Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   iexplorer öffnet sich ständig im Hintergrund (https://www.trojaner-board.de/95910-iexplorer-oeffnet-staendig-hintergrund.html)

pueppii 21.02.2011 18:35
iexplorer öffnet sich ständig im Hintergrund
 
Hallo,

bitte kann mir jemand bei meinem iexplorer Problem helfen?
Bei mir öffnet sich seit einer Woche ständig der IE im Task-Manager ohne das ich ihn öffne.

Genau genommen öffnen sich immer 2 Prozesse mit "iexplorer.exe" und wenn ich die nicht beende werden es immer mehr. Aber nicht so schnell aufeinander sondern im Abstand von ca. 15min.

Hab schon vergeblich Spybot, AntiVir und auch den Malwarebytes suchen lassen. Aber leider kein Treffer.

Hab mir mal mit dem hier oft zitierten HiJackThis einen log gemacht und ihn auf der Homepage "hxxp://www.hijackthis.de/#anl" analysieren lassen. Aber ich konnte nichts finden.

Es wäre super wenn mir einer helfen könnte.
Danke schonmal

Hier schon mal mein aktueller HiJack log

Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:40:48, on 21.02.2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\vsnpstd3.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Wolfgang\HiJack\HiJackThis204.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6739 bytes

cosinus 21.02.2011 21:15
Bitte beachten => http://www.trojaner-board.de/95173-b...es-posten.html und http://www.trojaner-board.de/69886-a...-beachten.html

pueppii 21.02.2011 22:46
Sorry mit dem HiJack-log :stirn:

Soll ich dann nochmal ein neues Thema öffnen?

Ich hätte sonst den OTL log noch da. Soll ich da den kompletten posten? Der ist halt ewig lang.

Hab den iexplorer jetzt über die Systemsteuerung deaktiviert. Macht meinen PC zumindest nicht mehr langsamer, sicher fühle ich mich aber nicht wirklich...

Bitte helft mir

cosinus 22.02.2011 08:47
Lies die Instruktion da bitte richtig durch!
Poste alle Logs hier, mach KEINEN neuen Strang auf!!

pueppii 22.02.2011 08:59
Danke schon mal :daumenhoc :daumenhoc

also hab die OTL logs nach Anleitung erstellt.

das ist der OTL

Code:
OTL logfile created on: 21.02.2011 22:49:09 - Run 2
OTL by OldTimer - Version 3.2.20.6    Folder = C:\Users\Wolfgang\HiJack
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 31,73 Gb Free Space | 21,29% Space Free | Partition Type: NTFS
Drive D: | 142,58 Gb Total Space | 38,37 Gb Free Space | 26,91% Space Free | Partition Type: NTFS
Drive J: | 7,85 Gb Total Space | 5,18 Gb Free Space | 65,99% Space Free | Partition Type: FAT32
 
Computer Name: PÜPPII | User Name: Wolfgang | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Wolfgang\HiJack\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Windows\vsnpstd3.exe ()
PRC - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Wolfgang\HiJack\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (P17) -- C:\Windows\SysNative\drivers\P17.sys (Creative Technology Ltd.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysNative\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysWOW64\drivers\snpstd3.sys (Sonix Co. Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 33 A3 6D CB BA CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.36.0
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.10 18:33:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.14 18:24:43 | 000,000,000 | ---D | M]
 
[2009.10.30 07:25:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Extensions
[2011.02.21 16:39:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions
[2011.02.17 20:16:54 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.09.21 12:21:05 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.02.17 18:32:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.01.10 12:35:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.11.17 09:43:41 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.02.09 09:44:22 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\battlefieldheroespatcher@ea.com
[2010.11.18 13:44:47 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011.01.10 12:35:25 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2011.01.10 12:35:24 | 000,000,000 | ---D | M] (FireGestures) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\firegestures@xuldev.org
[2011.02.17 20:09:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.16 21:44:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.16 15:53:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.19 20:34:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.10 14:30:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.17 20:09:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.11.02 06:27:34 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.11.02 06:27:34 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.11.02 06:27:34 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.11.02 06:27:34 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.11.02 06:27:34 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant]  File not found
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\Shell - "" = AutoRun
O33 - MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\Shell\install\command - "" = K:\autorun.exe
O33 - MountPoints2\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.21 16:38:33 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\QuickScan
[2011.02.21 14:48:59 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\Avira
[2011.02.21 12:56:18 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\Malwarebytes
[2011.02.21 12:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.21 12:56:07 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.02.18 13:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.02.18 13:02:28 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.02.18 13:02:28 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.02.18 13:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.02.18 13:02:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.02.17 20:32:10 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hilfsprogramme
[2011.02.17 20:09:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.02.17 20:09:11 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.02.17 20:09:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.02.17 20:09:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.02.17 13:25:16 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\HiJack
[2011.02.17 12:15:42 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.02.17 10:55:39 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\Desktop\Assasment
[2011.02.14 09:56:56 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.02.14 09:56:56 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.02.14 09:56:56 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.02.14 09:56:56 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.02.14 09:56:52 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.02.14 09:56:52 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.02.14 09:56:39 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.02.14 09:56:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.02.14 09:56:38 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.02.14 09:56:37 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.02.14 09:56:36 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.02.14 09:56:36 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.02.14 09:56:36 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.02.14 09:56:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.02.14 09:56:34 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.02.14 09:56:34 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.02.14 09:56:34 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.02.14 09:56:17 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.02.14 09:56:17 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.02.14 09:56:16 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.02.14 09:56:16 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.02.14 09:56:16 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.02.14 09:56:16 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.02.14 09:56:16 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.02.14 09:56:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.02.14 09:56:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.02.14 09:56:16 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.02.14 09:56:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.02.14 09:56:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.02.14 09:56:11 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.02.14 09:56:10 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.02.14 09:56:10 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.02.14 09:56:09 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.02.14 09:56:09 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.02.02 20:55:12 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Player
[2011.02.02 00:05:22 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\Desktop\TM2_Zeug_fuer_Wolfi
[2011.01.31 19:09:17 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\Desktop\Bewerbung
[2011.01.31 10:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.01.31 10:42:56 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.01.31 10:42:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.01.31 10:42:56 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.01.26 17:06:21 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\Documents\theHunter
[2011.01.26 16:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Hunter
[2011.01.26 15:33:52 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2011.01.26 15:33:52 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2011.01.26 15:33:52 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2011.01.26 15:33:52 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2011.01.26 15:33:52 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2011.01.26 15:33:52 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2011.01.26 15:33:51 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2011.01.26 15:33:51 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2011.01.26 15:33:51 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2011.01.26 15:33:51 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2011.01.26 15:33:51 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2011.01.26 15:33:51 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2011.01.26 15:33:50 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2011.01.26 15:33:50 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2011.01.26 15:33:50 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2011.01.26 15:33:50 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2011.01.26 15:33:40 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2011.01.26 15:33:40 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2011.01.26 15:33:39 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2011.01.26 15:33:39 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2011.01.26 15:33:34 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2011.01.26 15:33:34 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2011.01.26 15:33:33 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2011.01.26 15:33:33 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2009.10.19 19:11:43 | 000,172,032 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnpstd3.dll
[2009.10.19 19:11:43 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll
[2009.10.19 19:11:43 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.21 19:32:57 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.21 19:32:57 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.21 19:25:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.21 19:25:22 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.21 19:15:58 | 000,027,648 | ---- | M] () -- C:\Users\Wolfgang\Desktop\monster.doc
[2011.02.21 19:14:47 | 000,027,136 | ---- | M] () -- C:\Users\Wolfgang\Desktop\monster neu.doc
[2011.02.21 18:53:38 | 000,011,412 | ---- | M] () -- C:\Users\Wolfgang\Desktop\monster neu.docx
[2011.02.21 18:42:00 | 001,527,504 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.02.21 18:42:00 | 000,664,396 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.02.21 18:42:00 | 000,624,578 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.21 18:42:00 | 000,134,564 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.02.21 18:42:00 | 000,110,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.14 10:04:00 | 000,342,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.02.02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.02.02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.02.02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.02.02 00:04:43 | 000,098,291 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Eignungsfragen grundlagen technik.pdf
[2011.01.30 16:30:04 | 000,063,214 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Lebenslauf Wolfgang.docx
[2011.01.30 16:30:04 | 000,063,214 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Lebenslauf Wolfgang mit foto 2 seiten überschrift unten layout.docx
[2011.01.28 11:59:19 | 000,040,828 | ---- | M] () -- C:\Users\Wolfgang\Desktop\wintervorbereitung_svb_2011.pdf
[2011.01.28 11:30:32 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.01.27 12:24:13 | 000,000,043 | ---- | M] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_live.cfg
[2011.01.26 23:35:31 | 000,010,379 | ---- | M] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_live.bin
[2011.01.26 16:57:08 | 000,000,043 | ---- | M] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_local.cfg
[2011.01.26 07:53:10 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.01.26 07:31:20 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.01.25 20:56:14 | 000,011,697 | ---- | M] () -- C:\Users\Wolfgang\Desktop\monster.docx
[2011.01.25 15:53:52 | 000,000,225 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Alien Swarm.url
[2011.01.24 20:03:38 | 000,006,691 | ---- | M] () -- C:\Users\Wolfgang\.recently-used.xbel
[2011.01.24 12:27:23 | 002,193,222 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Clara_2001_WSD.pdf
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.02.21 19:15:58 | 000,027,648 | ---- | C] () -- C:\Users\Wolfgang\Desktop\monster.doc
[2011.02.21 19:14:46 | 000,027,136 | ---- | C] () -- C:\Users\Wolfgang\Desktop\monster neu.doc
[2011.02.21 18:53:37 | 000,011,412 | ---- | C] () -- C:\Users\Wolfgang\Desktop\monster neu.docx
[2011.02.21 18:41:47 | 000,011,697 | ---- | C] () -- C:\Users\Wolfgang\Desktop\monster.docx
[2011.02.21 18:41:31 | 000,063,214 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Lebenslauf Wolfgang.docx
[2011.02.21 18:41:03 | 000,063,214 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Lebenslauf Wolfgang mit foto 2 seiten überschrift unten layout.docx
[2011.02.02 00:04:43 | 000,098,291 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Eignungsfragen grundlagen technik.pdf
[2011.01.28 11:59:19 | 000,040,828 | ---- | C] () -- C:\Users\Wolfgang\Desktop\wintervorbereitung_svb_2011.pdf
[2011.01.26 23:35:14 | 000,010,379 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_live.bin
[2011.01.26 17:06:15 | 000,000,043 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_live.cfg
[2011.01.26 16:43:53 | 000,000,043 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_local.cfg
[2011.01.25 15:53:52 | 000,000,225 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Alien Swarm.url
[2011.01.24 20:03:38 | 000,006,691 | ---- | C] () -- C:\Users\Wolfgang\.recently-used.xbel
[2011.01.24 12:27:23 | 002,193,222 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Clara_2001_WSD.pdf
[2010.11.15 17:53:49 | 000,000,280 | ---- | C] () -- C:\Windows\game.ini
[2010.11.08 14:50:00 | 000,000,096 | ---- | C] () -- C:\Users\Wolfgang\AppData\Local\fusioncache.dat
[2010.11.08 14:48:40 | 001,553,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.04.26 21:45:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.10.21 14:50:05 | 000,003,348 | ---- | C] () -- C:\Windows\SysWow64\ludap17.ini
[2009.10.21 14:50:05 | 000,000,078 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2009.10.20 20:40:20 | 000,007,594 | ---- | C] () -- C:\Users\Wolfgang\AppData\Local\resmon.resmoncfg
[2009.10.20 17:18:51 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009.10.20 17:18:51 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.10.20 00:31:10 | 000,000,059 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\GoodnightTimer.ini
[2009.10.19 19:11:43 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.11.13 05:07:24 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini
[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2007.12.04 04:20:30 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini
[2007.06.07 04:25:42 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini
 
========== LOP Check ==========
 
[2009.10.20 14:21:25 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\2K Sports
[2010.07.13 16:34:06 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Ashampoo
[2010.04.20 13:03:09 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Canneverbe Limited
[2009.10.20 12:31:03 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\DAEMON Tools Lite
[2010.07.15 14:53:21 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.12.07 19:28:55 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\gtk-2.0
[2010.12.07 16:57:00 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Imaxel
[2009.10.19 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Leadertech
[2010.03.11 08:20:33 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\LockHunter
[2010.10.11 14:50:33 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Need for Speed World
[2011.02.21 16:38:33 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\QuickScan
[2009.11.04 08:38:43 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\smc
[2009.11.30 14:53:37 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Ubisoft
[2011.01.24 10:17:45 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:425D0709

< End of report >
und das ist der Extras
Code:
OTL Extras logfile created on: 21.02.2011 22:49:09 - Run 2
OTL by OldTimer - Version 3.2.20.6    Folder = C:\Users\Wolfgang\HiJack
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 31,73 Gb Free Space | 21,29% Space Free | Partition Type: NTFS
Drive D: | 142,58 Gb Total Space | 38,37 Gb Free Space | 26,91% Space Free | Partition Type: NTFS
Drive J: | 7,85 Gb Total Space | 5,18 Gb Free Space | 65,99% Space Free | Partition Type: FAT32
 
