Trojaner-Board - habe auch den BKA-Trojana

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - habe auch den BKA-Trojana (https://www.trojaner-board.de/102480-habe-bka-trojana.html)

habe auch den BKA-Trojana

Hallo,

meine Laptop ist auch vom BKA-Trojana befallen.
Ich habe bereits wenige beschriebene Schritte gemacht, bei der Eingabe "start srep.exe" kam aber folgende Fehlermeldung:

AutoIt Error
Line 9671 (File "F:\srep.exe"):
Error: Variable used without being declared

Was muss ich jetzt machen?

Schonmal vielen Dank für die Hilfe!!

Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles, die Du posten möchtest)[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

gruß
kira

Hallo,

hier die Ergebnisse vom Scan. Da ich keine Internetverbindung hatte, konnte ich keine Update machen. Ergenisse nach dem Update poste ich auch gleich

Code:

 Malwarebytes' Anti-Malware 1.51.1.1800

Malwarebytes : Free anti-malware, anti-virus and spyware removal download
 

Datenbank Version: 7035
 

Windows 6.0.6002 Service Pack 2 (Safe Mode)

Internet Explorer 7.0.6002.18005
 

22.08.2011 15:59:45

mbam-log-2011-08-22 (15-59-45).txt
 

Art des Suchlaufs: Quick-Scan

Durchsuchte Objekte: 159360

Laufzeit: 3 Minute(n), 37 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 1

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 2
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\avupdate (Trojan.Agent) -> Value: avupdate -> Quarantined and deleted successfully.
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

c:\Users\Lena\AppData\Roaming\jashla.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\program files\mozilla firefox\0.12571312866766615.exe (Exploit.Dropper) -> Quarantined and deleted successfully.

Hier der Rest nach Update:

Code:

 Malwarebytes' Anti-Malware 1.51.1.1800

Malwarebytes : Free anti-malware, anti-virus and spyware removal download
 

Datenbank Version: 7535
 

Windows 6.0.6002 Service Pack 2

Internet Explorer 7.0.6002.18005
 

22.08.2011 16:24:45

mbam-log-2011-08-22 (16-24-45).txt
 

Art des Suchlaufs: Quick-Scan

Durchsuchte Objekte: 169006

Laufzeit: 10 Minute(n), 7 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 1
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

c:\Users\Lena\AppData\Local\Temp\jar_cache568606284310826743.tmp (Trojan.Ransom.BP) -> Quarantined and deleted successfully.

Hier der OTL.txt

OTL Logfile:

Code:

OTL logfile created on: 22.08.2011 16:36:20 - Run 1

OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Lena\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6002.18005)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,75 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 61,32% Memory free

5,71 Gb Paging File | 4,54 Gb Available in Paging File | 79,47% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 116,44 Gb Total Space | 51,48 Gb Free Space | 44,21% Space Free | Partition Type: NTFS

Drive D: | 106,68 Gb Total Space | 25,04 Gb Free Space | 23,47% Space Free | Partition Type: NTFS

Drive E: | 9,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: LENA-PC | User Name: Lena | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Lena\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)

PRC - C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

PRC - C:\Windows\AsScrPro.exe (ASUS)

PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()

PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)

PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)

PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)

PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)

PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)

PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()

PRC - C:\Program Files\ATK Hotkey\WDC.exe ()

PRC - C:\Program Files\ATK Hotkey\HControlUser.exe ()

PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()

PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()

PRC - C:\Program Files\ATK Hotkey\MsgTranAgt.exe ()

PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

PRC - C:\Program Files\ASUS\ATK Media\GPSWATCH.EXE ( )

PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)

PRC - C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)

PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()

PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()

PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()

PRC - C:\Program Files\ASUS\ATK Media\DMEDIA.EXE (ASUSTeK Computer INC.)

PRC - C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)

PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Users\Lena\AppData\Local\Google\Chrome\Application\13.0.782.112\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Users\Lena\AppData\Local\Google\Chrome\Application\13.0.782.112\pdf.dll ()

MOD - C:\Users\Lena\AppData\Local\Google\Chrome\Application\13.0.782.112\avutil-50.dll ()

MOD - C:\Users\Lena\AppData\Local\Google\Chrome\Application\13.0.782.112\avformat-52.dll ()

MOD - C:\Users\Lena\AppData\Local\Google\Chrome\Application\13.0.782.112\avcodec-52.dll ()

MOD - C:\Users\Lena\AppData\Local\Google\Chrome\Application\13.0.782.112\gcswf32.dll ()

