Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Probleme beim Starten von Programmen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 04.01.2011, 15:31   #1
windytroy
 
Probleme beim Starten von Programmen - Standard

Probleme beim Starten von Programmen



Hallo zusammen,

habe Windows 7 RC (64 bit) auf meinem Rechner installiert. Ich habe folgendes Problem:

Einige Programme (u. a. Google Chrome und Thunderbird) starten nur sehr verzögert (erst nach ca. 30 Sekunden) und benötigen viel längere Ladezeiten als zuvor. Starte ich diese beiden Programme direkt mit Autostart, bauen sich die Seiten schnell auf. Sobald ich die Programme jedoch beende, dauert der Neustart der Programme wieder extrem lang. Habe schon nach Syware/Malware/Viren gesucht, allerdings ohne Erfolg. Zuletzt installierte Programme (DIVX WebPlayer) habe ich ebenfalls wieder entfernt.

Meine Systemdaten: Win7 (64bit)
Prozessor: Pentium (R) Dual-Core-CPU T440@2.2GHz
Grafikkarte: ATI Raedon HD4570 512MB
Arbeitsspeicher: 4,00GB (RAM)

--- Hijack This Logfile ---

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:14:13, on 04.01.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe
C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Users\Benutzer\Downloads\HiJackThis204.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACEW&l=0407&m=aspire_5732z&r=27361110l735l03d4z1k5t5902c340
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACEW&l=0407&m=aspire_5732z&r=27361110l735l03d4z1k5t5902c340
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACEW&l=0407&m=aspire_5732z&r=27361110l735l03d4z1k5t5902c340
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: # Copyright (c) 1993-2009 Microsoft Corp.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - Startup: Google Chrome.lnk = Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: Mozilla Thunderbird.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Benutzer\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O20 - AppInit_DLLs: prio32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Prio Service (prio_svc) - Unknown owner - C:\Program Files\Prio\prio_svc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9024 bytes


Außerdem habe ich mein System - wie in den Anleitungen empfohlen - mit Antimalware gescannt. Ebenfalls ohne Ergebnis:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5457

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

04.01.2011 16:08:39
mbam-log-2011-01-04 (16-08-39).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 150563
Laufzeit: 9 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

---

Hat jemand eine Erklärung, woran es liegen kann, dass die beiden Programme auf einmal so langsam laufen? Besten Dank für Euere Hilfe!

Alt 04.01.2011, 16:25   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme beim Starten von Programmen - Standard

Probleme beim Starten von Programmen



Zitat:
Art des Suchlaufs: Quick-Scan

Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________

__________________

Alt 04.01.2011, 17:58   #3
windytroy
 
Probleme beim Starten von Programmen - Standard

Probleme beim Starten von Programmen



Vielen Dank für die schnelle Antwort. Habe nun eine vollständige Überprüfung mit Malewarebytes durchgeführt und die dabei gefundene eine infizierte Datei entfernt. Nach dem Neustart des Systems ist das Problem aber nach wie vor nicht behoben.

Hier das Log aus dem vollständigen Scan:

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Datenbank Version: 5457

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

04.01.2011 18:44:11
mbam-log-2011-01-04 (18-44-05).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 271391
Laufzeit: 1 Stunde(n), 5 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Windows\winsxs\x86_microsoft-windows-bits-bitsadmin_31bf3856ad364e35_6.1.7600.16385_none_4ce7e7256dbfa16f\bitsadmin.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.

______________________________________________________________________

Habe mein System außerdem mit OTL gescannt. Hier das Ergebnis:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04.01.2011 16:39:15 - Run 1
OTL by OldTimer - Version 3.2.20.1     Folder = C:\Users\Benutzer\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,66 Gb Total Space | 401,23 Gb Free Space | 88,44% Space Free | Partition Type: NTFS
 
