Hallo,
hier ist schon ´mal die mbar-log:
Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org
Database version: v2013.04.05.04
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Besitzer :: BESITZER-PC [administrator]
05.04.2013 12:58:37
mbar-log-2013-04-05 (12-58-37).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 27905
Time elapsed: 7 minute(s), 24 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
c:\Users\Besitzer\Downloads\SoftonicDownloader_fuer_aqsis-renderer.exe (PUP.OfferBundler.ST) -> Delete on reboot.
c:\Users\Besitzer\Downloads\SoftonicDownloader_fuer_makehuman.exe (PUP.OfferBundler.ST) -> Delete on reboot.
(end)
...ich mache mit OTL weiter...die logs folgen dann...
Hallo t´john,
die beiden logs sind sehr groß! Ich sende in 2 PartienOTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 05.04.2013 13:22:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Besitzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,50 Gb Total Physical Memory | 0,68 Gb Available Physical Memory | 45,61% Memory free
3,41 Gb Paging File | 2,31 Gb Available in Paging File | 67,64% Paging File free
Paging file location(s): c:\pagefile.sys 2000 6000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 315,82 Gb Total Space | 241,86 Gb Free Space | 76,58% Space Free | Partition Type: NTFS
Drive D: | 19,52 Gb Total Space | 13,97 Gb Free Space | 71,56% Space Free | Partition Type: FAT32
Computer Name: BESITZER-PC | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BA8B2FE-17F4-4098-8386-1E554F21C575}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{18A5CF15-21FA-4DAC-AA67-070A4348E2D1}" = lport=445 | protocol=6 | dir=in | app=system |
"{33DBEF8F-DA4C-4112-9464-4978E68C3D3E}" = rport=445 | protocol=6 | dir=out | app=system |
"{69CDA0A7-F6F8-4699-83AB-BD2409A188B3}" = lport=138 | protocol=17 | dir=in | app=system |
"{7017624C-A90E-4479-BA0A-74511593A47E}" = lport=139 | protocol=6 | dir=in | app=system |
"{84209875-470E-4C62-9F16-81B027CA003C}" = lport=137 | protocol=17 | dir=in | app=system |
"{9EDE2306-C584-4FC7-AE9F-AECB6C2BB1D7}" = rport=138 | protocol=17 | dir=out | app=system |
"{AF1416D0-0C0B-44E8-B03D-DB3CADE71CD9}" = rport=137 | protocol=17 | dir=out | app=system |
"{EECD70AA-043E-4BAD-B85B-5C7E240EA5E1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F9A087EC-BE8A-4FDE-990F-B8B89F22828F}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08D44FCC-537C-4BEE-977A-AFF3D3BC8296}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{090AA8A7-E51B-4576-9B35-4717C77D0F6C}" = protocol=17 | dir=in | app=c:\program files\samsung\easy printer manager\idsalert.exe |
"{39BA7C71-B275-4992-A838-D3BEEF42C22D}" = protocol=17 | dir=in | app=c:\program files\samsung\easy printer manager\ordersupplies.exe |
"{3D75E7AA-FD8A-4C0F-95D2-4E361FAC140F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5364BFAB-A4F7-442A-998E-593B0EF69333}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5460A54E-42B5-477C-BB34-4F768E7CD4C8}" = protocol=6 | dir=in | app=c:\program files\samsung\easy printer manager\ordersupplies.exe |
"{57DF6266-BF9D-4959-A1F8-4EB9D70B6BED}" = protocol=6 | dir=in | app=c:\program files\samsung\easy printer manager\idsalert.exe |
"{72473140-09A7-4FB8-A01E-CEAB01CF7FA5}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scx3400\scnsearch\usdagent.exe |