Computer Name: PÜPPII | User Name: Wolfgang | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome File not found
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{77B8B4A5-EE79-4907-A318-2DA86325B8D7}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A792E67C-FDA4-A301-0C3C-53BA86EFBB5A}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{E5C95CA5-4565-4B9D-97ED-05088D775614}" = Apple Mobile Device Support
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2E52FB79-7F60-4AD7-B946-5ED18B4F274E}" = ShaunWhiteSnowboarding
"{3D6A24EA-A543-6C84-351E-D7646E7AB86E}" = Catalyst Control Center InstallProxy
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{47CAFF95-C3D8-ABF2-70BC-89DE00D8FB19}" = Catalyst Control Center Graphics Light
"{4962EBAC-AE7C-1B22-1EA0-0916A7E40954}" = Catalyst Control Center Graphics Full Existing
"{49A62E2B-B35C-941D-DF48-601207CF14C0}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{506DDFBE-983F-4BC3-84B8-65F423B2D798}" = NVIDIA PhysX
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5AEDCB07-25E3-4136-BE1E-BB2A2944355D}" = Game Graphic Studio
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A490E11-6C8A-777C-4E00-43F3CC16A1EC}" = CCC Help English
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77919701-C3E7-09AA-D2F7-DBF42CD7C13D}" = Catalyst Control Center HydraVision Full
"{78B2F09F-BDC7-7865-CF4C-233B64A3BE51}" = Catalyst Control Center Graphics Full New
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A137D52E-FA96-4815-85F5-E7B8F66837DB}" = Race Driver 3
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D241BBEC-B1C7-7953-EDDE-D90A654A8D2C}" = ccc-core-static
"{D5C24E77-099E-9B84-5BE2-708E70B938A9}" = Catalyst Control Center Core Implementation
"{DC4757E2-BAE3-0BFE-C6E5-576CB911FF52}" = Catalyst Control Center Graphics Previews Vista
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera-168
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"AstrumNival Allods" = Allods Online 1.0.05.41
"Audacity_is1" = Audacity 1.2.6
"AudioCS" = Creative Audio-Systemsteuerung
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BSS Intended Shutdown" = BSS Intended Shutdown 1.1.0.0
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"dm Digi Foto" = dm Digi Foto
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio Converter_is1" = Free Audio Converter version 1.4
"Free Audio Dub_is1" = Free Audio Dub version 1.6
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"PC Wizard 2009_is1" = PC Wizard 2009.1.90
"SopCast" = SopCast 3.2.4
"Steam App 630" = Alien Swarm
"Steam App 7740" = NBA 2K9
"theHunter" = theHunter (remove only)
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.3
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
Tausend dank schonmal :dankeschoen:

cosinus 22.02.2011 10:31
Malwarebytes überlesen?

pueppii 22.02.2011 12:01
Ich hab das als oder verstanden OTL "oder" Mal als Alternative

So jetzt die Malwarebytes-log

Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5838

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

22.02.2011 11:56:31
mbam-log-2011-02-22 (11-56-31).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 158570
Laufzeit: 3 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
:dankeschoen::dankeschoen::dankeschoen:

cosinus 22.02.2011 13:49
Zitat:
Art des Suchlaufs: Quick-Scan
Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

pueppii 22.02.2011 15:38
Hi hab einen Vollscan gemacht:

Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5838

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

22.02.2011 15:31:33
mbam-log-2011-02-22 (15-31-33).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|J:\|K:\|)
Durchsuchte Objekte: 377764
Laufzeit: 1 Stunde(n), 5 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

und dann hab ich noch den ersten den ich drüber laufen lassen hab.


Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5828

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

21.02.2011 14:08:22
mbam-log-2011-02-21 (14-08-22).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|K:\|)
Durchsuchte Objekte: 376736
Laufzeit: 1 Stunde(n), 10 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
hätte ich den IE wieder in der Systemsteuerung aktivieren sollen und warten bis ein der Prozess startet damit das Malware-programm was findet?

Danke schonmal

cosinus 22.02.2011 19:19
Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\Shell - "" = AutoRun
O33 - MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\Shell\install\command - "" = K:\autorun.exe
O33 - MountPoints2\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:425D0709
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

pueppii 22.02.2011 20:05
So hab ich...

Kannst du vielleicht noch so grob sagen was da los ist und was du geändert hast?
Wäre nett. :lach:

der OTL log ist für eine Antwort zu lang :(

Also hab ich Ihn geteilt hoffe sinnvoll...
Teil 1 Bist========== COMMANDS ==========


Code:
All processes killed
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <Zurück                  Trojaner-Board > Sicherheit > Hijacker / HiJackThis Logs posten> in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <Willkommen, pueppii.> in the current context!
Error: Unable to interpret <Ihr letzter Besuch war: Heute um 15:39 Uhr> in the current context!
Error: Unable to interpret <Private Nachrichten: Ungelesen 0, insgesamt 0.> in the current context!
Error: Unable to interpret <Kontrollzentrum        Nachrichten        Hilfe / NUB        Community        Kalender        Neue Beiträge / Unbeantwortet / Meine Beiträge        Suchen        Nützliche Links        Abmelden> in the current context!
Error: Unable to interpret <Hinweise> in the current context!
Error: Unable to interpret <Poste nicht in fremde Themen.> in the current context!
Error: Unable to interpret <Eröffne für Dein Problem ein eigenes Thema unter Beachtung von der Checkliste. Bitte dazu passendes Unterforum auswählen und auf klicken!> in the current context!
Error: Unable to interpret <Was tun, wenn niemand antwortet?> in the current context!
Error: Unable to interpret <Bitte vergewissere Dich, dass Du alle Punkte aus Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten beachtet und befolgt hast.> in the current context!
Error: Unable to interpret <Hijacker / HiJackThis Logs posten: iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <Hier könnt Ihr HiJackThis Logs zwecks Auswertung posten. Ebenso allgemeine Fragen zu Hijackern.> in the current context!
Error: Unable to interpret <Community Links> in the current context!
Error: Unable to interpret <Interessengemeinschaften> in the current context!
Error: Unable to interpret <Bilder & Alben> in the current context!
Error: Unable to interpret <Kontakte & Freunde> in the current context!
Error: Unable to interpret <Benutzerliste> in the current context!
Error: Unable to interpret <Foren durchsuchen> in the current context!
Error: Unable to interpret <Zeige Themen  Zeige Beiträge> in the current context!
Error: Unable to interpret <Stichwortsuche> in the current context!
Error: Unable to interpret <Erweiterte Suche> in the current context!
Error: Unable to interpret <Nützliche Links> in the current context!
Error: Unable to interpret <[24h]> in the current context!
Error: Unable to interpret <Alle Foren als gelesen markieren> in the current context!
Error: Unable to interpret <Kontakte-Fenster öffnen> in the current context!
Error: Unable to interpret <Benutzerkontrollzentrum> in the current context!
Error: Unable to interpret <Signatur bearbeiten> in the current context!
Error: Unable to interpret <Profil bearbeiten> in the current context!
Error: Unable to interpret <Einstellungen ändern> in the current context!
Error: Unable to interpret <Verschiedenes> in the current context!
Error: Unable to interpret <Private Nachrichten> in the current context!
Error: Unable to interpret <Abonnierte Themen> in the current context!
Error: Unable to interpret <Mein Profil> in the current context!
Error: Unable to interpret <Wer ist online> in the current context!
Error: Unable to interpret <Gehe zu...> in the current context!
Error: Unable to interpret <Antwort> in the current context!
Error: Unable to interpret <Ersten ungelesenen Beitrag anzeigen Ersten ungelesenen Beitrag anzeigen  > in the current context!
Error: Unable to interpret <        LinkBack        Themen-Optionen        Thema durchsuchen        Thema bewerten        Ansicht> in the current context!
Error: Unable to interpret <Alt Gestern, 18:35          #1> in the current context!
Error: Unable to interpret <pueppii> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Registriert seit: 21.02.2011> in the current context!
Error: Unable to interpret <Beiträge: 5> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund - Standard iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <Hallo,> in the current context!
Error: Unable to interpret <bitte kann mir jemand bei meinem iexplorer Problem helfen?> in the current context!
Error: Unable to interpret <Bei mir öffnet sich seit einer Woche ständig der IE im Task-Manager ohne das ich ihn öffne.> in the current context!
Error: Unable to interpret <Genau genommen öffnen sich immer 2 Prozesse mit "iexplorer.exe" und wenn ich die nicht beende werden es immer mehr. Aber nicht so schnell aufeinander sondern im Abstand von ca. 15min.> in the current context!
Error: Unable to interpret <Hab schon vergeblich Spybot, AntiVir und auch den Malwarebytes suchen lassen. Aber leider kein Treffer.> in the current context!
Error: Unable to interpret <Hab mir mal mit dem hier oft zitierten HijackThis einen log gemacht und ihn auf der Homepage "hxxp://www.hijackthis.de/#anl" analysieren lassen. Aber ich konnte nichts finden.> in the current context!
Error: Unable to interpret <Es wäre super wenn mir einer helfen könnte.> in the current context!
Error: Unable to interpret <Danke schonmal> in the current context!
Error: Unable to interpret <Hier schon mal mein aktueller HiJack log> in the current context!
Error: Unable to interpret <Code: Alles kopierenAlles auswählenLarusso Modus> in the current context!
Error: Unable to interpret <HiJackthis Logfile:

       
Code:

       
Logfile of Trend Micro HijackThis v2.0.4> in the current context!
Error: Unable to interpret <Scan saved at 17:40:48, on 21.02.2011> in the current context!
Error: Unable to interpret <Platform: Windows 7  (WinNT 6.00.3504)> in the current context!
Error: Unable to interpret <MSIE: Internet Explorer v8.00 (8.00.7600.16722)> in the current context!
Error: Unable to interpret <Boot mode: Normal> in the current context!
Error: Unable to interpret <Running processes:> in the current context!
Error: Unable to interpret <C:\Windows\vsnpstd3.exe> in the current context!
Error: Unable to interpret <C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe> in the current context!
Error: Unable to interpret <C:\Program Files (x86)\iTunes\iTunesHelper.exe> in the current context!
Error: Unable to interpret <C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe> in the current context!
Error: Unable to interpret <C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe> in the current context!
Error: Unable to interpret <C:\Program Files (x86)\Mozilla Firefox\firefox.exe> in the current context!
Error: Unable to interpret <C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe> in the current context!
Error: Unable to interpret <C:\Users\Wolfgang\HiJack\HiJackThis204.exe> in the current context!
Error: Unable to interpret <R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = > in the current context!
Error: Unable to interpret <R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = > in the current context!
Error: Unable to interpret <F2 - REG:system.ini: UserInit=userinit.exe> in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime> in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"> in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min> in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler> in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun> in the current context!
Error: Unable to interpret <O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')> in the current context!
Error: Unable to interpret <O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')> in the current context!
Error: Unable to interpret <O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')> in the current context!
Error: Unable to interpret <O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')> in the current context!
Error: Unable to interpret <O4 - Global Startup: Logitech SetPoint.lnk = ?> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000> in the current context!
Error: Unable to interpret <O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll> in the current context!
Error: Unable to interpret <O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL> in the current context!
Error: Unable to interpret <O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab> in the current context!
Error: Unable to interpret <O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab> in the current context!
Error: Unable to interpret <O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL> in the current context!
Error: Unable to interpret <O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe> in the current context!
Error: Unable to interpret <O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe> in the current context!
Error: Unable to interpret <O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe> in the current context!
Error: Unable to interpret <O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe> in the current context!
Error: Unable to interpret <O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe> in the current context!
Error: Unable to interpret <O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe> in the current context!
Error: Unable to interpret <O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe> in the current context!
Error: Unable to interpret <O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe> in the current context!
Error: Unable to interpret <O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe> in the current context!
Error: Unable to interpret <O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)> in the current context!
Error: Unable to interpret <O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)> in the current context!
Error: Unable to interpret <--> in the current context!
Error: Unable to interpret <End of file - 6739 bytes