Computer Name: HeimPC | User Name: ************ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}" = Panda Cloud Antivirus
"{738E4E18-C4FB-8948-9779-A6857A677E51}" = ccc-utility64
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A4404CD3-561D-6B14-ECDA-69AB1BC6A5BC}" = ATI Catalyst Install Manager
"{A7EEF79E-06B2-4382-9D2E-39DBA0F72D50}" = Eraser 6.0.8.2273
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{DDA8FE2D-EA67-194C-D6A5-F52BC4FDA20F}" = ATI AVIVO64 Codecs
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{f45b48a7-f616-4211-b927-17cab6a96613}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client DE-DE Language Pack
"CCleaner" = CCleaner
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Prio" = Prio
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00C91FFD-66F7-7599-27A4-2158E063DE8B}" = Catalyst Control Center Graphics Full New
"{0151E7E3-E236-F8FA-1B1E-4116E848AA80}" = Catalyst Control Center Graphics Full Existing
"{09A1B02F-7814-E662-098A-0AE641A5DFFD}" = Catalyst Control Center Localization All
"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.2 Build #3159 Banner Remover 1.0
"{176CFC97-0619-63F5-216F-DA91DF5C180C}" = CCC Help Thai
"{178EF55D-51F6-62EC-A25F-C7CB3FB375B8}" = CCC Help Dutch
"{1AB7AB77-6AF0-8349-CDAA-0BB7BD5AD57C}" = CCC Help Chinese Standard
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2EAE344E-F3FB-967E-51B5-EF1697364D91}" = CCC Help Russian
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3548CAD1-45FB-72E9-7C5B-3F50FB42E2D2}" = CCC Help Italian
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50A9A489-68FB-17EB-5EC7-44F55E5E3FCD}" = Catalyst Control Center Graphics Previews Vista
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58AE1219-4CF0-7920-A8D9-204AE4291B6B}" = CCC Help Finnish
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F4D7F9D-E36B-4E3C-A11C-DB365E676232}" = CCC Help Polish
"{654304D2-7FDB-5A2C-84AD-8253AD4B47A1}" = ccc-core-static
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FBDE9F-3A0C-CDD7-36D4-348B71363A7C}" = Catalyst Control Center InstallProxy
"{6A4B388A-C460-9371-A401-272BED1BC785}" = CCC Help Danish
"{6BC06531-C06B-0637-6868-DFC30D297ECF}" = CCC Help Swedish
"{6DEF8F72-0510-2265-3C1B-3D72DBFF6CCA}" = CCC Help Spanish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7F446B99-7355-05E0-B9DA-580993D79E0C}" = CCC Help Turkish
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.20
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92D9E57D-73A5-4329-9888-FBBC16ED8944}_is1" = UN.CO.VER. 2.0
"{9C17B3F0-577B-538D-DB8C-40197D03FAD4}" = CCC Help Japanese
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.1 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B191AED2-AF18-3195-44AF-5D60A8F52DB7}" = CCC Help Chinese Traditional
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B95EBC95-B7CF-D326-EB73-AA1E33D1A31E}" = CCC Help French
"{BAF19BB1-7716-4F37-5C47-E9DD9A70BC0F}" = Catalyst Control Center InstallProxy
"{BD136CE7-6666-4273-A056-8D92F8625AAB}" = Sun ODF Plugin for Microsoft Office 3.2
"{BD243CE6-93CC-1284-4A90-90EA06B19FFB}" = CCC Help Greek
"{BE627CA2-AB0E-275B-FCEF-6FBDE4AB1124}" = CCC Help German
"{C24B5777-DA09-50F7-79EF-E26E53D1559A}" = CCC Help English
"{C77E500C-FB0C-D423-991B-3FE5B24AAA80}" = CCC Help Norwegian
"{CABAE860-68A5-0ACE-46FE-DF8B40DAD5BD}" = CCC Help Hungarian
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB7B4260-0E23-4444-8376-1D3E74F421D8}_is1" = ScanToPDF 4.1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D215ED58-928A-C704-C104-F3333A429336}" = Catalyst Control Center Core Implementation
"{D7437092-E534-46A5-895B-94FC627139B6}" = COMPUTERBILD-Abzockschutz
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EA3A9E2A-6D28-9D91-E65F-0C5978100D3F}" = Catalyst Control Center Graphics Light
"{EE10D76C-39B7-40A8-A24C-1BEEACBED160}" = Catalyst Control Center - Branding
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = eMachines Updater
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F19CD3A3-21ED-90AA-E57B-1E54D44EF874}" = CCC Help Portuguese
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FB08F5BF-8B35-CA7F-2C6C-4C7875EFF8C8}" = CCC Help Korean
"{FEFB7AF2-FFD6-6ED1-7749-6F998A22A2B7}" = CCC Help Czech
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.4
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"avast5" = avast! Free Antivirus
"EatCam Webcam Recorder 5.0 for MSN_is1" = EatCam Webcam Recorder 5.0 for MSN
"eMachines Registration" = eMachines Registration
"eMachines Screensaver" = eMachines ScreenSaver
"eMachines Welcome Center" = Welcome Center
"Foxit Reader" = Foxit Reader
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free RAR Extract Frog" = Free RAR Extract Frog
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"FreeHideIP" = Free Hide IP
"Glary Utilities_is1" = Glary Utilities 2.30.0.1066
"Identity Card" = Identity Card
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"PC SECURITY TEST 2009_is1" = PC SECURITY TEST 2009
"Pidgin" = Pidgin
"Polipo" = Polipo 1.0.4.1
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"RealPlayer 12.0" = RealPlayer
"Secunia PSI" = Secunia PSI (2.0.0.1003)
"TextMaker Viewer" = TextMaker Viewer
"Tor" = Tor 0.2.1.26
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.9.0
"Vidalia" = Vidalia 0.2.9
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---
______________________________________________________________________OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.01.2011 16:39:15 - Run 1
OTL by OldTimer - Version 3.2.20.1     Folder = C:\Users\Benutzer\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,66 Gb Total Space | 401,23 Gb Free Space | 88,44% Space Free | Partition Type: NTFS
 