"{7C2EA682-710B-4773-8754-965443B8AC6E}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scx3400\scnsearch\usdagent.exe |
"{7E54FCA6-B771-46C7-B8F0-403024C9EB15}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9218976A-6BB8-4C95-BA22-187FA5D13FA5}" = protocol=17 | dir=in | app=c:\program files\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{9BF6D86F-6639-476E-96C7-73A4F5B1DCAC}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1005mc.exe |
"{A778EA49-5BDC-442D-99C9-C7DDB679FA42}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1005mc.exe |
"{A95AE931-30A7-423E-AF92-79B42B02FAFB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AA4DE14D-C9F6-4285-AC18-8C6BE5CDDF19}" = protocol=6 | dir=in | app=c:\program files\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{B629DEFA-603F-42BE-B576-3A9CFBF362CD}" = protocol=17 | dir=in | app=c:\program files\samsung\easy printer manager\ids.application.exe |
"{C124E664-47F0-496C-BA0A-3F51470354B8}" = protocol=17 | dir=in | app=c:\program files\samsung\easy document creator\usdagent.exe |
"{E4691705-60C2-45D7-B2F1-11F7E6F77E42}" = protocol=6 | dir=in | app=c:\program files\samsung\easy printer manager\ids.application.exe |
"{F56167B4-B395-41A5-83F1-02B5688818F6}" = protocol=6 | dir=in | app=c:\program files\samsung\easy document creator\usdagent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00040407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A169C69-5012-DAD1-B26D-6AD81A3242A9}" = Catalyst Control Center Localization All
"{0C4E2B14-A932-892E-7314-2B78EA4F8071}" = Skins
"{0C57FA05-A701-484C-86CD-D9D0843585F1}" = hppusgM1005
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18472E28-FCA0-421F-BDAC-AC65012E29F2}" = ArcSoft MediaImpression
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{34B164BB-87C0-0E98-4B4B-867962CBB5EB}" = CCC Help Italian
"{37BA50EE-C851-4394-93DD-A0A611891031}" = Nero 7 Essentials
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D8FA9E6-DE47-98B1-B292-D5BD9D1AC5F4}" = Catalyst Control Center Graphics Previews Vista
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH Jukebox
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D07BB5D-7903-53B0-4EE0-F23FB43A3034}" = Catalyst Control Center Graphics Full New
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5107CFE6-65DB-C1BE-A97B-68C22747AD4F}" = CCC Help English
"{518FBF0D-3BA6-BF84-C949-D301EEA09F08}" = ccc-core-static
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{638EBB3E-04BC-40DB-9176-DDEC2C5CB2BC}" = ArcSoft MediaConverter 2.5
"{6A53AF94-FB62-528E-93D7-47D927FCBA89}" = Catalyst Control Center InstallProxy
"{777AD08E-B32A-4456-AFE1-094DBECEB268}" = Intel(R) Network Connections 13.5.32.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C2B745A-E7F1-41F1-B9BB-3DDB8D52E4CE}" = Readiris Pro 11
"{7F276611-40A1-71AF-79B2-F896525FA898}" = CCC Help Danish
"{80186A32-8C10-9A90-409B-F83ED7823EA5}" = Catalyst Control Center Graphics Light
"{853E9CDB-711A-533C-E73F-1D87DCCAF5B6}" = Catalyst Control Center Graphics Full Existing
"{8730DBBF-3817-FC91-3C5D-A42F535A0C75}" = Catalyst Control Center Core Implementation
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9356940C-B360-4EF4-BE6C-BD488350AB17}" = Scan To
"{948A3F91-22EE-4E24-B4E0-BADB972357F4}" = ArcSoft Print Creations
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{963911A3-E0E3-1D9B-CCF1-04607B415F9D}" = CCC Help Dutch
"{9B4A90F5-B7F6-742C-C761-526AD050B601}" = CCC Help French