--- --- ---
> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <pueppii ist gerade online Beitrag melden          Mit Zitat antworten Beitrag zum Zitieren auswählen Direkt antworten> in the current context!
Error: Unable to interpret <pueppii> in the current context!
Error: Unable to interpret <Öffentliches Profil ansehen> in the current context!
Error: Unable to interpret <Private Nachricht an pueppii schicken> in the current context!
Error: Unable to interpret <Mehr Beiträge von pueppii finden> in the current context!
Error: Unable to interpret <pueppii als Kontakt hinzufügen> in the current context!
Error: Unable to interpret <Alt Gestern, 21:15          #2> in the current context!
Error: Unable to interpret <cosinus> in the current context!
Error: Unable to interpret </// Winkelfunktion> in the current context!
Error: Unable to interpret </// TB-Ausbilder> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Registriert seit: 16.08.2009> in the current context!
Error: Unable to interpret <Ort: /etc/init.d> in the current context!
Error: Unable to interpret <Beiträge: 28.375> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund - Standard> in the current context!
Error: Unable to interpret <AW: iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <Bitte beachten => Bitte keine HijackThis Logfiles posten und Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?> in the current context!
Error: Unable to interpret <__________________> in the current context!
Error: Unable to interpret <Gruß,> in the current context!
Error: Unable to interpret <Arne> in the current context!
Error: Unable to interpret <Trojaner-Board-Spendenkonto> in the current context!
Error: Unable to interpret <Datensicherung mit Ubuntu als Notfall-Live-System> in the current context!
Error: Unable to interpret <Keine Hilfe via PN, PM etc. Ausschließlich hier im Forum.> in the current context!
Error: Unable to interpret <cosinus ist gerade online Beitrag melden          Mit Zitat antworten Beitrag zum Zitieren auswählen Direkt antworten> in the current context!
Error: Unable to interpret <cosinus> in the current context!
Error: Unable to interpret <Öffentliches Profil ansehen> in the current context!
Error: Unable to interpret <Private Nachricht an cosinus schicken> in the current context!
Error: Unable to interpret <Eine E-Mail an cosinus schicken> in the current context!
Error: Unable to interpret <Besuchen Sie die Homepage von cosinus!> in the current context!
Error: Unable to interpret <Mehr Beiträge von cosinus finden> in the current context!
Error: Unable to interpret <cosinus als Kontakt hinzufügen> in the current context!
Error: Unable to interpret <Alt Gestern, 22:46          #3> in the current context!
Error: Unable to interpret <pueppii> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Registriert seit: 21.02.2011> in the current context!
Error: Unable to interpret <Beiträge: 5> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund - Standard AW: iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <Sorry mit dem HiJack-log> in the current context!
Error: Unable to interpret <Soll ich dann nochmal ein neues Thema öffnen?> in the current context!
Error: Unable to interpret <Ich hätte sonst den OTL log noch da. Soll ich da den kompletten posten? Der ist halt ewig lang.> in the current context!
Error: Unable to interpret <Hab den iexplorer jetzt über die Systemsteuerung deaktiviert. Macht meinen PC zumindest nicht mehr langsamer, sicher fühle ich mich aber nicht wirklich...> in the current context!
Error: Unable to interpret <Bitte helft mir> in the current context!
Error: Unable to interpret <pueppii ist gerade online Beitrag melden          Mit Zitat antworten Beitrag zum Zitieren auswählen Direkt antworten> in the current context!
Error: Unable to interpret <pueppii> in the current context!
Error: Unable to interpret <Öffentliches Profil ansehen> in the current context!
Error: Unable to interpret <Private Nachricht an pueppii schicken> in the current context!
Error: Unable to interpret <Mehr Beiträge von pueppii finden> in the current context!
Error: Unable to interpret <pueppii als Kontakt hinzufügen> in the current context!
Error: Unable to interpret <Alt Heute, 08:47          #4> in the current context!
Error: Unable to interpret <cosinus> in the current context!
Error: Unable to interpret </// Winkelfunktion> in the current context!
Error: Unable to interpret </// TB-Ausbilder> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Registriert seit: 16.08.2009> in the current context!
Error: Unable to interpret <Ort: /etc/init.d> in the current context!
Error: Unable to interpret <Beiträge: 28.375> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund - Standard AW: iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <Lies die Instruktion da bitte richtig durch!> in the current context!
Error: Unable to interpret <Poste alle Logs hier, mach KEINEN neuen Strang auf!!> in the current context!
Error: Unable to interpret <__________________> in the current context!
Error: Unable to interpret <Gruß,> in the current context!
Error: Unable to interpret <Arne> in the current context!
Error: Unable to interpret <Trojaner-Board-Spendenkonto> in the current context!
Error: Unable to interpret <Datensicherung mit Ubuntu als Notfall-Live-System> in the current context!
Error: Unable to interpret <Keine Hilfe via PN, PM etc. Ausschließlich hier im Forum.> in the current context!
Error: Unable to interpret <cosinus ist gerade online Beitrag melden          Mit Zitat antworten Beitrag zum Zitieren auswählen Direkt antworten> in the current context!
Error: Unable to interpret <cosinus> in the current context!
Error: Unable to interpret <Öffentliches Profil ansehen> in the current context!
Error: Unable to interpret <Private Nachricht an cosinus schicken> in the current context!
Error: Unable to interpret <Eine E-Mail an cosinus schicken> in the current context!
Error: Unable to interpret <Besuchen Sie die Homepage von cosinus!> in the current context!
Error: Unable to interpret <Mehr Beiträge von cosinus finden> in the current context!
Error: Unable to interpret <cosinus als Kontakt hinzufügen> in the current context!
Error: Unable to interpret <Alt Heute, 08:59          #5> in the current context!
Error: Unable to interpret <pueppii> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Registriert seit: 21.02.2011> in the current context!
Error: Unable to interpret <Beiträge: 5> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund - Standard AW: iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <Danke schon mal> in the current context!
Error: Unable to interpret <also hab die OTL logs nach Anleitung erstellt.> in the current context!
Error: Unable to interpret <das ist der OTL> in the current context!
Error: Unable to interpret <Code: Alles kopierenAlles auswählenLarusso Modus> in the current context!
Error: Unable to interpret <OTL Logfile:

       
Code:

       
OTL logfile created on: 21.02.2011 22:49:09 - Run 2> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\Wolfgang\HiJack> in the current context!
Error: Unable to interpret <64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 8.0.7600.16385)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free> in the current context!
Error: Unable to interpret <4,00 Gb Paging File | 3,00 Gb Available in Paging File | 64,00% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 149,04 Gb Total Space | 31,73 Gb Free Space | 21,29% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive D: | 142,58 Gb Total Space | 38,37 Gb Free Space | 26,91% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive J: | 7,85 Gb Total Space | 5,18 Gb Free Space | 65,99% Space Free | Partition Type: FAT32> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: PÜPPII | User Name: Wolfgang | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - C:\Users\Wolfgang\HiJack\OTL.exe (OldTimer Tools)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)> in the current context!
Error: Unable to interpret <PRC - C:\Windows\vsnpstd3.exe ()> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Modules (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - C:\Users\Wolfgang\HiJack\OTL.exe (OldTimer Tools)> in the current context!
Error: Unable to interpret <MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)> in the current context!
Error: Unable to interpret <SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)> in the current context!
Error: Unable to interpret <SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)> in the current context!
Error: Unable to interpret <SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)> in the current context!
Error: Unable to interpret <SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)> in the current context!
Error: Unable to interpret <SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()> in the current context!
Error: Unable to interpret <SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)> in the current context!
Error: Unable to interpret <SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)> in the current context!
Error: Unable to interpret <SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)> in the current context!
Error: Unable to interpret <DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)> in the current context!
Error: Unable to interpret <DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()> in the current context!
Error: Unable to interpret <DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()> in the current context!
Error: Unable to interpret <DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()> in the current context!
Error: Unable to interpret <DRV:64bit: - (P17) -- C:\Windows\SysNative\drivers\P17.sys (Creative Technology Ltd.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)> in the current context!
Error: Unable to interpret <DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)> in the current context!
Error: Unable to interpret <DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\drivers\L8042Kbd.sys (Logitech, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()> in the current context!
Error: Unable to interpret <DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysNative\drivers\snpstd3.sys (Sonix Co. Ltd.)> in the current context!
Error: Unable to interpret <DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysWOW64\drivers\snpstd3.sys (Sonix Co. Ltd.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 33 A3 6D CB BA CA 01  [binary data]> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.36.0> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.6.1> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.10 18:33:54 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.14 18:24:43 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2009.10.30 07:25:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Extensions> in the current context!
Error: Unable to interpret <[2011.02.21 16:39:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions> in the current context!
Error: Unable to interpret <[2011.02.17 20:16:54 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}> in the current context!
Error: Unable to interpret <[2010.09.21 12:21:05 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}> in the current context!
Error: Unable to interpret <[2011.02.17 18:32:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}> in the current context!
Error: Unable to interpret <[2011.01.10 12:35:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}> in the current context!
Error: Unable to interpret <[2010.11.17 09:43:41 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}> in the current context!
Error: Unable to interpret <[2010.02.09 09:44:22 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\battlefieldheroespatcher@ea.com> in the current context!
Error: Unable to interpret <[2010.11.18 13:44:47 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\de-DE@dictionaries.addons.mozilla.org> in the current context!
Error: Unable to interpret <[2011.01.10 12:35:25 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\en-GB@dictionaries.addons.mozilla.org> in the current context!
Error: Unable to interpret <[2011.01.10 12:35:24 | 000,000,000 | ---D | M] (FireGestures) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\7ianlmgk.default\extensions\firegestures@xuldev.org> in the current context!
Error: Unable to interpret <[2011.02.17 20:09:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions> in the current context!
Error: Unable to interpret <[2010.05.16 21:44:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}> in the current context!
Error: Unable to interpret <[2010.09.16 15:53:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}> in the current context!
Error: Unable to interpret <[2010.10.19 20:34:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}> in the current context!
Error: Unable to interpret <[2011.01.10 14:30:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}> in the current context!
Error: Unable to interpret <[2011.02.17 20:09:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}> in the current context!
Error: Unable to interpret <[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll> in the current context!
Error: Unable to interpret <[2010.11.02 06:27:34 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context!
Error: Unable to interpret <[2010.11.02 06:27:34 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml> in the current context!
Error: Unable to interpret <[2010.11.02 06:27:34 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context!
Error: Unable to interpret <[2010.11.02 06:27:34 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context!
Error: Unable to interpret <[2010.11.02 06:27:34 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant]  File not found> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [ISUSPM] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [RESTART_STICKY_NOTES]  File not found> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll ()> in the current context!
Error: Unable to interpret <O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)> in the current context!
Error: Unable to interpret <O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)> in the current context!
Error: Unable to interpret <O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab (Creative Software AutoUpdate Support Package)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found> in the current context!
Error: Unable to interpret <O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)> in the current context!
Error: Unable to interpret <O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\Shell\AutoRun\command - "" = K:\autorun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\Shell\install\command - "" = K:\autorun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *) -  File not found> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011.02.21 16:38:33 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\QuickScan> in the current context!
Error: Unable to interpret <[2011.02.21 14:48:59 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\Avira> in the current context!
Error: Unable to interpret <[2011.02.21 12:56:18 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\Malwarebytes> in the current context!
Error: Unable to interpret <[2011.02.21 12:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context!
Error: Unable to interpret <[2011.02.21 12:56:07 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys> in the current context!
Error: Unable to interpret <[2011.02.18 13:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira> in the current context!
Error: Unable to interpret <[2011.02.18 13:02:28 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys> in the current context!
Error: Unable to interpret <[2011.02.18 13:02:28 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys> in the current context!
Error: Unable to interpret <[2011.02.18 13:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira> in the current context!
Error: Unable to interpret <[2011.02.18 13:02:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira> in the current context!
Error: Unable to interpret <[2011.02.17 20:32:10 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hilfsprogramme> in the current context!
Error: Unable to interpret <[2011.02.17 20:09:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java> in the current context!
Error: Unable to interpret <[2011.02.17 20:09:11 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe> in the current context!
Error: Unable to interpret <[2011.02.17 20:09:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe> in the current context!
Error: Unable to interpret <[2011.02.17 20:09:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe> in the current context!
Error: Unable to interpret <[2011.02.17 13:25:16 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\HiJack> in the current context!
Error: Unable to interpret <[2011.02.17 12:15:42 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories> in the current context!
Error: Unable to interpret <[2011.02.17 10:55:39 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\Desktop\Assasment> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:56 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:56 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:56 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:56 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:52 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:52 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:39 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:38 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:37 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:36 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:36 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:36 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:34 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:34 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:34 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:17 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:17 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:16 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:16 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:16 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:16 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:16 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:16 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:11 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:10 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:10 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:09 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe> in the current context!
Error: Unable to interpret <[2011.02.14 09:56:09 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe> in the current context!
Error: Unable to interpret <[2011.02.02 20:55:12 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Player> in the current context!
Error: Unable to interpret <[2011.02.02 00:05:22 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\Desktop\TM2_Zeug_fuer_Wolfi> in the current context!
Error: Unable to interpret <[2011.01.31 19:09:17 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\Desktop\Bewerbung> in the current context!
Error: Unable to interpret <[2011.01.31 10:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes> in the current context!
Error: Unable to interpret <[2011.01.31 10:42:56 | 000,000,000 | ---D | C] -- C:\Programme\iTunes> in the current context!
Error: Unable to interpret <[2011.01.31 10:42:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes> in the current context!
Error: Unable to interpret <[2011.01.31 10:42:56 | 000,000,000 | ---D | C] -- C:\Programme\iPod> in the current context!
Error: Unable to interpret <[2011.01.26 17:06:21 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\Documents\theHunter> in the current context!
Error: Unable to interpret <[2011.01.26 16:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Hunter> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:52 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:52 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:52 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:52 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:52 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:52 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:51 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:51 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:51 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:51 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:51 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:51 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:50 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:50 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:50 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:50 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:40 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:40 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:39 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:39 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:34 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:34 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:33 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll> in the current context!
Error: Unable to interpret <[2011.01.26 15:33:33 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll> in the current context!
Error: Unable to interpret <[2009.10.19 19:11:43 | 000,172,032 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnpstd3.dll> in the current context!
Error: Unable to interpret <[2009.10.19 19:11:43 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll> in the current context!
Error: Unable to interpret <[2009.10.19 19:11:43 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll> in the current context!
Error: Unable to interpret <[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011.02.21 19:32:57 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2011.02.21 19:32:57 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2011.02.21 19:25:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2011.02.21 19:25:22 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys> in the current context!
Error: Unable to interpret <[2011.02.21 19:15:58 | 000,027,648 | ---- | M] () -- C:\Users\Wolfgang\Desktop\monster.doc> in the current context!
Error: Unable to interpret <[2011.02.21 19:14:47 | 000,027,136 | ---- | M] () -- C:\Users\Wolfgang\Desktop\monster neu.doc> in the current context!
Error: Unable to interpret <[2011.02.21 18:53:38 | 000,011,412 | ---- | M] () -- C:\Users\Wolfgang\Desktop\monster neu.docx> in the current context!
Error: Unable to interpret <[2011.02.21 18:42:00 | 001,527,504 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2011.02.21 18:42:00 | 000,664,396 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat> in the current context!
Error: Unable to interpret <[2011.02.21 18:42:00 | 000,624,578 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat> in the current context!
Error: Unable to interpret <[2011.02.21 18:42:00 | 000,134,564 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat> in the current context!
Error: Unable to interpret <[2011.02.21 18:42:00 | 000,110,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat> in the current context!
Error: Unable to interpret <[2011.02.14 10:04:00 | 000,342,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT> in the current context!
Error: Unable to interpret <[2011.02.02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe> in the current context!
Error: Unable to interpret <[2011.02.02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe> in the current context!
Error: Unable to interpret <[2011.02.02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe> in the current context!
Error: Unable to interpret <[2011.02.02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll> in the current context!
Error: Unable to interpret <[2011.02.02 00:04:43 | 000,098,291 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Eignungsfragen grundlagen technik.pdf> in the current context!
Error: Unable to interpret <[2011.01.30 16:30:04 | 000,063,214 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Lebenslauf Wolfgang.docx> in the current context!
Error: Unable to interpret <[2011.01.30 16:30:04 | 000,063,214 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Lebenslauf Wolfgang mit foto 2 seiten überschrift unten layout.docx> in the current context!
Error: Unable to interpret <[2011.01.28 11:59:19 | 000,040,828 | ---- | M] () -- C:\Users\Wolfgang\Desktop\wintervorbereitung_svb_2011.pdf> in the current context!
Error: Unable to interpret <[2011.01.28 11:30:32 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk> in the current context!
Error: Unable to interpret <[2011.01.27 12:24:13 | 000,000,043 | ---- | M] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_live.cfg> in the current context!
Error: Unable to interpret <[2011.01.26 23:35:31 | 000,010,379 | ---- | M] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_live.bin> in the current context!
Error: Unable to interpret <[2011.01.26 16:57:08 | 000,000,043 | ---- | M] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_local.cfg> in the current context!
Error: Unable to interpret <[2011.01.26 07:53:10 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys> in the current context!
Error: Unable to interpret <[2011.01.26 07:31:20 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll> in the current context!
Error: Unable to interpret <[2011.01.25 20:56:14 | 000,011,697 | ---- | M] () -- C:\Users\Wolfgang\Desktop\monster.docx> in the current context!
Error: Unable to interpret <[2011.01.25 15:53:52 | 000,000,225 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Alien Swarm.url> in the current context!
Error: Unable to interpret <[2011.01.24 20:03:38 | 000,006,691 | ---- | M] () -- C:\Users\Wolfgang\.recently-used.xbel> in the current context!
Error: Unable to interpret <[2011.01.24 12:27:23 | 002,193,222 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Clara_2001_WSD.pdf> in the current context!
Error: Unable to interpret <[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011.02.21 19:15:58 | 000,027,648 | ---- | C] () -- C:\Users\Wolfgang\Desktop\monster.doc> in the current context!
Error: Unable to interpret <[2011.02.21 19:14:46 | 000,027,136 | ---- | C] () -- C:\Users\Wolfgang\Desktop\monster neu.doc> in the current context!
Error: Unable to interpret <[2011.02.21 18:53:37 | 000,011,412 | ---- | C] () -- C:\Users\Wolfgang\Desktop\monster neu.docx> in the current context!
Error: Unable to interpret <[2011.02.21 18:41:47 | 000,011,697 | ---- | C] () -- C:\Users\Wolfgang\Desktop\monster.docx> in the current context!
Error: Unable to interpret <[2011.02.21 18:41:31 | 000,063,214 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Lebenslauf Wolfgang.docx> in the current context!
Error: Unable to interpret <[2011.02.21 18:41:03 | 000,063,214 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Lebenslauf Wolfgang mit foto 2 seiten überschrift unten layout.docx> in the current context!
Error: Unable to interpret <[2011.02.02 00:04:43 | 000,098,291 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Eignungsfragen grundlagen technik.pdf> in the current context!
Error: Unable to interpret <[2011.01.28 11:59:19 | 000,040,828 | ---- | C] () -- C:\Users\Wolfgang\Desktop\wintervorbereitung_svb_2011.pdf> in the current context!
Error: Unable to interpret <[2011.01.26 23:35:14 | 000,010,379 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_live.bin> in the current context!
Error: Unable to interpret <[2011.01.26 17:06:15 | 000,000,043 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_live.cfg> in the current context!
Error: Unable to interpret <[2011.01.26 16:43:53 | 000,000,043 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\TheHunterSettings_local.cfg> in the current context!
Error: Unable to interpret <[2011.01.25 15:53:52 | 000,000,225 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Alien Swarm.url> in the current context!
Error: Unable to interpret <[2011.01.24 20:03:38 | 000,006,691 | ---- | C] () -- C:\Users\Wolfgang\.recently-used.xbel> in the current context!
Error: Unable to interpret <[2011.01.24 12:27:23 | 002,193,222 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Clara_2001_WSD.pdf> in the current context!
Error: Unable to interpret <[2010.11.15 17:53:49 | 000,000,280 | ---- | C] () -- C:\Windows\game.ini> in the current context!
Error: Unable to interpret <[2010.11.08 14:50:00 | 000,000,096 | ---- | C] () -- C:\Users\Wolfgang\AppData\Local\fusioncache.dat> in the current context!
Error: Unable to interpret <[2010.11.08 14:48:40 | 001,553,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2010.04.26 21:45:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat> in the current context!
Error: Unable to interpret <[2009.10.21 14:50:05 | 000,003,348 | ---- | C] () -- C:\Windows\SysWow64\ludap17.ini> in the current context!
Error: Unable to interpret <[2009.10.21 14:50:05 | 000,000,078 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini> in the current context!
Error: Unable to interpret <[2009.10.20 20:40:20 | 000,007,594 | ---- | C] () -- C:\Users\Wolfgang\AppData\Local\resmon.resmoncfg> in the current context!
Error: Unable to interpret <[2009.10.20 17:18:51 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL> in the current context!
Error: Unable to interpret <[2009.10.20 17:18:51 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL> in the current context!
Error: Unable to interpret <[2009.10.20 00:31:10 | 000,000,059 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\GoodnightTimer.ini> in the current context!
Error: Unable to interpret <[2009.10.19 19:11:43 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini> in the current context!
Error: Unable to interpret <[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll> in the current context!
Error: Unable to interpret <[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll> in the current context!
Error: Unable to interpret <[2008.11.13 05:07:24 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini> in the current context!
Error: Unable to interpret <[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll> in the current context!
Error: Unable to interpret <[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll> in the current context!
Error: Unable to interpret <[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll> in the current context!
Error: Unable to interpret <[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll> in the current context!
Error: Unable to interpret <[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll> in the current context!
Error: Unable to interpret <[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll> in the current context!
Error: Unable to interpret <[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll> in the current context!
Error: Unable to interpret <[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll> in the current context!
Error: Unable to interpret <[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll> in the current context!
Error: Unable to interpret <[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll> in the current context!
Error: Unable to interpret <[2007.12.04 04:20:30 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini> in the current context!
Error: Unable to interpret <[2007.06.07 04:25:42 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== LOP Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2009.10.20 14:21:25 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\2K Sports> in the current context!
Error: Unable to interpret <[2010.07.13 16:34:06 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Ashampoo> in the current context!
Error: Unable to interpret <[2010.04.20 13:03:09 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Canneverbe Limited> in the current context!
Error: Unable to interpret <[2009.10.20 12:31:03 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\DAEMON Tools Lite> in the current context!
Error: Unable to interpret <[2010.07.15 14:53:21 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context!
Error: Unable to interpret <[2010.12.07 19:28:55 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\gtk-2.0> in the current context!
Error: Unable to interpret <[2010.12.07 16:57:00 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Imaxel> in the current context!
Error: Unable to interpret <[2009.10.19 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Leadertech> in the current context!
Error: Unable to interpret <[2010.03.11 08:20:33 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\LockHunter> in the current context!
Error: Unable to interpret <[2010.10.11 14:50:33 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Need for Speed World> in the current context!
Error: Unable to interpret <[2011.02.21 16:38:33 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\QuickScan> in the current context!
Error: Unable to interpret <[2009.11.04 08:38:43 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\smc> in the current context!
Error: Unable to interpret <[2009.11.30 14:53:37 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Ubisoft> in the current context!
Error: Unable to interpret <[2011.01.24 10:17:45 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Purity Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Alternate Data Streams ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:425D0709> in the current context!
Error: Unable to interpret << End of report >