Computer Name: HeimPC | User Name: ************ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.01.04 16:38:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Benutzer\Downloads\OTL.exe
PRC - [2010.12.31 21:06:35 | 003,395,600 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.12.31 21:06:34 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.12.21 13:04:30 | 000,987,704 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe
PRC - [2010.12.09 00:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010.12.07 21:24:12 | 012,584,112 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2010.12.03 10:05:32 | 001,389,400 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010.12.03 10:05:32 | 000,930,032 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010.08.09 13:53:18 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2010.05.25 20:10:34 | 005,475,403 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
PRC - [2010.05.17 15:57:18 | 002,162,176 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe
PRC - [2010.05.14 14:06:30 | 000,406,848 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2010.02.01 01:45:22 | 000,181,248 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe
PRC - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
PRC - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\eMachines\eMachines Updater\UpdaterService.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.01.04 16:38:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Benutzer\Downloads\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010.07.28 16:36:30 | 000,010,960 | ---- | M] (O&K Software) -- C:\Programme\Prio\prio32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.12.31 21:06:34 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010.12.31 21:06:34 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010.12.31 21:06:34 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.11.11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010.11.11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2000.01.01 01:00:00 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.12.21 13:04:30 | 000,987,704 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2010.12.03 10:05:32 | 001,389,400 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010.08.09 13:53:18 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010.07.28 16:37:16 | 000,009,936 | ---- | M] () [Auto | Running] -- C:\Programme\Prio\prio_svc.exe -- (prio_svc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.08.25 18:38:06 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.08.24 22:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [Disabled | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS)
SRV - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\eMachines\eMachines Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007.01.11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2010.12.11 13:30:11 | 000,013,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2010.12.03 10:05:34 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010.10.24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010.09.07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010.09.01 09:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010.07.21 21:04:22 | 000,128,072 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt)
DRV:64bit: - [2010.07.21 21:04:20 | 000,114,760 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile)
DRV:64bit: - [2010.06.17 12:41:18 | 000,149,576 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)
DRV:64bit: - [2010.05.27 17:39:38 | 000,158,280 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt)
DRV:64bit: - [2010.04.30 12:47:00 | 000,121,864 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc)
DRV:64bit: - [2010.04.26 04:41:20 | 001,606,504 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.10.22 12:54:24 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\85803052.sys -- (85803052)
DRV:64bit: - [2009.10.09 22:30:56 | 000,352,784 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\8580305.sys -- (de_cleaner_kasperskydrv)
DRV:64bit: - [2009.09.25 16:59:46 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\85803051.sys -- (85803051)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.22 15:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2000.01.01 01:00:00 | 006,369,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2000.01.01 01:00:00 | 006,369,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2000.01.01 01:00:00 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.12.03 10:05:35 | 000,017,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACEW&l=0407&m=aspire_5732z&r=27361110l735l03d4z1k5t5902c340
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACEW&l=0407&m=aspire_5732z&r=27361110l735l03d4z1k5t5902c340
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACEW&l=0407&m=aspire_5732z&r=27361110l735l03d4z1k5t5902c340
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACEW&l=0407&m=aspire_5732z&r=27361110l735l03d4z1k5t5902c340
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACEW&l=0407&m=aspire_5732z&r=27361110l735l03d4z1k5t5902c340
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: Office2007Black@JBBS:1.5.7
 