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DB2B2B1-464C-F7ED-2032-B80A1F2EEA69}" = CCC Help Japanese
"{9E422606-5F50-5D98-D89F-74AF10167A25}" = CCC Help Norwegian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{ADF60A14-CFC4-7174-D088-E1CFE6663EF3}" = ATI Catalyst Install Manager
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}" = SNS Upload for Easy Document Creator
"{C3B58DC8-B030-0AE4-87C2-7721A4A485FA}" = CCC Help German
"{C833C7B6-1140-471D-932B-391B5CA66D7D}" = Digital Video
"{C8A6E0DE-B25F-D008-C10F-81DB91224A41}" = ccc-utility
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E8E25861-3B27-E2FE-877A-4E19B848EA31}" = CCC Help Spanish
"{E9D9AD46-011D-EC6D-180B-8A0C6835B778}" = CCC Help Swedish
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FE6B2A1F-FFA0-9BD0-6C8E-BCA7AEDCFC5E}" = CCC Help Finnish
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = GMX Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = GMX MailCheck für Internet Explorer
"7-PDF Split & Merge_is1" = 7-PDF Split & Merge Version 2.1.0 (Build 128)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"CCleaner" = CCleaner
"HP LaserJet M1005 MFP" = HP LaserJet M1005
"HP OrderReminder" = HP OrderReminder
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"PROSetDX" = Intel(R) Network Connections 13.5.32.0
"Samsung Easy Document Creator" = Samsung Easy Document Creator
"Samsung Easy Printer Manager" = Samsung Easy Printer Manager
"Samsung OCR Software" = Samsung OCR Software
"Samsung Printer Live Update" = Samsung Printer Live Update
"Samsung Scan Process Machine" = Samsung Scan Process Machine
"Samsung SCX-3400 Series" = Samsung SCX-3400 Series
"WiseConvert_1.3 Toolbar" = WiseConvert 1.3 Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-984126766-4193299964-1709174751-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.10.2012 17:51:21 | Computer Name = Besitzer-PC | Source = EventSystem | ID = 4609
Description =
Error - 07.11.2012 06:19:32 | Computer Name = Besitzer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SearchSettings.exe, Version 6.5.0.3, Zeitstempel
0x50741895, fehlerhaftes Modul MSVCR90.dll, Version 9.0.30304.0, Zeitstempel 0x47cce393,
Ausnahmecode 0x40000015, Fehleroffset 0x0005bb47, Prozess-ID 0x84c, Anwendungsstartzeit
01cdbcd13beb0694.
Error - 07.11.2012 11:51:05 | Computer Name = Besitzer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SearchSettings.exe, Version 6.5.0.3, Zeitstempel
0x50741895, fehlerhaftes Modul MSVCR90.dll, Version 9.0.30304.0, Zeitstempel 0x47cce393,
Ausnahmecode 0x40000015, Fehleroffset 0x0005bb47, Prozess-ID 0x834, Anwendungsstartzeit
01cdbcffad7272b6.
Error - 08.11.2012 19:02:33 | Computer Name = Besitzer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SearchSettings.exe, Version 6.5.0.3, Zeitstempel
0x50741895, fehlerhaftes Modul MSVCR90.dll, Version 9.0.30304.0, Zeitstempel 0x47cce393,
Ausnahmecode 0x40000015, Fehleroffset 0x0005bb47, Prozess-ID 0x824, Anwendungsstartzeit
01cdbe051770f747.
Error - 09.11.2012 18:33:13 | Computer Name = Besitzer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SearchSettings.exe, Version 6.5.0.3, Zeitstempel
0x50741895, fehlerhaftes Modul MSVCR90.dll, Version 9.0.30304.0, Zeitstempel 0x47cce393,
Ausnahmecode 0x40000015, Fehleroffset 0x0005bb47, Prozess-ID 0x894, Anwendungsstartzeit
01cdbeca301cb5b4.