--- --- ---
> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <und das ist der Extras> in the current context!
Error: Unable to interpret <Code: Alles kopierenAlles auswählenLarusso Modus> in the current context!
Error: Unable to interpret <OTL Logfile:

       
Code:

       
OTL Extras logfile created on: 21.02.2011 22:49:09 - Run 2> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\Wolfgang\HiJack> in the current context!
Error: Unable to interpret <64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 8.0.7600.16385)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free> in the current context!
Error: Unable to interpret <4,00 Gb Paging File | 3,00 Gb Available in Paging File | 64,00% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 149,04 Gb Total Space | 31,73 Gb Free Space | 21,29% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive D: | 142,58 Gb Total Space | 38,37 Gb Free Space | 26,91% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive J: | 7,85 Gb Total Space | 5,18 Gb Free Space | 65,99% Space Free | Partition Type: FAT32> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: PÜPPII | User Name: Wolfgang | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Extra Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== File Associations ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]> in the current context!
Error: Unable to interpret <.html[@ = htmlfile] -- Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]> in the current context!
Error: Unable to interpret <.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <.html [@ = htmlfile] -- Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]> in the current context!
Error: Unable to interpret <.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Shell Spawning ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]> in the current context!
Error: Unable to interpret <batfile [open] -- "%1" %* File not found> in the current context!
Error: Unable to interpret <cmdfile [open] -- "%1" %* File not found> in the current context!
Error: Unable to interpret <comfile [open] -- "%1" %* File not found> in the current context!
Error: Unable to interpret <exefile [open] -- "%1" %* File not found> in the current context!
Error: Unable to interpret <helpfile [open] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <htmlfile [open] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <htmlfile [opennew] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome File not found> in the current context!
Error: Unable to interpret <https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome File not found> in the current context!
Error: Unable to interpret <inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)> in the current context!
Error: Unable to interpret <InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <piffile [open] -- "%1" %* File not found> in the current context!
Error: Unable to interpret <regfile [merge] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <scrfile [config] -- "%1" File not found> in the current context!
Error: Unable to interpret <scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found> in the current context!
Error: Unable to interpret <scrfile [open] -- "%1" /S File not found> in the current context!
Error: Unable to interpret <txtfile [edit] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <Unknown [openas] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()> in the current context!
Error: Unable to interpret <Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Directory [PlayWithVLC] -- "C:\Program Files (x86)\Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()> in the current context!
Error: Unable to interpret <Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Folder [explore] -- Reg Error: Value error.> in the current context!
Error: Unable to interpret <Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Applications\iexplore.exe [open] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]> in the current context!
Error: Unable to interpret <batfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <cmdfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)> in the current context!
Error: Unable to interpret <exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <helpfile [open] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <htmlfile [open] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <htmlfile [opennew] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome> in the current context!
Error: Unable to interpret <https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome> in the current context!
Error: Unable to interpret <inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <piffile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <regfile [merge] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <scrfile [config] -- "%1"> in the current context!
Error: Unable to interpret <scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l> in the current context!
Error: Unable to interpret <scrfile [open] -- "%1" /S> in the current context!
Error: Unable to interpret <txtfile [edit] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <Unknown [openas] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()> in the current context!
Error: Unable to interpret <Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Directory [PlayWithVLC] -- "C:\Program Files (x86)\Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()> in the current context!
Error: Unable to interpret <Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Folder [explore] -- Reg Error: Value error.> in the current context!
Error: Unable to interpret <Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Applications\iexplore.exe [open] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Security Center Settings ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]> in the current context!
Error: Unable to interpret <"cval" = 1> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]> in the current context!
Error: Unable to interpret <"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]> in the current context!
Error: Unable to interpret <"AntiVirusOverride" = 0> in the current context!
Error: Unable to interpret <"AntiSpywareOverride" = 0> in the current context!
Error: Unable to interpret <"FirewallOverride" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Firewall Settings ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Authorized Applications List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== HKEY_LOCAL_MACHINE Uninstall List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]> in the current context!
Error: Unable to interpret <"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)> in the current context!
Error: Unable to interpret <"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer> in the current context!
Error: Unable to interpret <"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack> in the current context!
Error: Unable to interpret <"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour> in the current context!
Error: Unable to interpret <"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148> in the current context!
Error: Unable to interpret <"{77B8B4A5-EE79-4907-A318-2DA86325B8D7}" = iTunes> in the current context!
Error: Unable to interpret <"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007> in the current context!
Error: Unable to interpret <"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007> in the current context!
Error: Unable to interpret <"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting> in the current context!
Error: Unable to interpret <"{A792E67C-FDA4-A301-0C3C-53BA86EFBB5A}" = ccc-utility64> in the current context!
Error: Unable to interpret <"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053> in the current context!
Error: Unable to interpret <"{E5C95CA5-4565-4B9D-97ED-05088D775614}" = Apple Mobile Device Support> in the current context!
Error: Unable to interpret <"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper> in the current context!
Error: Unable to interpret <"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile> in the current context!
Error: Unable to interpret <"CCleaner" = CCleaner> in the current context!
Error: Unable to interpret <"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile> in the current context!
Error: Unable to interpret <"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack> in the current context!
Error: Unable to interpret <"WinRAR archiver" = WinRAR> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]> in the current context!
Error: Unable to interpret <"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator> in the current context!
Error: Unable to interpret <"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148> in the current context!
Error: Unable to interpret <"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam> in the current context!
Error: Unable to interpret <"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2> in the current context!
Error: Unable to interpret <"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148> in the current context!
Error: Unable to interpret <"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool> in the current context!
Error: Unable to interpret <"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT> in the current context!
Error: Unable to interpret <"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24> in the current context!
Error: Unable to interpret <"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010> in the current context!
Error: Unable to interpret <"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie> in the current context!
Error: Unable to interpret <"{2E52FB79-7F60-4AD7-B946-5ED18B4F274E}" = ShaunWhiteSnowboarding> in the current context!
Error: Unable to interpret <"{3D6A24EA-A543-6C84-351E-D7646E7AB86E}" = Catalyst Control Center InstallProxy> in the current context!
Error: Unable to interpret <"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker> in the current context!
Error: Unable to interpret <"{47CAFF95-C3D8-ABF2-70BC-89DE00D8FB19}" = Catalyst Control Center Graphics Light> in the current context!
Error: Unable to interpret <"{4962EBAC-AE7C-1B22-1EA0-0916A7E40954}" = Catalyst Control Center Graphics Full Existing> in the current context!
Error: Unable to interpret <"{49A62E2B-B35C-941D-DF48-601207CF14C0}" = Catalyst Control Center Graphics Previews Common> in the current context!
Error: Unable to interpret <"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater> in the current context!
Error: Unable to interpret <"{506DDFBE-983F-4BC3-84B8-65F423B2D798}" = NVIDIA PhysX> in the current context!
Error: Unable to interpret <"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent> in the current context!
Error: Unable to interpret <"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime> in the current context!
Error: Unable to interpret <"{5AEDCB07-25E3-4136-BE1E-BB2A2944355D}" = Game Graphic Studio> in the current context!
Error: Unable to interpret <"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update> in the current context!
Error: Unable to interpret <"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin> in the current context!
Error: Unable to interpret <"{6A490E11-6C8A-777C-4E00-43F3CC16A1EC}" = CCC Help English> in the current context!
Error: Unable to interpret <"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729> in the current context!
Error: Unable to interpret <"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable> in the current context!
Error: Unable to interpret <"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync> in the current context!
Error: Unable to interpret <"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762> in the current context!
Error: Unable to interpret <"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053> in the current context!
Error: Unable to interpret <"{77919701-C3E7-09AA-D2F7-DBF42CD7C13D}" = Catalyst Control Center HydraVision Full> in the current context!
Error: Unable to interpret <"{78B2F09F-BDC7-7865-CF4C-233B64A3BE51}" = Catalyst Control Center Graphics Full New> in the current context!
Error: Unable to interpret <"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World> in the current context!
Error: Unable to interpret <"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight> in the current context!
Error: Unable to interpret <"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding> in the current context!
Error: Unable to interpret <"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007> in the current context!
Error: Unable to interpret <"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007> in the current context!
Error: Unable to interpret <"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007> in the current context!
Error: Unable to interpret <"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007> in the current context!
Error: Unable to interpret <"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)> in the current context!
Error: Unable to interpret <"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17> in the current context!
Error: Unable to interpret <"{A137D52E-FA96-4815-85F5-E7B8F66837DB}" = Race Driver 3> in the current context!
Error: Unable to interpret <"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT> in the current context!
Error: Unable to interpret <"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable> in the current context!
Error: Unable to interpret <"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch> in the current context!
Error: Unable to interpret <"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy> in the current context!
Error: Unable to interpret <"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player> in the current context!
Error: Unable to interpret <"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1> in the current context!
Error: Unable to interpret <"{D241BBEC-B1C7-7953-EDDE-D90A654A8D2C}" = ccc-core-static> in the current context!
Error: Unable to interpret <"{D5C24E77-099E-9B84-5BE2-708E70B938A9}" = Catalyst Control Center Core Implementation> in the current context!
Error: Unable to interpret <"{DC4757E2-BAE3-0BFE-C6E5-576CB911FF52}" = Catalyst Control Center Graphics Previews Vista> in the current context!
Error: Unable to interpret <"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1> in the current context!
Error: Unable to interpret <"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera-168> in the current context!
Error: Unable to interpret <"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform> in the current context!
Error: Unable to interpret <"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support> in the current context!
Error: Unable to interpret <"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]> in the current context!
Error: Unable to interpret <"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard> in the current context!
Error: Unable to interpret <"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver> in the current context!
Error: Unable to interpret <"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint> in the current context!
Error: Unable to interpret <"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials> in the current context!
Error: Unable to interpret <"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX> in the current context!
Error: Unable to interpret <"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin> in the current context!
Error: Unable to interpret <"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010> in the current context!
Error: Unable to interpret <"AstrumNival Allods" = Allods Online 1.0.05.41> in the current context!
Error: Unable to interpret <"Audacity_is1" = Audacity 1.2.6> in the current context!
Error: Unable to interpret <"AudioCS" = Creative Audio-Systemsteuerung> in the current context!
Error: Unable to interpret <"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus> in the current context!
Error: Unable to interpret <"BSS Intended Shutdown" = BSS Intended Shutdown 1.1.0.0> in the current context!
Error: Unable to interpret <"Creative Software AutoUpdate" = Creative Software AutoUpdate> in the current context!
Error: Unable to interpret <"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition> in the current context!
Error: Unable to interpret <"dm Digi Foto" = dm Digi Foto> in the current context!
Error: Unable to interpret <"EAX Unified" = EAX Unified> in the current context!
Error: Unable to interpret <"ENTERPRISE" = Microsoft Office Enterprise 2007> in the current context!