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.01.03 20:57:38 | 000,000,000 | ---D | M]
 
[2011.01.03 20:55:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Extensions
[2010.11.21 19:45:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.12.12 00:12:58 | 000,000,000 | ---D | M] (German Dictionary) -- C:\USERS\Benutzer\APPDATA\ROAMING\THUNDERBIRD\PROFILES\ZTV3MGO6.DEFAULT\EXTENSIONS\DE-DE@DICTIONARIES.ADDONS.MOZILLA.ORG
[2010.12.12 00:12:58 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\USERS\Benutzer\APPDATA\ROAMING\THUNDERBIRD\PROFILES\ZTV3MGO6.DEFAULT\EXTENSIONS\EN-GB@DICTIONARIES.ADDONS.MOZILLA.ORG
 
O1 HOSTS File: ([2010.12.30 00:00:59 | 000,428,640 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 im.adtech.de
O1 - Hosts: 127.0.0.1 adserver.adtech.de
O1 - Hosts: 127.0.0.1 adtech.de
O1 - Hosts: 127.0.0.1 atwola.com
O1 - Hosts: 127.0.0.1 adserver.71i.de
O1 - Hosts: 127.0.0.1 adicqserver.71i.de
O1 - Hosts: 127.0.0.1 71i.de
O1 - Hosts: 127.0.0.1	007guard.com - 007guard and Free Antivirus
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 14756 more lines...
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PSUNMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chrome.lnk = C:\Users\Benutzer\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Benutzer\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Benutzer\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (prio.dll) - C:\Program Files\Prio\prio.dll (O&K Software)
O20 - AppInit_DLLs: (prio32.dll) - C:\Program Files\Prio\prio32.dll (O&K Software)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.01.04 15:58:22 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Malwarebytes
[2011.01.04 15:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.01.04 15:58:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.01.04 15:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.01.04 15:58:04 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.01.04 15:58:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.01.03 23:54:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.01.03 14:42:35 | 000,000,000 | ---D | C] -- C:\Programme\Prio
[2011.01.02 18:27:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.01.02 18:25:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.01.02 18:25:26 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\Apple
[2011.01.02 18:25:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.01.02 17:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2011.01.02 17:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011.01.02 13:12:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Player
[2011.01.01 22:41:14 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Local
[2011.01.01 22:40:54 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\DivX
[2011.01.01 22:40:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011.01.01 22:40:12 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2011.01.01 22:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.12.31 01:51:37 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\FreeHideIP
[2010.12.31 01:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Hide IP
[2010.12.31 01:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeHideIP
[2010.12.31 01:03:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2010.12.31 01:03:10 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2010.12.28 16:59:45 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\AntiBrowserSpy 2009
[2010.12.28 16:54:21 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\Abelssoft
[2010.12.28 10:59:24 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\Secunia PSI
[2010.12.28 10:59:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2010.12.26 22:22:30 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\PremeforWindows7
[2010.12.25 23:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2010.12.24 19:42:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities
[2010.12.24 19:42:05 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\TuneUp Software
[2010.12.24 19:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010.12.24 19:40:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.12.23 18:06:43 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\gtk-2.0
[2010.12.23 16:42:43 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Ashampoo
[2010.12.23 16:40:54 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\ashampoo
[2010.12.22 23:25:51 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\.purple
[2010.12.22 23:25:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin
[2010.12.21 13:02:36 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.12.21 13:02:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.12.21 13:02:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.12.19 00:49:20 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Documents\UNCOVER FILES
[2010.12.19 00:49:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UN.CO.VER
[2010.12.19 00:49:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UN.CO.VER
[2010.12.14 23:57:06 | 000,000,000 | -H-D | C] -- C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
[2010.12.14 23:33:09 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.12.14 23:33:08 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.12.14 23:33:08 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.12.14 23:33:08 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.12.14 23:33:08 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.12.14 23:33:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.12.14 23:33:08 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010.12.14 23:33:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.12.14 23:33:08 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010.12.14 23:33:08 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.12.14 23:33:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.12.14 23:33:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.12.14 23:33:07 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010.12.14 23:33:07 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.12.14 23:31:31 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2010.12.14 23:31:30 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2010.12.14 23:31:30 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2010.12.14 23:31:30 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2010.12.14 23:31:30 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2010.12.14 23:31:30 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2010.12.14 23:31:30 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2010.12.14 23:31:30 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2010.12.14 23:31:09 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2010.12.14 23:31:09 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2010.12.14 23:31:07 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.12.14 23:31:07 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.12.14 23:31:07 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.12.14 23:31:07 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.12.14 23:29:49 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2010.12.14 19:52:17 | 000,065,536 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\vbalProgBar6.ocx