Error - 10.11.2012 11:36:51 | Computer Name = Besitzer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SearchSettings.exe, Version 6.5.0.3, Zeitstempel
0x50741895, fehlerhaftes Modul MSVCR90.dll, Version 9.0.30304.0, Zeitstempel 0x47cce393,
Ausnahmecode 0x40000015, Fehleroffset 0x0005bb47, Prozess-ID 0x7b0, Anwendungsstartzeit
01cdbf59301ee2c9.
Error - 13.11.2012 05:00:34 | Computer Name = Besitzer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SearchSettings.exe, Version 6.5.0.3, Zeitstempel
0x50741895, fehlerhaftes Modul MSVCR90.dll, Version 9.0.30304.0, Zeitstempel 0x47cce393,
Ausnahmecode 0x40000015, Fehleroffset 0x0005bb47, Prozess-ID 0x884, Anwendungsstartzeit
01cdc17c36efde17.
Error - 16.11.2012 14:16:06 | Computer Name = Besitzer-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16455 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 15ac Anfangszeit: 01cdc40b93f82120 Zeitpunkt
der Beendigung: 501
Error - 19.11.2012 10:28:11 | Computer Name = Besitzer-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16455 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: dac Anfangszeit: 01cdc64253969720 Zeitpunkt
der Beendigung: 262
Error - 20.11.2012 08:14:15 | Computer Name = Besitzer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16455, Zeitstempel
0x507284ba, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18449, Zeitstempel
0x4da47967, Ausnahmecode 0xc00000fd, Fehleroffset 0x000482ab, Prozess-ID 0x1494,
Anwendungsstartzeit 01cdc70b0e527f22.
[ System Events ]
Error - 04.04.2013 17:19:25 | Computer Name = Besitzer-PC | Source = DCOM | ID = 10005
Description =
Error - 04.04.2013 19:41:32 | Computer Name = Besitzer-PC | Source = DCOM | ID = 10010
Description =
Error - 05.04.2013 04:57:09 | Computer Name = Besitzer-PC | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_SYMEVENT\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
Error - 05.04.2013 05:25:46 | Computer Name = Besitzer-PC | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_BHDRVX86\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
Error - 05.04.2013 05:25:46 | Computer Name = Besitzer-PC | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_CCSET_NIS\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
Error - 05.04.2013 05:25:46 | Computer Name = Besitzer-PC | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_IDSVIX86\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
Error - 05.04.2013 05:25:46 | Computer Name = Besitzer-PC | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_NAVENG\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
Error - 05.04.2013 05:25:46 | Computer Name = Besitzer-PC | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_NAVEX15\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
Error - 05.04.2013 05:25:46 | Computer Name = Besitzer-PC | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_SRTSPX\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
Error - 05.04.2013 05:25:46 | Computer Name = Besitzer-PC | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_SYMDS\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
< End of report > --- --- ---
mfg Mintaka
Hallo t´john, hier nun die zweite log von OTL:OTL Logfile: Code:
OTL logfile created on: 05.04.2013 13:22:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Besitzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,50 Gb Total Physical Memory | 0,68 Gb Available Physical Memory | 45,61% Memory free
3,41 Gb Paging File | 2,31 Gb Available in Paging File | 67,64% Paging File free
Paging file location(s): c:\pagefile.sys 2000 6000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 315,82 Gb Total Space | 241,86 Gb Free Space | 76,58% Space Free | Partition Type: NTFS
Drive D: | 19,52 Gb Total Space | 13,97 Gb Free Space | 71,56% Space Free | Partition Type: FAT32
Computer Name: BESITZER-PC | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Besitzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\GMX MailCheck\IE\GMX_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Common Files\Common Desktop Agent\CDASrv.exe ()
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\HP1005MC.EXE (Software 2000 Limited)
PRC - C:\Windows\hporclnr.exe ()
PRC - C:\Programme\Hewlett-Packard\HP UT\bin\hppusg.exe ( )
PRC - C:\Programme\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard)
PRC - C:\Programme\Logitech\SetPoint\KEM.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\SetPoint\KHALMNPR.exe (Logitech Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2a320f79\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_06325001\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_7ac56635\system.windows.forms.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_a76cec16\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
MOD - C:\Programme\Common Files\Common Desktop Agent\CDASrvPS.dll ()
MOD - C:\Programme\Common Files\Common Desktop Agent\CDASrv.exe ()
MOD - c:\windows\assembly\gac\interop.hpqusg\3.0.0.0__a53cf5803f4c3827\interop.hpqusg.dll ()
MOD - c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
MOD - c:\windows\assembly\gac\system.runtime.serialization.formatters.soap\1.0.5000.0__b03f5f7f11d50a3a\system.runtime.serialization.formatters.soap.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3748.36963__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3748.36896__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3748.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3748.36912__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3748.36850__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Dashboard\2.0.3748.36965__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3748.36892__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3748.36907__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3748.36836__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3748.36886__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3748.36931__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3748.36875__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3748.36843__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Runtime\2.0.3748.36965__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3748.36963__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3748.36942__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3748.36892__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3748.36941__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3748.36891__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3748.36959__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3748.36878__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3748.36909__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3748.36887__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3748.36851__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3748.36900__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3748.36871__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3748.36850__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3748.36877__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3748.36883__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3748.36877