplore.exe, install.exe, intranet, location, logfile, media center, mozilla, oldtimer, otl.exe, plug-in, realtek, registry, rundll, saver, searchplugins, security, server, shell32.dll, shortcut, skype.exe, software, svchost.exe, sweetim, syswow64, tcp, udp, vista


« Explorer öffnet sich unaufgefordert mit Werbung und Wave Ton ist aus | rar-file entpackt, Trojaner entdeckt, bereits Schaden angerichtet? »


Ähnliche Themen: HEUR/HTML.Malware - Heuristic


  1. AntiVir hat Malware gefunden; HEUR/HTML.Malware
    Plagegeister aller Art und deren Bekämpfung - 17.12.2011 (3)
  2. HEUR/HTML.Maleware (heuristic) Firefox 12.2010
    Plagegeister aller Art und deren Bekämpfung - 10.01.2011 (18)
  3. HEUR/HTML.Malware [heuristic] !Anzeige beim Start von Mozilla
    Plagegeister aller Art und deren Bekämpfung - 27.10.2010 (5)
  4. HEUR/HTML.Malware - Heuristic ...
    Plagegeister aller Art und deren Bekämpfung - 10.07.2010 (1)
  5. HEUR/HTML.Malware von AV bei IE
    Plagegeister aller Art und deren Bekämpfung - 08.07.2010 (1)
  6. TR/Agent.AR,TR/Click.Klik,HEUR/HTML.Malware,HTML/Crypted.Gen, dwwin.exe, drwtsu32.exe
    Plagegeister aller Art und deren Bekämpfung - 25.05.2010 (1)
  7. werde Malware nicht los z.B. HEUR/HTML.Malware [heuristic
    Log-Analyse und Auswertung - 31.03.2010 (10)
  8. Virus oder unerwünschtes Programm 'HEUR/HTML.Malware' [heuristic]
    Plagegeister aller Art und deren Bekämpfung - 10.02.2010 (12)
  9. HEUR/HTML.Malware
    Plagegeister aller Art und deren Bekämpfung - 20.11.2009 (28)
  10. TR/Rootkit.Gen & HTML/Infected.WebPage.Gen' & HEUR/HTML.Malware gefunden
    Log-Analyse und Auswertung - 25.06.2009 (31)
  11. 'HEUR/Malware' [heuristic]
    Antiviren-, Firewall- und andere Schutzprogramme - 19.04.2009 (24)
  12. EXP/ASF.GetCodec.Gen,HEUR/HTML.Malware,TR/Dropper.Gen,HEUR/HTML.Malware
    Plagegeister aller Art und deren Bekämpfung - 10.04.2009 (17)
  13. HEUR/HTML.Malware - Heuristic
    Log-Analyse und Auswertung - 07.04.2009 (2)
  14. HEUR/HTML.Malware
    Plagegeister aller Art und deren Bekämpfung - 19.01.2009 (1)
  15. HEUR/HTML.Malware' [heuristic] HILFE !!
    Plagegeister aller Art und deren Bekämpfung - 05.09.2008 (6)
  16. seit 29.6 bei neustart immer 'HEUR/Malware' [heuristic] von antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.07.2008 (5)
  17. Heur/HTML Malware
    Log-Analyse und Auswertung - 28.05.2008 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema HEUR/HTML.Malware - Heuristic - hallo zusammen, bin gerade neu hier gelandet und hoffe auf eure hilfe! hatte wegen dem HEUR/HTML.Malware - Heuristic schon nachgelesen und mir dann auch von hier die empfohlene OTL exe - HEUR/HTML.Malware - Heuristic...
Archiv
Du betrachtest: HEUR/HTML.Malware - Heuristic auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129