[2010.12.14 19:52:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\zoho
[2010.12.14 19:49:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.12.14 19:45:59 | 000,040,464 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\85803052.sys
[2010.12.14 19:45:58 | 000,352,784 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\8580305.sys
[2010.12.14 19:45:58 | 000,157,712 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\85803051.sys
[2010.12.12 22:47:37 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Hunspell
[2010.12.11 19:36:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2010.12.11 13:13:37 | 001,606,504 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2010.12.11 13:13:37 | 001,606,504 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2010.12.11 13:13:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2010.12.11 13:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2010.12.11 13:07:49 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\InstallShield
[2010.12.11 12:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.12.11 12:44:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2010.12.11 12:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2010.12.11 12:41:39 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ATI Technologies
[2010.12.11 12:40:15 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010.12.11 12:40:14 | 018,798,080 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2010.12.11 12:40:14 | 014,225,920 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2010.12.11 12:40:14 | 006,369,792 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atipmdag.sys
[2010.12.11 12:40:14 | 006,369,792 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2010.12.11 12:40:14 | 004,795,904 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2010.12.11 12:40:14 | 004,781,568 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2010.12.11 12:40:14 | 003,701,248 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2010.12.11 12:40:14 | 003,657,728 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2010.12.11 12:40:14 | 003,122,176 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2010.12.11 12:40:14 | 002,995,200 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2010.12.11 12:40:14 | 002,719,232 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2010.12.11 12:40:14 | 000,497,152 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2010.12.11 12:40:14 | 000,450,560 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2010.12.11 12:40:14 | 000,446,464 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2010.12.11 12:40:14 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2010.12.11 12:40:14 | 000,420,864 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010.12.11 12:40:14 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010.12.11 12:40:14 | 000,327,680 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2010.12.11 12:40:14 | 000,233,472 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2010.12.11 12:40:14 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2010.12.11 12:40:14 | 000,188,928 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2010.12.11 12:40:14 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2010.12.11 12:40:14 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010.12.11 12:40:14 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010.12.11 12:40:14 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2010.12.11 12:40:14 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2010.12.11 12:40:14 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2010.12.11 12:40:14 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2010.12.11 12:40:14 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2010.12.11 12:40:14 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2010.12.11 12:40:14 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2010.12.11 12:40:14 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2010.12.11 12:40:14 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010.12.11 12:40:14 | 000,043,008 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2010.12.11 12:40:14 | 000,039,936 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2010.12.11 12:40:14 | 000,036,352 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2010.12.11 12:40:14 | 000,028,160 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2010.12.11 12:40:14 | 000,027,648 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2010.12.11 12:40:14 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2010.12.11 12:40:14 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2010.12.11 12:40:14 | 000,015,360 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2010.12.11 12:40:14 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2010.12.11 12:40:14 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2010.12.11 12:40:14 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2010.12.11 12:40:14 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010.12.11 12:40:05 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2010.12.11 12:00:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2010.12.11 11:49:31 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2010.12.11 11:49:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2010.12.11 11:46:23 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\SlimWare Utilities Inc
[2010.12.11 11:29:36 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\X-Setup Pro
[2010.12.11 11:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\X-Setup Pro
[2010.12.11 11:24:05 | 000,000,000 | ---D | C] -- C:\Neuer Ordner
[2010.12.11 02:25:45 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Documents\DriverGenius
[2010.12.11 01:38:45 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\GlarySoft
[2010.12.11 01:35:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2010.12.11 01:35:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2010.12.10 13:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2010.12.10 13:28:20 | 000,008,704 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2010.12.10 13:28:19 | 000,108,032 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMCDE.DLL
[2010.12.10 13:28:19 | 000,081,408 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBCDE.DLL
[2010.12.10 01:57:14 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\Cooliris