__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3748.36883__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3748.36855__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3748.36884__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3748.36820__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3748.36817__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3748.36821__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3748.36936__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3748.36821__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3748.36928__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3748.36826__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3748.36815__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3748.36923__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3748.36816__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3748.36825__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3748.36819__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3748.36819__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3748.36816__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3748.36867__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3748.36907__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3748.36941__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3748.36891__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3748.36847__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3748.36929__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3748.36886__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3748.36847__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3748.36818__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3748.36882__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3748.36818__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3748.36825__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3748.36817__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3748.36843__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3748.36836__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3748.36929__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3748.36817__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3748.36822__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3748.36820__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3748.36957__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3748.36917__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3748.36843__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3748.36923__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3748.36921__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3748.36824__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3748.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3748.36821__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3748.36936__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3748.36820__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3748.36818__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3748.36819__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3748.36842__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3748.36824__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3748.36822__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3748.36832__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3748.36831__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3748.36823__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3748.36822__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3748.36830__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3748.36923__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3748.36849__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\System32\atitmpxx.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\hporclnr.exe ()
MOD - C:\Programme\Logitech\SetPoint\lgscroll.dll ()
========== Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (NAL) -- C:\Windows\System32\drivers\iqvw32.sys (Intel Corporation )
DRV - (CoachUsb) -- C:\Windows\System32\drivers\CoachDc.sys (FotoNation Inc.)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Programme\WiseConvert_1.3\prxtbWise.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8F 61 C6 0B 9B 1F CB 01 [binary data]
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\URLSearchHook: {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Programme\WiseConvert_1.3\prxtbWise.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\SearchScopes\{0F041A97-0C96-4CE4-AC4C-D6F6C55FC331}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3242337
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\SearchScopes\{11D1AEE8-EEFB-48A7-9DD4-2E3EA51D280C}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\SearchScopes\{413D741C-D5B5-4CAD-BC34-B72ACA0D7F1F}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE388
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\SearchScopes\{718C0421-D98C-417B-A654-4147D4952DE3}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\SearchScopes\{E01EAFEC-0AE8-47B3-8E7B-A8C38942921C}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\SearchScopes\{E26AC99C-42FE-4744-AE9B-E5E0EF24DC27}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Besitzer\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Besitzer\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
[2012.09.26 20:11:00 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
========== Chrome ==========
CHR - default_search_provider: Yahoo! Deutschland (Enabled)
CHR - default_search_provider: search_url = hxxp://de.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=827316&p={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://de-sayt.ff.search.yahoo.com/gossip-de-sayt?output=fxjson&command={searchTerms}
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\26.0.1410.43\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (WiseConvert 1.3 Toolbar) - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Programme\WiseConvert_1.3\prxtbWise.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (GMX MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WiseConvert 1.3 Toolbar) - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Programme\WiseConvert_1.3\prxtbWise.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (GMX MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\Toolbar\WebBrowser: (WiseConvert 1.3 Toolbar) - {213C8ED6-1D78-4D8F-8729-25006AA86A76} - C:\Programme\WiseConvert_1.3\prxtbWise.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\..\Toolbar\WebBrowser: (GMX MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [CDAServer] C:\Programme\Common Files\Common Desktop Agent\CDASrv.exe ()
O4 - HKLM..\Run: [HP OrderReminder Cleaner] C:\Windows\hporclnr.exe ()
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files\Hewlett-Packard\HP UT\bin\hppusg.exe ( )
O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\GMX MailCheck\IE\GMX_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OrderReminder] C:\Programme\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SetPoint] C:\Programme\Logitech\SetPoint\KEM.exe (Logitech Inc.)