Error: Unable to interpret <"Free Audio Converter_is1" = Free Audio Converter version 1.4> in the current context!
Error: Unable to interpret <"Free Audio Dub_is1" = Free Audio Dub version 1.6> in the current context!
Error: Unable to interpret <"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8> in the current context!
Error: Unable to interpret <"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10> in the current context!
Error: Unable to interpret <"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch> in the current context!
Error: Unable to interpret <"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch> in the current context!
Error: Unable to interpret <"Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0> in the current context!
Error: Unable to interpret <"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1> in the current context!
Error: Unable to interpret <"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)> in the current context!
Error: Unable to interpret <"PC Wizard 2009_is1" = PC Wizard 2009.1.90> in the current context!
Error: Unable to interpret <"SopCast" = SopCast 3.2.4> in the current context!
Error: Unable to interpret <"Steam App 630" = Alien Swarm> in the current context!
Error: Unable to interpret <"Steam App 7740" = NBA 2K9> in the current context!
Error: Unable to interpret <"theHunter" = theHunter (remove only)> in the current context!
Error: Unable to interpret <"Uninstall_is1" = Uninstall 1.0.0.1> in the current context!
Error: Unable to interpret <"VLC media player" = VLC media player 1.0.3> in the current context!
Error: Unable to interpret <"WinGimp-2.0_is1" = GIMP 2.6.8> in the current context!
Error: Unable to interpret <"WinLiveSuite_Wave3" = Windows Live Essentials> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Last 10 Event Log Errors ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << End of report >

--- --- ---
> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <Tausend dank schonmal> in the current context!
Error: Unable to interpret <pueppii ist gerade online Beitrag melden          Mit Zitat antworten Beitrag zum Zitieren auswählen Direkt antworten> in the current context!
Error: Unable to interpret <pueppii> in the current context!
Error: Unable to interpret <Öffentliches Profil ansehen> in the current context!
Error: Unable to interpret <Private Nachricht an pueppii schicken> in the current context!
Error: Unable to interpret <Mehr Beiträge von pueppii finden> in the current context!
Error: Unable to interpret <pueppii als Kontakt hinzufügen> in the current context!
Error: Unable to interpret <Alt Heute, 10:31          #6> in the current context!
Error: Unable to interpret <cosinus> in the current context!
Error: Unable to interpret </// Winkelfunktion> in the current context!
Error: Unable to interpret </// TB-Ausbilder> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Registriert seit: 16.08.2009> in the current context!
Error: Unable to interpret <Ort: /etc/init.d> in the current context!
Error: Unable to interpret <Beiträge: 28.375> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund - Standard AW: iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <Malwarebytes überlesen?> in the current context!
Error: Unable to interpret <__________________> in the current context!
Error: Unable to interpret <Gruß,> in the current context!
Error: Unable to interpret <Arne> in the current context!
Error: Unable to interpret <Trojaner-Board-Spendenkonto> in the current context!
Error: Unable to interpret <Datensicherung mit Ubuntu als Notfall-Live-System> in the current context!
Error: Unable to interpret <Keine Hilfe via PN, PM etc. Ausschließlich hier im Forum.> in the current context!
Error: Unable to interpret <cosinus ist gerade online Beitrag melden          Mit Zitat antworten Beitrag zum Zitieren auswählen Direkt antworten> in the current context!
Error: Unable to interpret <cosinus> in the current context!
Error: Unable to interpret <Öffentliches Profil ansehen> in the current context!
Error: Unable to interpret <Private Nachricht an cosinus schicken> in the current context!
Error: Unable to interpret <Eine E-Mail an cosinus schicken> in the current context!
Error: Unable to interpret <Besuchen Sie die Homepage von cosinus!> in the current context!
Error: Unable to interpret <Mehr Beiträge von cosinus finden> in the current context!
Error: Unable to interpret <cosinus als Kontakt hinzufügen> in the current context!
Error: Unable to interpret <Alt Heute, 12:01          #7> in the current context!
Error: Unable to interpret <pueppii> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Registriert seit: 21.02.2011> in the current context!
Error: Unable to interpret <Beiträge: 5> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund - Standard AW: iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <Ich hab das als oder verstanden OTL "oder" Mal als Alternative> in the current context!
Error: Unable to interpret <So jetzt die Malwarebytes-log> in the current context!
Error: Unable to interpret <Code: Alles kopierenAlles auswählenLarusso Modus> in the current context!
Error: Unable to interpret <Malwarebytes' Anti-Malware 1.50.1.1100> in the current context!
Error: Unable to interpret <www.malwarebytes.org> in the current context!
Error: Unable to interpret <Datenbank Version: 5838> in the current context!
Error: Unable to interpret <Windows 6.1.7600> in the current context!
Error: Unable to interpret <Internet Explorer 8.0.7600.16385> in the current context!
Error: Unable to interpret <22.02.2011 11:56:31> in the current context!
Error: Unable to interpret <mbam-log-2011-02-22 (11-56-31).txt> in the current context!
Error: Unable to interpret <Art des Suchlaufs: Quick-Scan> in the current context!
Error: Unable to interpret <Durchsuchte Objekte: 158570> in the current context!
Error: Unable to interpret <Laufzeit: 3 Minute(n), 10 Sekunde(n)> in the current context!
Error: Unable to interpret <Infizierte Speicherprozesse: 0> in the current context!
Error: Unable to interpret <Infizierte Speichermodule: 0> in the current context!
Error: Unable to interpret <Infizierte Registrierungsschlüssel: 0> in the current context!
Error: Unable to interpret <Infizierte Registrierungswerte: 0> in the current context!
Error: Unable to interpret <Infizierte Dateiobjekte der Registrierung: 0> in the current context!
Error: Unable to interpret <Infizierte Verzeichnisse: 0> in the current context!
Error: Unable to interpret <Infizierte Dateien: 0> in the current context!
Error: Unable to interpret <Infizierte Speicherprozesse:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Speichermodule:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Registrierungsschlüssel:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Registrierungswerte:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Dateiobjekte der Registrierung:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Verzeichnisse:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Dateien:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <pueppii ist gerade online Beitrag melden          Mit Zitat antworten Beitrag zum Zitieren auswählen Direkt antworten> in the current context!
Error: Unable to interpret <pueppii> in the current context!
Error: Unable to interpret <Öffentliches Profil ansehen> in the current context!
Error: Unable to interpret <Private Nachricht an pueppii schicken> in the current context!
Error: Unable to interpret <Mehr Beiträge von pueppii finden> in the current context!
Error: Unable to interpret <pueppii als Kontakt hinzufügen> in the current context!
Error: Unable to interpret <Alt Heute, 13:49          #8> in the current context!
Error: Unable to interpret <cosinus> in the current context!
Error: Unable to interpret </// Winkelfunktion> in the current context!
Error: Unable to interpret </// TB-Ausbilder> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Registriert seit: 16.08.2009> in the current context!
Error: Unable to interpret <Ort: /etc/init.d> in the current context!
Error: Unable to interpret <Beiträge: 28.375> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund - Standard AW: iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <Zitat:> in the current context!
Error: Unable to interpret <Art des Suchlaufs: Quick-Scan> in the current context!
Error: Unable to interpret <Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.> in the current context!
Error: Unable to interpret <Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!> in the current context!
Error: Unable to interpret <Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!> in the current context!
Error: Unable to interpret <__________________> in the current context!
Error: Unable to interpret <Gruß,> in the current context!
Error: Unable to interpret <Arne> in the current context!
Error: Unable to interpret <Trojaner-Board-Spendenkonto> in the current context!
Error: Unable to interpret <Datensicherung mit Ubuntu als Notfall-Live-System> in the current context!
Error: Unable to interpret <Keine Hilfe via PN, PM etc. Ausschließlich hier im Forum.> in the current context!
Error: Unable to interpret <cosinus ist gerade online Beitrag melden          Mit Zitat antworten Beitrag zum Zitieren auswählen Direkt antworten> in the current context!
Error: Unable to interpret <cosinus> in the current context!
Error: Unable to interpret <Öffentliches Profil ansehen> in the current context!
Error: Unable to interpret <Private Nachricht an cosinus schicken> in the current context!
Error: Unable to interpret <Eine E-Mail an cosinus schicken> in the current context!
Error: Unable to interpret <Besuchen Sie die Homepage von cosinus!> in the current context!
Error: Unable to interpret <Mehr Beiträge von cosinus finden> in the current context!
Error: Unable to interpret <cosinus als Kontakt hinzufügen> in the current context!
Error: Unable to interpret <Alt Heute, 15:38          #9> in the current context!
Error: Unable to interpret <pueppii> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Registriert seit: 21.02.2011> in the current context!
Error: Unable to interpret <Beiträge: 5> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund - Standard AW: iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <Hi hab einen Vollscan gemacht:> in the current context!
Error: Unable to interpret <Code: Alles kopierenAlles auswählenLarusso Modus> in the current context!
Error: Unable to interpret <Malwarebytes' Anti-Malware 1.50.1.1100> in the current context!
Error: Unable to interpret <www.malwarebytes.org> in the current context!
Error: Unable to interpret <Datenbank Version: 5838> in the current context!
Error: Unable to interpret <Windows 6.1.7600> in the current context!
Error: Unable to interpret <Internet Explorer 8.0.7600.16385> in the current context!
Error: Unable to interpret <22.02.2011 15:31:33> in the current context!
Error: Unable to interpret <mbam-log-2011-02-22 (15-31-33).txt> in the current context!
Error: Unable to interpret <Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|J:\|K:\|)> in the current context!
Error: Unable to interpret <Durchsuchte Objekte: 377764> in the current context!
Error: Unable to interpret <Laufzeit: 1 Stunde(n), 5 Minute(n), 45 Sekunde(n)> in the current context!
Error: Unable to interpret <Infizierte Speicherprozesse: 0> in the current context!
Error: Unable to interpret <Infizierte Speichermodule: 0> in the current context!
Error: Unable to interpret <Infizierte Registrierungsschlüssel: 0> in the current context!
Error: Unable to interpret <Infizierte Registrierungswerte: 0> in the current context!
Error: Unable to interpret <Infizierte Dateiobjekte der Registrierung: 0> in the current context!
Error: Unable to interpret <Infizierte Verzeichnisse: 0> in the current context!
Error: Unable to interpret <Infizierte Dateien: 0> in the current context!
Error: Unable to interpret <Infizierte Speicherprozesse:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Speichermodule:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Registrierungsschlüssel:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Registrierungswerte:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Dateiobjekte der Registrierung:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Verzeichnisse:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Dateien:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <und dann hab ich noch den ersten den ich drüber laufen lassen hab.> in the current context!
Error: Unable to interpret <Code: Alles kopierenAlles auswählenLarusso Modus> in the current context!
Error: Unable to interpret <Malwarebytes' Anti-Malware 1.50.1.1100> in the current context!
Error: Unable to interpret <www.malwarebytes.org> in the current context!
Error: Unable to interpret <Datenbank Version: 5828> in the current context!
Error: Unable to interpret <Windows 6.1.7600> in the current context!
Error: Unable to interpret <Internet Explorer 8.0.7600.16385> in the current context!
Error: Unable to interpret <21.02.2011 14:08:22> in the current context!
Error: Unable to interpret <mbam-log-2011-02-21 (14-08-22).txt> in the current context!
Error: Unable to interpret <Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|K:\|)> in the current context!
Error: Unable to interpret <Durchsuchte Objekte: 376736> in the current context!
Error: Unable to interpret <Laufzeit: 1 Stunde(n), 10 Minute(n), 23 Sekunde(n)> in the current context!
Error: Unable to interpret <Infizierte Speicherprozesse: 0> in the current context!
Error: Unable to interpret <Infizierte Speichermodule: 0> in the current context!
Error: Unable to interpret <Infizierte Registrierungsschlüssel: 0> in the current context!
Error: Unable to interpret <Infizierte Registrierungswerte: 0> in the current context!
Error: Unable to interpret <Infizierte Dateiobjekte der Registrierung: 0> in the current context!
Error: Unable to interpret <Infizierte Verzeichnisse: 0> in the current context!
Error: Unable to interpret <Infizierte Dateien: 0> in the current context!
Error: Unable to interpret <Infizierte Speicherprozesse:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Speichermodule:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Registrierungsschlüssel:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Registrierungswerte:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Dateiobjekte der Registrierung:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Verzeichnisse:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <Infizierte Dateien:> in the current context!
Error: Unable to interpret <(Keine bösartigen Objekte gefunden)> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <hätte ich den IE wieder in der Systemsteuerung aktivieren sollen und warten bis ein der Prozess startet damit das Malware-programm was findet?> in the current context!
Error: Unable to interpret <Danke schonmal> in the current context!
Error: Unable to interpret <pueppii ist gerade online Beitrag melden          Mit Zitat antworten Beitrag zum Zitieren auswählen Direkt antworten> in the current context!
Error: Unable to interpret <pueppii> in the current context!
Error: Unable to interpret <Öffentliches Profil ansehen> in the current context!
Error: Unable to interpret <Private Nachricht an pueppii schicken> in the current context!
Error: Unable to interpret <Mehr Beiträge von pueppii finden> in the current context!
Error: Unable to interpret <pueppii als Kontakt hinzufügen> in the current context!
Error: Unable to interpret <Ungelesen Heute, 19:19          #10> in the current context!
Error: Unable to interpret <cosinus> in the current context!
Error: Unable to interpret </// Winkelfunktion> in the current context!
Error: Unable to interpret </// TB-Ausbilder> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Registriert seit: 16.08.2009> in the current context!
Error: Unable to interpret <Ort: /etc/init.d> in the current context!
Error: Unable to interpret <Beiträge: 28.375> in the current context!
Error: Unable to interpret <        > in the current context!
Error: Unable to interpret <iexplorer öffnet sich ständig im Hintergrund - Standard AW: iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)> in the current context!
Error: Unable to interpret <Code: Alles kopierenAlles auswählenLarusso Modus> in the current context!
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ not found.
File K:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ not found.
File K:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\ not found.
File E:\autorun.exe not found.
ADS C:\ProgramData\TEMP:425D0709 deleted successfully.