[2010.12.09 21:10:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2010.12.09 15:36:23 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010.12.09 15:29:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2010.12.09 15:28:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2010.12.09 11:41:03 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Panda Security
[2010.12.09 11:40:46 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\SurfSecret Privacy Suite
[2010.12.09 11:40:39 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\panda2_0dn
[2010.12.09 11:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
[2010.12.09 01:35:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2010.12.09 01:35:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2010.12.08 23:08:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Franzis
[2009.10.29 07:09:09 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.01.04 16:37:57 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.04 16:37:57 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.04 15:16:10 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.01.04 15:13:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.04 15:13:46 | 3219,632,128 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.04 11:50:38 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011.01.04 11:07:02 | 000,001,162 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1172208963-223547014-3153833245-1001UA.job
[2011.01.03 20:57:59 | 000,002,035 | ---- | M] () -- C:\Users\Benutzer\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2011.01.03 20:57:59 | 000,002,029 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
[2011.01.03 17:55:48 | 000,002,469 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chrome.lnk
[2011.01.03 16:50:26 | 000,000,132 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\prio.ini
[2011.01.02 17:24:21 | 000,121,856 | ---- | M] (Kristal Studio) -- C:\Windows\SysWow64\Mp3cnfg.cpl
[2011.01.02 17:24:21 | 000,019,456 | ---- | M] (Kristal Studio) -- C:\Windows\SysWow64\Mp3cnfg.exe
[2011.01.01 02:36:09 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1172208963-223547014-3153833245-1001Core.job
[2010.12.31 21:06:36 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.12.31 21:06:33 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010.12.31 16:31:49 | 001,505,034 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.12.31 16:31:49 | 000,656,266 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.12.31 16:31:49 | 000,618,108 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.12.31 16:31:49 | 000,131,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.12.31 16:31:49 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.12.31 01:51:28 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\Free Hide IP.lnk
[2010.12.31 01:04:27 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2010.12.31 01:03:54 | 001,526,948 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.30 00:00:59 | 000,428,640 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.12.28 17:09:56 | 000,428,578 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20101230-000059.backup
[2010.12.28 10:59:22 | 000,000,218 | ---- | M] () -- C:\Users\Benutzer\.recently-used.xbel
[2010.12.28 02:34:05 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2010.12.22 11:43:07 | 000,000,426 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.12.15 19:14:17 | 000,427,911 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20101224-200325.backup
[2010.12.14 23:44:46 | 000,301,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.12.11 13:30:11 | 000,013,920 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2010.12.09 16:38:28 | 000,427,167 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20101215-191417.backup
[2010.12.09 15:29:40 | 000,001,178 | ---- | M] () -- C:\Users\Benutzer\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010.12.09 11:40:17 | 000,000,276 | ---- | M] () -- C:\Windows\SysNative\PSUNCpl.dat
[2010.12.08 21:34:08 | 037,366,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.01.03 17:55:48 | 000,002,469 | ---- | C] () -- C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chrome.lnk
[2011.01.03 14:43:09 | 000,000,132 | ---- | C] () -- C:\Users\Benutzer\AppData\Roaming\prio.ini
[2011.01.02 17:44:42 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010.12.31 01:51:28 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\Free Hide IP.lnk
[2010.12.31 01:03:54 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.31 01:02:29 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2010.12.28 10:59:22 | 000,000,218 | ---- | C] () -- C:\Users\Benutzer\.recently-used.xbel
[2010.12.28 02:34:05 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2010.12.11 13:13:37 | 000,335,474 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2010.12.11 13:13:37 | 000,053,946 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2010.12.11 12:40:14 | 000,511,072 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2010.12.11 12:40:14 | 000,511,072 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2010.12.11 12:40:14 | 000,200,828 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2010.12.11 12:40:14 | 000,031,960 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2010.12.11 12:40:14 | 000,020,692 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.12.11 12:40:14 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.12.11 12:40:14 | 000,001,105 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2010.12.11 11:46:27 | 000,013,920 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2010.12.11 01:35:46 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2010.12.10 00:13:13 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2010.12.09 15:29:40 | 000,001,178 | ---- | C] () -- C:\Users\Benutzer\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010.12.09 11:40:17 | 000,000,276 | ---- | C] () -- C:\Windows\SysNative\PSUNCpl.dat
[2010.11.26 00:41:38 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010.11.21 20:29:30 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.11.21 19:53:41 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.11.05 21:08:17 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.11.05 21:07:48 | 013,852,672 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.02.09 19:59:51 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.12.08 08:39:40 | 000,005,430 | ---- | C] () -- C:\Users\Benutzer\AppData\Roaming\Untitled-32.ico
[2009.11.03 05:32:49 | 000,008,415 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log
[2009.10.29 07:08:47 | 000,157,442 | ---- | C] () -- C:\Program Files (x86)\Common Files\emachines.ico
[2009.09.27 14:02:18 | 000,104,018 | ---- | C] () -- C:\Users\Benutzer\AppData\Roaming\PremeSplashScreen.jpg
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== LOP Check ==========
 