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-984126766-4193299964-1709174751-1000..\Run: [Adobe Reader Synchronizer] C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-984126766-4193299964-1709174751-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Z1] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-984126766-4193299964-1709174751-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F66EBE1-C473-4323-82C3-B4039ECFF4DA}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\gmx {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.05 13:20:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2013.04.05 12:46:32 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Desktop\mbar
[2013.04.05 11:25:39 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Malwarebytes
[2013.04.05 11:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.05 11:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.05 11:25:25 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.04.05 11:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.03.20 22:22:30 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.03.15 09:38:05 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.03.15 09:38:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.03.15 09:38:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.03.15 09:38:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.03.15 09:38:03 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.03.15 09:38:03 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.03.15 09:38:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.03.15 09:38:00 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.03.13 13:25:22 | 015,859,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013.03.12 12:08:34 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\7-PDF Split & Merge
[2013.03.12 12:08:22 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\7-PDFSplitMerge
[2013.03.12 12:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-PDF
[2013.03.12 12:08:22 | 000,000,000 | ---D | C] -- C:\Program Files\7-PDF
[2013.03.09 11:51:24 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Desktop\Plauderecke
[2013.03.09 00:28:22 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\makehuman
[2013.03.08 20:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Samsung OCR Software
[2013.03.08 19:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2013.03.08 19:16:35 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2013.03.08 19:16:35 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2013.03.08 19:16:30 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL
[2013.03.08 19:16:30 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL
[2013.03.08 19:16:29 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL
[2013.03.08 19:16:29 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2013.03.08 19:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2013.03.08 19:07:19 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\SSScan
[2013.03.08 18:52:10 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\Scan
[2013.03.08 18:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\SamsungPrinterLiveUpdateInstaller
[2013.03.08 18:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\SamsungPrinterLiveUpdate
[2013.03.08 18:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Scan Process Machine
[2013.03.08 18:21:16 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Samsung
[2013.03.08 18:20:56 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
[2013.03.08 18:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Common Desktop Agent
[2013.03.08 18:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013.03.08 18:16:56 | 000,151,552 | ---- | C] (SS) -- C:\Windows\System32\ssm1mci.exe
[2013.03.08 18:16:56 | 000,065,536 | ---- | C] (SS) -- C:\Windows\System32\ssm1mci.dll
[2013.03.08 18:16:34 | 000,049,152 | ---- | C] (Samsung Electronics) -- C:\Windows\System32\Ssusbpn.dll
[2013.03.08 18:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2013.03.08 00:10:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMX MailCheck
[2013.03.08 00:10:59 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\1&1 Mail & Media GmbH