cosinus 22.02.2011 20:07
Damit werden Mülleinträge, Temps gelöscht usw...
Bist du dir sicher, dass du es richtig ausgeführt hast? Die erste Zeile mit ":OTL" am Anfang musste mitkopieren!!!

pueppii 22.02.2011 20:09
und hier der Teil 2
Ab Commands

Code:
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Wolfgang
->Temp folder emptied: 13885585 bytes
->Temporary Internet Files folder emptied: 147590 bytes
->Java cache emptied: 11080393 bytes
->FireFox cache emptied: 40615371 bytes
->Flash cache emptied: 6599 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 2416200 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3254 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 65,00 mb
 
Error: Unable to interpret <Klick dann oben links auf den Button Fix!> in the current context!
Error: Unable to interpret <Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.> in the current context!
Error: Unable to interpret <__________________> in the current context!
Error: Unable to interpret <Gruß,> in the current context!
Error: Unable to interpret <Arne> in the current context!
Error: Unable to interpret <Trojaner-Board-Spendenkonto> in the current context!
Error: Unable to interpret <Datensicherung mit Ubuntu als Notfall-Live-System> in the current context!
Error: Unable to interpret <Keine Hilfe via PN, PM etc. Ausschließlich hier im Forum.> in the current context!
Error: Unable to interpret <cosinus ist gerade online Beitrag melden          Mit Zitat antworten Beitrag zum Zitieren auswählen Direkt antworten> in the current context!
Error: Unable to interpret <cosinus> in the current context!
Error: Unable to interpret <Öffentliches Profil ansehen> in the current context!
Error: Unable to interpret <Private Nachricht an cosinus schicken> in the current context!
Error: Unable to interpret <Eine E-Mail an cosinus schicken> in the current context!
Error: Unable to interpret <Besuchen Sie die Homepage von cosinus!> in the current context!
Error: Unable to interpret <Mehr Beiträge von cosinus finden> in the current context!
Error: Unable to interpret <cosinus als Kontakt hinzufügen> in the current context!
Error: Unable to interpret <Antwort> in the current context!
Error: Unable to interpret <Stichworte bearbeiten> in the current context!
Error: Unable to interpret <Stichworte> in the current context!
Error: Unable to interpret <antivir, antivir guard, avg, avira, bonjour, converter, desktop, firefox, hijack, hijackthis, homepage, iexplorer.exe, internet, internet explorer, log, logfile, mozilla, mp3, object, problem, prozesse, software, task-manager, windows, öffnet> in the current context!
Error: Unable to interpret <Was tun gegen Viren?> in the current context!
Error: Unable to interpret <Alles gegen Viren und Spyware...> in the current context!
Error: Unable to interpret <vBulletin-Systemmitteilung> in the current context!
Error: Unable to interpret <Änderungen verwerfen> in the current context!
Error: Unable to interpret <Direkt antworten> in the current context!
Error: Unable to interpret <Die folgenden Fehler traten bei der Verarbeitung auf> in the current context!
Error: Unable to interpret <Ja> in the current context!
Error: Unable to interpret <Nachricht:> in the current context!
Error: Unable to interpret <Textformatierung entfernen> in the current context!
Error: Unable to interpret <Fett> in the current context!
Error: Unable to interpret <Kursiv> in the current context!
Error: Unable to interpret <Unterstrichen> in the current context!
Error: Unable to interpret <Link einfügen> in the current context!
Error: Unable to interpret <Grafik einfügen> in the current context!
Error: Unable to interpret <Zitat einfügen [QUOTE]> in the current context!
Error: Unable to interpret <Verkleinern> in the current context!
Error: Unable to interpret <Vergrößern> in the current context!
Error: Unable to interpret <Editor wechseln> in the current context!
Error: Unable to interpret <Optionen> in the current context!
Error: Unable to interpret <Beitrag in Antwort zitieren?> in the current context!
Error: Unable to interpret <Bitte warten Sie - Ihre Antwort wird gespeichert. Bitte warten Sie - Ihre Antwort wird gespeichert.> in the current context!
Error: Unable to interpret <« Vorheriges Thema | Nächstes Thema »> in the current context!
Error: Unable to interpret <Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 1, Gäste: 0)> in the current context!
Error: Unable to interpret <pueppii> in the current context!
Error: Unable to interpret <Themen-Optionen> in the current context!
Error: Unable to interpret <Druckbare Version zeigen Druckbare Version zeigen> in the current context!
Error: Unable to interpret <Jemanden per E-Mail auf dieses Thema hinweisen Jemanden per E-Mail auf dieses Thema hinweisen> in the current context!
Error: Unable to interpret <Abonnement Abonnement dieses Themas löschen> in the current context!
Error: Unable to interpret <Ansicht> in the current context!
Error: Unable to interpret <Linear-Darstellung Linear-Darstellung> in the current context!
Error: Unable to interpret <Hybrid-Darstellung Zur Hybrid-Darstellung wechseln> in the current context!
Error: Unable to interpret <Baum-Darstellung Zur Baum-Darstellung wechseln> in the current context!
Error: Unable to interpret <Thema durchsuchen> in the current context!
Error: Unable to interpret <Erweiterte Suche> in the current context!
Error: Unable to interpret <Thema bewerten> in the current context!
Error: Unable to interpret <HervorragendHervorragend> in the current context!
Error: Unable to interpret <GutGut> in the current context!
Error: Unable to interpret <DurchschnittlichDurchschnittlich> in the current context!
Error: Unable to interpret <SchlechtSchlecht> in the current context!
Error: Unable to interpret <SchrecklichSchrecklich> in the current context!
Error: Unable to interpret <Forumregeln> in the current context!
Error: Unable to interpret <Es ist Ihnen erlaubt, neue Themen zu verfassen.> in the current context!
Error: Unable to interpret <Es ist Ihnen erlaubt, auf Beiträge zu antworten.> in the current context!
Error: Unable to interpret <Es ist Ihnen erlaubt, Anhänge hochzuladen.> in the current context!
Error: Unable to interpret <Es ist Ihnen erlaubt, Ihre Beiträge zu bearbeiten.> in the current context!
Error: Unable to interpret <BB-Code ist an.> in the current context!
Error: Unable to interpret <Smileys sind an.> in the current context!
Error: Unable to interpret <[IMG] Code ist an.> in the current context!
Error: Unable to interpret <HTML-Code ist aus.> in the current context!
Error: Unable to interpret <Trackbacks are an> in the current context!
Error: Unable to interpret <Pingbacks are an> in the current context!
Error: Unable to interpret <Refbacks are aus> in the current context!
Error: Unable to interpret <Foren-Regeln> in the current context!
Error: Unable to interpret <Gehe zu> in the current context!
Error: Unable to interpret <BenutzerkontrollzentrumPrivate NachrichtenAbonnementsWer ist onlineForen durchsuchenForum-Startseite Sicherheit    Anleitungen, FAQs & Links    Hijacker / HiJackThis Logs posten    Plagegeister aller Art und deren Bekämpfung    Antiviren-, Firewall- und andere Schutzprogramme    Überwachung, Datenschutz und Spam    Diskussionsforum    Nachrichten Web/PC    Alles rund um Windows    Alles rund um Mac OSX & Linux    Netzwerk und Hardware Sonstiges    Forums - Taverne        Sport Forum    Lob, Kritik und Wünsche Archiv - Kein Posten möglich    Mülltonne    Archiv> in the current context!
Error: Unable to interpret <Ähnliche Themen: iexplorer öffnet sich ständig im Hintergrund> in the current context!
Error: Unable to interpret <  1. Internetexplorer ständig im Hintergrund aktiv und öffnet manchmal Werbung> in the current context!
Error: Unable to interpret <      Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (31)> in the current context!
Error: Unable to interpret <  2. Nervige Musik im Hintergrund, Werbung öffnet sich iexplorer.exe virus eingefangen ?> in the current context!
Error: Unable to interpret <      Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (25)> in the current context!
Error: Unable to interpret <  3. IE öffnet sich im Hintergrund !> in the current context!
Error: Unable to interpret <      Hijacker / HiJackThis Logs posten - 26.07.2010 (6)> in the current context!
Error: Unable to interpret <  4. Internet Explorer öffnet sich im Hintergrund> in the current context!
Error: Unable to interpret <      Hijacker / HiJackThis Logs posten - 22.07.2010 (20)> in the current context!
Error: Unable to interpret <  5. Werbepopups, iexplorer.exe öffnet sich, Wave-Sound aus und Spiele minimieren sich...> in the current context!
Error: Unable to interpret <      Plagegeister aller Art und deren Bekämpfung - 12.07.2010 (1)> in the current context!
Error: Unable to interpret <  6. Iexplorer öffnet ständig neue Fenster.Bräuchte bitte eine Auswertung meinesHiJackFile> in the current context!
Error: Unable to interpret <      Hijacker / HiJackThis Logs posten - 24.03.2008 (4)> in the current context!
Error: Unable to interpret <  7. iexplorer öffnet sich ständig> in the current context!
Error: Unable to interpret <      Hijacker / HiJackThis Logs posten - 26.12.2007 (3)> in the current context!
Error: Unable to interpret <  8. pc langsam/iexplorer öffnet sich zwischendurch> in the current context!
Error: Unable to interpret <      Hijacker / HiJackThis Logs posten - 23.12.2007 (3)> in the current context!
Error: Unable to interpret <  9. IExplorer öffnet sich sich im Hintergrund> in the current context!
Error: Unable to interpret <      Hijacker / HiJackThis Logs posten - 18.08.2006 (1)> in the current context!
Error: Unable to interpret <  10. iExplorer öffnet ständig irgendwelche Fenster> in the current context!
Error: Unable to interpret <      Hijacker / HiJackThis Logs posten - 19.11.2005 (1)> in the current context!
Error: Unable to interpret <Anleitungen und Tipps> in the current context!
Error: Unable to interpret <- Für alle Hilfesuchenden! Was beachten?> in the current context!
Error: Unable to interpret <- Anleitung- GMER - Rootkit Scanner> in the current context!
Error: Unable to interpret <- Anleitung Rootkit.TDSS entfernen> in the current context!
Error: Unable to interpret <- Worm.Bagle entfernen mit Findykill> in the current context!
Error: Unable to interpret <- Secunia Personal Software Inspector (PSI)> in the current context!
Error: Unable to interpret <- Anleitung: AntiVir 2010 entfernen> in the current context!
Error: Unable to interpret <- Anleitung: Rootkit RKIT/Kryptic entfernen> in the current context!
Error: Unable to interpret <- Avira AntiVir Rescue System> in the current context!
Error: Unable to interpret <- Kaspersky Rescue Disk> in the current context!
Error: Unable to interpret <Alle Zeitangaben in WEZ +1. Es ist jetzt 19:49 Uhr.> in the current context!
Error: Unable to interpret <Kontakt - AV-Soft - Trojaner-Board - Archiv - Nach oben> in the current context!
Error: Unable to interpret <Powered by vBulletin® (Deutsch)> in the current context!
Error: Unable to interpret <Copyright ©2000 - 2011, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.
<br /><!-- google_ad_section_start(weight=ignore) -->SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.<!-- google_ad_section_end -->
<br /><!-- google_ad_section_start(weight=ignore) -->SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.<!-- google_ad_section_end -->
<br /><!-- google_ad_section_start(weight=ignore) -->SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.<!-- google_ad_section_end -->> in the current context!
Error: Unable to interpret <SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.> in the current context!
Error: Unable to interpret <LinkBack> in the current context!
Error: Unable to interpret <LinkBack URL LinkBack URL> in the current context!
Error: Unable to interpret <About LinkBacks About LinkBacks> in the current context!
 