[2011.01.03 23:50:25 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\.purple
[2010.12.28 16:59:45 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\AntiBrowserSpy 2009
[2010.12.23 16:42:52 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Ashampoo
[2010.11.25 17:41:34 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Auslogics
[2010.11.25 17:31:47 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\AVG10
[2010.11.21 23:49:35 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Canneverbe Limited
[2010.11.27 20:30:59 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2010.11.21 23:37:06 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.11.23 13:29:40 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Foxit Software
[2011.01.02 17:39:54 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\FreeHideIP
[2010.12.11 01:38:45 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\GlarySoft
[2010.12.28 10:53:47 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\gtk-2.0
[2010.11.22 21:04:58 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Gutscheinmieze
[2010.12.12 22:47:37 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Hunspell
[2011.01.03 23:23:30 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\ICQ
[2011.01.01 22:41:14 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Local
[2010.11.21 19:06:48 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Miranda
[2010.12.09 11:41:03 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Panda Security
[2010.11.23 20:56:09 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Philipp Winterberg
[2011.01.02 17:39:54 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\PremeforWindows7
[2010.11.21 19:15:25 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\QIP
[2010.11.28 00:25:23 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\QuickScan
[2010.11.22 22:58:14 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\ScanToPDF_4
[2010.11.22 21:41:24 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\SmartTools
[2010.12.09 11:40:46 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\SurfSecret Privacy Suite
[2010.11.21 19:45:42 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Thunderbird
[2010.12.24 19:42:05 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\TuneUp Software
[2010.12.11 11:29:36 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\X-Setup Pro
[2011.01.04 15:16:10 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011.01.04 11:50:38 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2010.12.19 08:37:59 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:07BF512B
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:C31F31E6