[2013.03.08 00:10:59 | 000,000,000 | ---D | C] -- C:\ProgramData\1&1 Mail & Media GmbH
[2013.03.08 00:10:57 | 000,000,000 | ---D | C] -- C:\Program Files\GMX MailCheck
[2013.03.08 00:09:42 | 000,000,000 | ---D | C] -- C:\ProgramData\UUdb
[2013.03.08 00:09:42 | 000,000,000 | ---D | C] -- C:\Program Files\1und1Softwareaktualisierung
[2013.03.08 00:00:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2013.03.07 23:58:56 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2013.03.07 23:58:54 | 002,523,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2013.03.07 23:58:54 | 001,777,664 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2013.03.07 23:58:54 | 001,003,040 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2013.03.07 23:58:54 | 000,551,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2013.03.07 23:58:54 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2013.03.07 23:58:54 | 000,326,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2013.03.07 23:58:54 | 000,282,112 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\RTPCEE32.dll
[2013.03.07 23:58:54 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2013.03.07 23:58:54 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2013.03.07 23:58:54 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2013.03.07 23:58:54 | 000,049,184 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2013.03.07 23:58:53 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2013.03.07 23:58:53 | 000,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2013.03.07 23:58:53 | 000,159,232 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll
[2013.03.07 23:58:53 | 000,141,312 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2013.03.07 23:58:53 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2013.03.07 23:58:53 | 000,060,416 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2013.03.07 23:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013.03.07 23:58:44 | 000,528,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013.03.07 23:58:44 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2013.03.07 15:07:28 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.07 15:06:53 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.07 15:06:53 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.03.07 15:06:53 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
========== Files - Modified Within 30 Days ==========
[2013.04.05 13:20:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2013.04.05 13:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.05 13:18:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-984126766-4193299964-1709174751-1000UA.job
[2013.04.05 13:08:38 | 000,638,972 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.05 13:08:38 | 000,604,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.05 13:08:38 | 000,130,818 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.05 13:08:38 | 000,107,898 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.05 13:05:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.05 13:02:31 | 000,004,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.05 13:02:31 | 000,004,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.05 13:02:31 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.05 13:02:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.05 13:02:22 | 1608,691,712 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.05 11:25:26 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.05 10:18:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-984126766-4193299964-1709174751-1000Core.job
[2013.04.05 09:25:33 | 000,002,641 | ---- | M] () -- C:\Users\Besitzer\Desktop\Microsoft Excel.lnk
[2013.04.05 09:25:00 | 000,000,004 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\skype.ini
[2013.03.31 21:04:34 | 000,002,605 | ---- | M] () -- C:\Users\Besitzer\Desktop\Microsoft Word.lnk
[2013.03.19 18:01:37 | 000,150,261 | ---- | M] () -- C:\Users\Besitzer\Documents\2013_03rechnung_4764069436.pdf
[2013.03.13 13:25:27 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.13 13:25:27 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.13 13:25:23 | 015,859,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013.03.12 12:08:23 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\7-PDF Split & Merge.lnk