OTL by OldTimer - Version 3.2.20.6 log created on 02222011_195146

Files\Folders moved on Reboot...
C:\Users\Wolfgang\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
Danke nochmal und wäre echt super wenn du mir einen kleinen Einblick verschaffen könntest was du gemacht hast

:daumenhoc:dankeschoen::dankeschoen::dankeschoen:

pueppii 22.02.2011 20:10
Ja bin sicher aber ich mach es einfach nochmal :) oder?

cosinus 22.02.2011 20:11
Ja gleich nochmal :D

pueppii 22.02.2011 20:21
Glaube jetzt hat es funktioniert...

War da eigentlich sowas wie ein Virus oder ne Mailware drauf?
Wegen Passwörter, ob ich die ändern sollte?

THX
:dankeschoen::dankeschoen::dankeschoen:

Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ not found.
File K:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01b90aea-bd6b-11de-a303-001e904d9b6c}\ not found.
File K:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82ad4828-bccf-11de-a4aa-806e6f6e6963}\ not found.
File E:\autorun.exe not found.
Unable to delete ADS C:\ProgramData\TEMP:425D0709 .
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Wolfgang
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 13185765 bytes
->Flash cache emptied: 490 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 13,00 mb
 
 
OTL by OldTimer - Version 3.2.20.6 log created on 02222011_201234

Files\Folders moved on Reboot...
C:\Users\Wolfgang\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

cosinus 22.02.2011 21:12
Nicht so voreilig. Alles zu seiner Zeit.
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

pueppii 23.02.2011 08:43
Guten Morgen,
bin gestern nicht mehr dazu gekommen.

Hier der log vom ComboFix

Code:
ComboFix 11-02-22.03 - Wolfgang 23.02.2011  8:15.1.2 - x64
Microsoft Windows 7 Professional  6.1.7600.0.1252.49.1031.18.2047.1188 [GMT 1:00]
ausgeführt von:: c:\users\Wolfgang\Desktop\cofi.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Wolfgang\AppData\Roaming\Microsoft\Windows\Recent\Kat?l?ms?z.Com.url
c:\users\Wolfgang\AppData\Roaming\TheHunterSettings_live.bin
c:\windows\SysWow64\Data
c:\windows\SysWow64\windows
c:\windows\SysWow64\windows\system32\drivers\PnkBstrK.sys
c:\windows\SysWow64\windows\system32\PnkBstrA.exe
c:\windows\SysWow64\windows\system32\PnkBstrB.exe

.
(((((((((((((((((((((((  Dateien erstellt von 2011-01-23 bis 2011-02-23  ))))))))))))))))))))))))))))))
.

2011-02-23 07:22 . 2011-02-23 07:22        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-02-22 18:51 . 2011-02-22 18:51        --------        d-----w-        C:\_OTL
2011-02-22 14:41 . 2011-01-13 10:20        7844688        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{613B796B-F908-47BA-B89E-6695575FB2B9}\mpengine.dll
2011-02-22 10:52 . 2010-12-20 17:09        38224        ----a-w-        c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-21 15:38 . 2011-02-21 15:38        --------        d-----w-        c:\users\Wolfgang\AppData\Roaming\QuickScan
2011-02-21 13:48 . 2011-02-21 13:48        --------        d-----w-        c:\users\Wolfgang\AppData\Roaming\Avira
2011-02-21 11:56 . 2011-02-21 11:56        --------        d-----w-        c:\users\Wolfgang\AppData\Roaming\Malwarebytes
2011-02-21 11:56 . 2011-02-21 11:56        --------        d-----w-        c:\programdata\Malwarebytes
2011-02-21 11:56 . 2010-12-20 17:08        24152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-02-18 12:02 . 2011-01-10 13:23        83120        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2011-02-18 12:02 . 2011-01-10 13:23        116568        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2011-02-18 12:02 . 2011-02-18 12:02        --------        d-----w-        c:\programdata\Avira
2011-02-18 12:02 . 2011-02-18 12:02        --------        d-----w-        c:\program files (x86)\Avira
2011-02-17 19:09 . 2011-02-17 19:09        --------        d-----w-        c:\program files (x86)\Common Files\Java
2011-02-17 12:25 . 2011-02-22 19:16        --------        d-----w-        c:\users\Wolfgang\HiJack
2011-01-31 09:42 . 2011-01-31 09:43        --------        d-----w-        c:\program files\iTunes
2011-01-31 09:42 . 2011-01-31 09:43        --------        d-----w-        c:\program files (x86)\iTunes
2011-01-31 09:42 . 2011-01-31 09:42        --------        d-----w-        c:\program files\iPod
2011-01-30 13:57 . 2011-01-30 13:57        103864        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-01-26 15:26 . 2011-01-26 15:26        --------        d-----w-        c:\programdata\Hunter

.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 20:40 . 2010-05-16 20:44        472808        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2011-02-02 16:11 . 2009-10-19 17:14        270720        ------w-        c:\windows\system32\MpSigStub.exe
2010-11-29 16:38 . 2010-11-29 16:38        94208        ----a-w-        c:\windows\SysWow64\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38        69632        ----a-w-        c:\windows\SysWow64\QuickTime.qts
.

((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-10 218032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-10-19 1207312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-10-20 79360]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-19 834544]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-03 202752]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-01-10 135336]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-02-03 6366720]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-02-03 186880]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper        REG_MULTI_SZ          nosGetPlusHelper
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-06 8158240]
"snpstd3"="c:\windows\vsnpstd3.exe" [2007-04-25 831488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: Free YouTube to Mp3 Converter - c:\users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\7ianlmgk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: German Dictionary: de-DE@dictionaries.addons.mozilla.org - %profile%\extensions\de-DE@dictionaries.addons.mozilla.org
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Battlefield Heroes Updater: battlefieldheroespatcher@ea.com - %profile%\extensions\battlefieldheroespatcher@ea.com
FF - Ext: FireGestures: firegestures@xuldev.org - %profile%\extensions\firegestures@xuldev.org
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PnkBstrK]
"ImagePath"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PnkBstrK]
"ImagePath"=dword:00000000
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-1880701749-1217193486-2661523415-1000\Software\SecuROM\License information*]
"datasecu"=hex:ca,e2,80,17,d6,4e,8e,aa,26,e6,e2,17,11,95,a2,23,3a,7d,57,26,d0,
  97,7b,a9,c6,3f,1a,00,26,a7,ca,3c,4a,74,39,18,33,aa,61,be,4b,ff,5e,52,99,04,\
"rkeysecu"=hex:27,f3,34,b5,d2,4b,60,d4,d1,7c,83,88,98,bb,4d,d7

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files\Logitech\SetPoint\x86\SetPoint32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-02-23  08:30:41 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-02-23 07:30

Vor Suchlauf: 8 Verzeichnis(se), 33.480.634.368 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 33.473.110.016 Bytes frei

- - End Of File - - FCC76CE6845FC254E5CFC52F0DCD4589
:dankeschoen:

pueppii 07.03.2011 09:28
Hi Arne,
hab nichts mehr gehört...
Wollte mich nochmal für deine Hilfe bedanken.
Hoffe jetzt ist mein PC wieder Seuchen frei.

Danke

cosinus 07.03.2011 16:51
Sry hab deinen Strang übersehen :o
Bitte nun Logs mit GMER und mbrcheck erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg

Anleitung zu mbrcheck:
Downloade Dir MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

pueppii 08.03.2011 10:20
Hi,
hat soweit alles funktioniert. Hab beim MBRCheck nach dem Scan beendet, hoffe das war richtig... :)

Also hier der GMER:
GMER Logfile:
Code:
GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-03-08 10:12:44
Windows 6.1.7601 Service Pack 1
Running: z8l51wse.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0007610c5779                                       
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0007610c5779@0007610a31a5                            0x3E 0x04 0x41 0xBE ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x82 0x2D 0x5D 0x23 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                C:\Program Files (x86)\Hilfsprogramme\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0xD4 0xC3 0x97 0x02 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0xF5 0x16 0x1A 0x58 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x4D 0x7C 0x07 0x26 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0007610c5779 (not active ControlSet)                   
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0007610c5779@0007610a31a5                                0x3E 0x04 0x41 0xBE ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x82 0x2D 0x5D 0x23 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    C:\Program Files (x86)\Hilfsprogramme\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0xD4 0xC3 0x97 0x02 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0xF5 0x16 0x1A 0x58 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x4D 0x7C 0x07 0x26 ...