< End of report >
         
--- --- ---
__________________

Alt 04.01.2011, 17:58   #4
windytroy
 
Probleme beim Starten von Programmen - Standard

Probleme beim Starten von Programmen



Den CC-Cleaner nutze ich übrigens auch bereits - auch hierdurch keine Verbesserung.

Geändert von windytroy (04.01.2011 um 18:06 Uhr)

Alt 04.01.2011, 19:44   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme beim Starten von Programmen - Standard

Probleme beim Starten von Programmen



Unauffällig. Weiß du noch seit wann genau das Problem da ist und wodurch es aufgetreten sein könnte?

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.01.2011, 19:53   #6
windytroy
 
Probleme beim Starten von Programmen - Standard

Probleme beim Starten von Programmen



Nein...da wäre mir auch sehr geholfen. Habe schon mehrfach die Systemwiederherstellung versucht, die aber auch nicht funktioniert. Will nur eine komplette Neuinstallation des Systems vermeiden, da das erfahrungsgemäß ewig dauert...

Antwort

Themen zu Probleme beim Starten von Programmen
ad-aware, adobe, antivirus, avast, avast!, bho, cloud, converter, emachines, excel, explorer, google, google chrome, hijack, hijack this, hijackthis, internet, internet explorer, langsam, logfile, mozilla, mozilla thunderbird, mp3, problem, probleme beim starten, programdata, safer networking, secunia psi, security, sekunden, software, starten, syswow64, windows



Ähnliche Themen: Probleme beim Starten von Programmen


  1. Anwendungsfehler beim Hochfahren und Starten von Programmen
    Alles rund um Windows - 01.05.2015 (1)
  2. Schwarzer bildschirm beim starten von programmen etc.
    Plagegeister aller Art und deren Bekämpfung - 11.10.2013 (11)
  3. Problem beim starten: x86/Home Tab/Tb updater.dll, Modul nicht gefunden. Zusätzlich Probleme beim Herunterfahren
    Log-Analyse und Auswertung - 12.09.2013 (15)
  4. Probleme beim starten des PCs. Virusfunde
    Plagegeister aller Art und deren Bekämpfung - 28.08.2013 (11)
  5. Probleme beim XP starten
    Plagegeister aller Art und deren Bekämpfung - 21.03.2013 (2)
  6. Probleme beim Starten - g7i0ol_kaz.exe
    Plagegeister aller Art und deren Bekämpfung - 13.08.2012 (19)
  7. Probleme beim Öffnen und Installieren von Programmen
    Log-Analyse und Auswertung - 27.10.2011 (5)
  8. Kein Sound mehr aus dem internen Lautsprecher + Einfrieren beim Starten von Programmen (wie Steam)
    Plagegeister aller Art und deren Bekämpfung - 16.03.2011 (1)
  9. Probleme beim starten von sshnas21.dll
    Plagegeister aller Art und deren Bekämpfung - 22.07.2010 (2)
  10. System Hängt beim Starten von Programmen
    Log-Analyse und Auswertung - 12.03.2009 (16)
  11. PC lahmt bei Hochfahren und beim Starten von Programmen
    Plagegeister aller Art und deren Bekämpfung - 08.03.2009 (11)
  12. Probleme beim installieren und starten von Programmen
    Log-Analyse und Auswertung - 12.05.2008 (2)
  13. Probleme beim starten!
    Log-Analyse und Auswertung - 08.03.2008 (1)
  14. Bluescreens beim Starten von größeren Programmen
    Alles rund um Windows - 04.03.2008 (26)
  15. Probleme beim Starten
    Log-Analyse und Auswertung - 11.03.2007 (2)
  16. PC startet immer neu beim starten von bestimmten programmen
    Log-Analyse und Auswertung - 04.03.2007 (2)
  17. Probleme beim starten und runterfahren...
    Plagegeister aller Art und deren Bekämpfung - 23.05.2006 (15)

Zum Thema Probleme beim Starten von Programmen - Hallo zusammen, habe Windows 7 RC (64 bit) auf meinem Rechner installiert. Ich habe folgendes Problem: Einige Programme (u. a. Google Chrome und Thunderbird) starten nur sehr verzögert (erst nach - Probleme beim Starten von Programmen...
Archiv
Du betrachtest: Probleme beim Starten von Programmen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.