[2013.03.12 01:10:56 | 000,237,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.03.11 12:44:36 | 000,081,120 | ---- | M] () -- C:\Users\Besitzer\Documents\Namenlos.pdf
[2013.03.11 12:44:20 | 000,000,191 | ---- | M] () -- C:\Users\Besitzer\Documents\Readiris.DUS
[2013.03.08 18:21:01 | 000,002,091 | ---- | M] () -- C:\Users\Besitzer\Desktop\Samsung Easy Printer Manager.lnk
[2013.03.07 23:58:56 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2013.03.07 15:06:27 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.03.07 15:06:26 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2013.03.07 15:06:26 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.03.07 15:06:26 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.07 15:06:26 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.07 15:06:26 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
========== Files Created - No Company Name ==========
[2013.04.05 11:25:26 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.04 23:20:24 | 1608,691,712 | -HS- | C] () -- C:\hiberfil.sys
[2013.04.04 22:54:22 | 000,000,004 | ---- | C] () -- C:\Users\Besitzer\AppData\Roaming\skype.ini
[2013.03.19 18:01:37 | 000,150,261 | ---- | C] () -- C:\Users\Besitzer\Documents\2013_03rechnung_4764069436.pdf
[2013.03.12 12:08:23 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\7-PDF Split & Merge.lnk
[2013.03.11 12:44:36 | 000,081,120 | ---- | C] () -- C:\Users\Besitzer\Documents\Namenlos.pdf
[2013.03.11 12:39:43 | 000,000,191 | ---- | C] () -- C:\Users\Besitzer\Documents\Readiris.DUS
[2013.03.08 18:20:57 | 000,002,091 | ---- | C] () -- C:\Users\Besitzer\Desktop\Samsung Easy Printer Manager.lnk
[2013.03.08 18:19:38 | 000,124,832 | R--- | C] () -- C:\Windows\Wiainst.exe
[2013.03.08 18:17:01 | 001,554,336 | ---- | C] () -- C:\Windows\TotalUninstaller.exe
[2013.03.08 18:17:01 | 000,024,064 | ---- | C] () -- C:\Windows\System32\ssm1mlm.dll
[2013.03.08 18:17:01 | 000,000,361 | ---- | C] () -- C:\Windows\System32\ssm1mlm.smt
[2013.03.08 18:16:31 | 000,274,432 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2013.03.08 18:16:31 | 000,106,496 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2013.03.08 18:16:31 | 000,061,440 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll
[2013.03.08 18:16:24 | 000,185,710 | ---- | C] () -- C:\Windows\ssm1mLTR.prn
[2013.03.08 18:16:24 | 000,173,079 | ---- | C] () -- C:\Windows\ssm1mA4.prn
[2013.02.28 20:55:56 | 000,019,446 | ---- | C] () -- C:\Users\Besitzer\Ein lieber Gruß an einen besonderen Fisc1.pdf
[2013.02.24 23:37:05 | 000,091,253 | ---- | C] () -- C:\Users\Besitzer\Aufzeichnen.JPG
[2012.11.20 12:36:26 | 000,067,903 | ---- | C] () -- C:\Users\Besitzer\RV24Dokument.pdf
[2012.11.02 05:37:12 | 000,205,312 | ---- | C] () -- C:\Windows\System32\SBuySupplies.exe
[2012.07.23 17:00:01 | 000,752,803 | ---- | C] () -- C:\Users\Besitzer\Unternehmen erfolg Rechnung_72048 (3).pdf
[2012.03.25 12:06:59 | 000,071,753 | ---- | C] () -- C:\Users\Besitzer\__banking.sparkasse-hannover.de_portal_print__t=UEBERWEISUNG_PRINT&nc=1&w=UOoASazRYW8nO7B&c=dH7DktxDElxPF0rloB6KukJVNsVAR.pdf
[2012.02.20 23:22:26 | 000,064,000 | ---- | C] () -- C:\Windows\System32\CDASpl.dll
[2011.07.18 12:52:49 | 000,000,096 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\fusioncache.dat
[2011.07.18 12:13:36 | 000,000,138 | ---- | C] () -- C:\Windows\Readiris.ini
[2011.03.24 20:40:48 | 001,400,970 | ---- | C] () -- C:\Users\Besitzer\Zwischenzeugnis final.pdf
[2010.07.16 17:25:03 | 000,011,776 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.09 22:05:20 | 000,000,000 | ---- | C] () -- C:\Users\Besitzer\AppData\Roaming\wklnhst.dat
[2010.07.09 16:41:25 | 000,000,680 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report > --- --- ---
wie geht es weiter?
Danke und mfg Mintaka
Hallo t´john,
Ist mir ja peinlich... habe den Schritt 1 (defogger) nicht gemacht...
Soll ich ihn jetzt noch machen oder
machen und alles andere wiederholen oder
soll ich schon mal gmer ´runterladen oder
einfach ...warten?
mfg Mintaka |