---- EOF - GMER 1.0.15 ----
--- --- ---


und der vom MBR:
HTML-Code:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:                       
Windows Version:                Windows 7 Professional
Windows Information:                Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer:        ECS
BIOS Manufacturer:                American Megatrends Inc.
System Manufacturer:                ECS
System Product Name:                GeForce7050M-M
Logical Drives Mask:                0x000005fd

Kernel Drivers (total 207):
  0x02E66000 \SystemRoot\system32\ntoskrnl.exe
  0x02E1D000 \SystemRoot\system32\hal.dll
  0x00BB9000 \SystemRoot\system32\kdcom.dll
  0x00CE1000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
  0x00CEE000 \SystemRoot\system32\PSHED.dll
  0x00D02000 \SystemRoot\system32\CLFS.SYS
  0x00C00000 \SystemRoot\system32\CI.dll
  0x00EC4000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x00F68000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x01072000 \SystemRoot\System32\Drivers\spoo.sys
  0x01198000 \SystemRoot\System32\Drivers\WMILIB.SYS
  0x011A1000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
  0x01000000 \SystemRoot\system32\drivers\ACPI.sys
  0x01057000 \SystemRoot\system32\drivers\msisadrv.sys
  0x01061000 \SystemRoot\system32\drivers\vdrvroot.sys
  0x00F77000 \SystemRoot\system32\drivers\pci.sys
  0x011D0000 \SystemRoot\System32\drivers\partmgr.sys
  0x011E5000 \SystemRoot\system32\drivers\volmgr.sys
  0x00E00000 \SystemRoot\System32\drivers\volmgrx.sys
  0x00E5C000 \SystemRoot\system32\drivers\pciide.sys
  0x00E63000 \SystemRoot\system32\drivers\PCIIDEX.SYS
  0x00E73000 \SystemRoot\System32\drivers\mountmgr.sys
  0x00FAA000 \SystemRoot\system32\drivers\vmbus.sys
  0x00FE6000 \SystemRoot\system32\drivers\winhv.sys
  0x00E8D000 \SystemRoot\system32\drivers\atapi.sys
  0x00E96000 \SystemRoot\system32\drivers\ataport.SYS
  0x00CC0000 \SystemRoot\system32\drivers\amdxata.sys
  0x00D60000 \SystemRoot\system32\drivers\fltmgr.sys
  0x00DAC000 \SystemRoot\system32\drivers\fileinfo.sys
  0x0120A000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x014B2000 \SystemRoot\System32\Drivers\msrpc.sys
  0x01510000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x0152B000 \SystemRoot\System32\Drivers\cng.sys
  0x0159D000 \SystemRoot\System32\drivers\pcw.sys
  0x015AE000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x016EB000 \SystemRoot\system32\drivers\ndis.sys
  0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
  0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x01836000 \SystemRoot\System32\drivers\tcpip.sys
  0x01A3A000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x01A84000 \SystemRoot\system32\drivers\vmstorfl.sys
  0x01A94000 \SystemRoot\system32\drivers\volsnap.sys
  0x01AE0000 \SystemRoot\System32\Drivers\spldr.sys
  0x01AE8000 \SystemRoot\System32\drivers\rdyboost.sys
  0x01B22000 \SystemRoot\System32\Drivers\mup.sys
  0x01B34000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x01B3D000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x01B77000 \SystemRoot\system32\DRIVERS\disk.sys
  0x01B8D000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
  0x01800000 \SystemRoot\system32\drivers\cdrom.sys
  0x0182A000 \SystemRoot\System32\Drivers\Null.SYS
  0x01BF3000 \SystemRoot\System32\Drivers\Beep.SYS
  0x0168B000 \SystemRoot\System32\drivers\vga.sys
  0x01699000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x016BE000 \SystemRoot\System32\drivers\watchdog.sys
  0x016CE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x016D7000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x016E0000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x017DE000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x017E9000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x015B8000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x015DA000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x01400000 \SystemRoot\system32\drivers\afd.sys
  0x013AD000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x01489000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x00DC0000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x01492000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x03E71000 \SystemRoot\system32\DRIVERS\serial.sys
  0x03E8E000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x03EA9000 \SystemRoot\system32\drivers\termdd.sys
  0x03EBD000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x03F0E000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x03F1A000 \SystemRoot\system32\drivers\mssmbios.sys
  0x03F25000 \SystemRoot\System32\drivers\discache.sys
  0x03F34000 \SystemRoot\system32\drivers\csc.sys
  0x03FB7000 \SystemRoot\System32\Drivers\dfsc.sys
  0x03FD5000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x03E00000 \SystemRoot\system32\DRIVERS\avipbb.sys
  0x03E22000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x03E48000 \SystemRoot\system32\DRIVERS\amdk8.sys
  0x03E5F000 \SystemRoot\system32\DRIVERS\serenum.sys
  0x03FE6000 \SystemRoot\system32\DRIVERS\fdc.sys
  0x040DF000 \SystemRoot\system32\DRIVERS\parport.sys
  0x040FC000 \SystemRoot\system32\drivers\i8042prt.sys
  0x0411A000 \SystemRoot\system32\DRIVERS\L8042Kbd.sys
  0x04125000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x04134000 \SystemRoot\system32\DRIVERS\usbohci.sys
  0x0413F000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x04195000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x041A6000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  0x041B3000 \SystemRoot\system32\drivers\HDAudBus.sys
  0x04268000 \SystemRoot\system32\drivers\P17.sys
  0x04200000 \SystemRoot\system32\drivers\portcls.sys
  0x0423D000 \SystemRoot\system32\drivers\drmk.sys
  0x04000000 \SystemRoot\system32\drivers\ks.sys
  0x0425F000 \SystemRoot\system32\drivers\ksthunk.sys
  0x04043000 \SystemRoot\system32\DRIVERS\nvm62x64.sys
  0x040A7000 \SystemRoot\system32\DRIVERS\atikmpag.sys
  0x04AFC000 \SystemRoot\system32\DRIVERS\atipmdag.sys
  0x04A00000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x05160000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x051A6000 \SystemRoot\System32\Drivers\ar41ncg5.SYS
  0x051EB000 \SystemRoot\system32\drivers\wmiacpi.sys
  0x043ED000 \SystemRoot\system32\drivers\CompositeBus.sys
  0x041D7000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x04424000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x04448000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x04454000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x04483000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x0449E000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x044BF000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x044D9000 \SystemRoot\system32\DRIVERS\rdpbus.sys
  0x044E4000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x044F3000 \SystemRoot\system32\drivers\swenum.sys
  0x044F5000 \SystemRoot\system32\drivers\umbus.sys
  0x04507000 \SystemRoot\system32\DRIVERS\flpydisk.sys
  0x04512000 \SystemRoot\system32\drivers\usbhub.sys
  0x0456C000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x02E0F000 \SystemRoot\system32\drivers\RTKVHD64.sys
  0x04581000 \SystemRoot\system32\drivers\AtiHdmi.sys
  0x045A3000 \SystemRoot\system32\DRIVERS\udfs.sys
  0x04400000 \SystemRoot\system32\drivers\USBSTOR.SYS
  0x02FF8000 \SystemRoot\system32\drivers\USBD.SYS
  0x01BBD000 \SystemRoot\system32\drivers\usbccgp.sys
  0x02E00000 \SystemRoot\system32\drivers\hidusb.sys
  0x01BDA000 \SystemRoot\system32\drivers\HIDCLASS.SYS
  0x0441B000 \SystemRoot\system32\drivers\HIDPARSE.SYS
  0x041ED000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
  0x014A1000 \SystemRoot\system32\DRIVERS\kbdhid.sys
  0x03FF3000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x015E7000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
  0x013F2000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x051F4000 \SystemRoot\System32\Drivers\dump_dumpata.sys
  0x01200000 \SystemRoot\System32\Drivers\dump_atapi.sys
  0x00DE6000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x000E0000 \SystemRoot\System32\win32k.sys
  0x00CCB000 \SystemRoot\System32\drivers\Dxapi.sys
  0x058AE000 \SystemRoot\system32\DRIVERS\snpstd3.sys
  0x062BE000 \SystemRoot\system32\DRIVERS\STREAM.SYS
  0x062CF000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x00580000 \SystemRoot\System32\TSDDD.dll
  0x00690000 \SystemRoot\System32\cdd.dll
  0x062DD000 \SystemRoot\system32\drivers\luafv.sys
  0x06300000 \SystemRoot\system32\DRIVERS\avgntflt.sys
  0x0631D000 \SystemRoot\system32\drivers\WudfPf.sys
  0x0633E000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x06353000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x02CF9000 \SystemRoot\system32\drivers\HTTP.sys
  0x02DC2000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x02DE0000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x02C00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x02C2D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x02C7A000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x05800000 \SystemRoot\system32\drivers\peauth.sys
  0x02C9E000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x02CA9000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x02CDA000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x0636B000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x0525C000 \SystemRoot\System32\DRIVERS\srv.sys
  0x052F5000 \SystemRoot\System32\Drivers\fastfat.SYS
  0x0532B000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x0535C000 \SystemRoot\System32\Drivers\BTHUSB.sys
  0x05374000 \SystemRoot\System32\Drivers\bthport.sys
  0x05200000 \SystemRoot\system32\DRIVERS\rfcomm.sys
  0x0522C000 \SystemRoot\system32\drivers\BthEnum.sys
  0x0523C000 \SystemRoot\system32\DRIVERS\bthpan.sys
  0x063D6000 \SystemRoot\system32\DRIVERS\hidbth.sys
  0x088E1000 \SystemRoot\system32\DRIVERS\asyncmac.sys
  0x77310000 \Windows\System32\ntdll.dll
  0x47D20000 \Windows\System32\smss.exe
  0xFF630000 \Windows\System32\apisetschema.dll
  0xFFF30000 \Windows\System32\autochk.exe
  0x771F0000 \Windows\System32\kernel32.dll
  0xFF610000 \Windows\System32\nsi.dll
  0xFF490000 \Windows\System32\urlmon.dll
  0xFF3F0000 \Windows\System32\comdlg32.dll
  0xFF3D0000 \Windows\System32\imagehlp.dll
  0xFF2F0000 \Windows\System32\advapi32.dll
  0xFF110000 \Windows\System32\setupapi.dll
  0xFEFE0000 \Windows\System32\wininet.dll
  0xFEF90000 \Windows\System32\ws2_32.dll
  0xFEF80000 \Windows\System32\lpk.dll
  0xFEF00000 \Windows\System32\shlwapi.dll
  0xFEE20000 \Windows\System32\oleaut32.dll
  0xFED80000 \Windows\System32\clbcatq.dll
  0xFED60000 \Windows\System32\sechost.dll
  0xFED30000 \Windows\System32\imm32.dll
  0xFEB20000 \Windows\System32\ole32.dll
  0xFE9F0000 \Windows\System32\rpcrt4.dll
  0xFE790000 \Windows\System32\iertutil.dll
  0x770F0000 \Windows\System32\user32.dll
  0x774E0000 \Windows\System32\normaliz.dll
  0xFE680000 \Windows\System32\msctf.dll
  0xFE5B0000 \Windows\System32\usp10.dll
  0xFD820000 \Windows\System32\shell32.dll
  0xFD780000 \Windows\System32\msvcrt.dll
  0x774D0000 \Windows\System32\psapi.dll
  0xFD720000 \Windows\System32\Wldap32.dll
  0xFD6B0000 \Windows\System32\gdi32.dll
  0xFD630000 \Windows\System32\difxapi.dll
  0xFD5F0000 \Windows\System32\wintrust.dll
  0xFD5D0000 \Windows\System32\devobj.dll
  0xFD530000 \Windows\System32\comctl32.dll
  0xFD4C0000 \Windows\System32\KernelBase.dll
  0xFD350000 \Windows\System32\crypt32.dll
  0xFD310000 \Windows\System32\cfgmgr32.dll
  0xFD300000 \Windows\System32\msasn1.dll

Processes (total 56):
      0 System Idle Process
      4 System
    276 C:\Windows\System32\smss.exe
    400 csrss.exe
    460 C:\Windows\System32\wininit.exe
    480 csrss.exe
    516 C:\Windows\System32\services.exe
    540 C:\Windows\System32\lsass.exe
    548 C:\Windows\System32\lsm.exe
    608 C:\Windows\System32\winlogon.exe
    696 C:\Windows\System32\svchost.exe
    796 C:\Windows\System32\svchost.exe
    844 C:\Windows\System32\atiesrxx.exe
    920 C:\Windows\System32\svchost.exe
    960 C:\Windows\System32\svchost.exe
    1004 C:\Windows\System32\svchost.exe
    716 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    1072 C:\Windows\System32\svchost.exe
    1228 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    1300 C:\Windows\System32\svchost.exe
    1408 C:\Windows\System32\spoolsv.exe
    1444 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    1524 C:\Windows\System32\svchost.exe
    1640 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    1688 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    1700 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    1708 C:\Windows\System32\conhost.exe
    1768 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    1808 C:\Windows\System32\svchost.exe
    1900 C:\Windows\System32\svchost.exe
    2200 WUDFHost.exe
    2468 C:\Windows\System32\SearchIndexer.exe
    2640 C:\Windows\System32\atieclxx.exe
    2800 C:\Windows\System32\taskhost.exe
    2948 C:\Windows\System32\dwm.exe
    2976 C:\Windows\explorer.exe
    2320 C:\Windows\System32\svchost.exe
    2592 C:\Windows\System32\rundll32.exe
    3060 C:\Program Files\Logitech\SetPoint\LBTWiz.exe
    2776 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    2828 C:\Windows\vsnpstd3.exe
    2388 C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
    992 C:\Windows\System32\StikyNot.exe
    1804 C:\Program Files\Logitech\SetPoint\SetPoint.exe
    3236 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    3372 C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
    3424 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
    3688 C:\Program Files\Windows Media Player\wmpnetwk.exe
    3972 C:\Windows\System32\svchost.exe
    2500 C:\Windows\System32\svchost.exe
    3740 C:\Program Files\iPod\bin\iPodService.exe
    668 C:\Program Files\Windows Sidebar\sidebar.exe
    4520 C:\Windows\System32\audiodg.exe
    4468 C:\Windows\System32\dllhost.exe
    1172 C:\Users\Wolfgang\Downloads\MBRCheck.exe
    2372 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00  (NTFS)
\\.\D: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00  (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHD161HJ, Rev: JF100-19
PhysicalDrive1 Model Number: WDCWD1600BB-00DWA0, Rev: 15.05R15

      Size  Device Name          MBR Status
  --------------------------------------------
    149 GB  \\.\PhysicalDrive0  Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
    142 GB  \\.\PhysicalDrive1  Unknown MBR code
            SHA1: F7471EA37B808087537E9A72FE124B0152502B56


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
  [1] Dump the MBR of a physical disk to file.
  [2] Restore the MBR of a physical disk with a standard boot code.
  [3] Exit.

Enter your choice:

Done!
übrigens der iExplorer Prozess wurde wieder angezeigt, dann hab ich ihn beendet und seither ist irgendwie nichts mehr gewesen...

Tausend Dank mal wieder...:daumenhoc
Grüße

cosinus 08.03.2011 11:37
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:33 Uhr.

Copyright ©2000-2024, Trojaner-Board


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129