MOD - C:\Users\Lena\AppData\Local\Google\Chrome\APPLIC~1\130782~1.112\gcswf32.dll ()

MOD - C:\Program Files\Adobe\Reader 8.0\Reader\viewerps.dll ()

MOD - C:\Program Files\ICQ7.1\MDb.dll ()

MOD - C:\Program Files\Uniblue\RegistryBooster\cache.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()

MOD - C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll ()

MOD - C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll ()

MOD - C:\Program Files\ATKOSD2\ATKOSD2.exe ()

MOD - C:\Program Files\ATK Hotkey\HControlUser.exe ()

MOD - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()

MOD - C:\Program Files\ATK Hotkey\MsgTran.dll ()

MOD - C:\Program Files\Common Files\LightScribe\QtGui4.dll ()

MOD - C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()

MOD - C:\Program Files\Common Files\LightScribe\QtCore4.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (LiveUpdate Notice) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

SRV - (Symantec Core LC) -- C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe ()

SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)

SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

SRV - (comHost) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)

SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (cpuz132) -- C:\Users\Lena\AppData\Local\Temp\cpuz132\cpuz132_x32.sys (Windows (R) Codename Longhorn DDK provider)

DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation)

DRV - (SYMNDISV) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation)

DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)

DRV - (SYMFW) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation)

DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)

DRV - (SYMDNS) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation)

DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)

DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090127.025\NAVEX15.SYS (Symantec Corporation)

DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090127.025\NAVENG.SYS (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20090120.002\IDSvix86.sys (Symantec Corporation)

DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)

DRV - (COH_Mon) -- C:\Windows\System32\drivers\COH_Mon.sys (Symantec Corporation)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)

DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)

DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)

DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )

DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)

DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)

DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)

DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)

DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)

DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (CO_Mon) -- C:\Windows\System32\drivers\CO_Mon.sys (Symantec Corporation)

DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()

DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()

DRV - (Ph3xIB32) -- C:\Windows\System32\drivers\Ph3xIB32.sys (Philips Semiconductors GmbH)

DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)

DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKLM\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hiergehtslos.de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..CommunityToolbar.SearchFromAddressBarSavedUrl: "data:text/plain,keyword.URL=hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ffbr-nb&p="

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.defaultthis.engineName: "BrotherSoft Extreme Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.de"

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2

FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.3

FF - prefs.js..extensions.enabledItems: ChoiceGuard@Microsoft:2.0

FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2

FF - prefs.js..extensions.enabledItems: {51a86bb3-6602-4c85-92a5-130ee4864f13}:3.2.5.2

FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.9&q="

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lena\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lena\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.29 14:05:20 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.29 14:05:16 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.08.08 11:49:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.04.04 14:30:36 | 000,000,000 | ---D | M]

 

[2010.08.30 18:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lena\AppData\Roaming\mozilla\Extensions

[2010.08.30 18:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lena\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2011.08.02 17:10:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lena\AppData\Roaming\mozilla\Firefox\Profiles\82smxyn2.default\extensions

[2009.09.02 15:42:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lena\AppData\Roaming\mozilla\Firefox\Profiles\82smxyn2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011.07.30 19:55:04 | 000,000,000 | ---D | M] (BrotherSoft Extreme Community Toolbar) -- C:\Users\Lena\AppData\Roaming\mozilla\Firefox\Profiles\82smxyn2.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}

[2011.07.30 19:56:08 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Lena\AppData\Roaming\mozilla\Firefox\Profiles\82smxyn2.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2011.08.02 15:41:03 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Lena\AppData\Roaming\mozilla\Firefox\Profiles\82smxyn2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2009.10.06 14:40:06 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Users\Lena\AppData\Roaming\mozilla\Firefox\Profiles\82smxyn2.default\extensions\ChoiceGuard@Microsoft

[2011.02.19 17:56:12 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Lena\AppData\Roaming\mozilla\Firefox\Profiles\82smxyn2.default\extensions\engine@conduit.com

[2011.08.02 17:10:58 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Lena\AppData\Roaming\mozilla\Firefox\Profiles\82smxyn2.default\extensions\plugin@yontoo.com

[2010.09.13 19:15:02 | 000,002,385 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\askcom.xml

[2009.10.06 14:48:43 | 000,002,163 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\bing.xml

[2010.12.22 17:23:04 | 000,000,941 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\conduit.xml

[2011.08.02 15:43:10 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-1.xml

[2010.05.03 18:07:21 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-10.xml

[2011.07.30 19:32:02 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-11.xml

[2011.08.02 15:41:10 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-12.xml

[2009.09.15 00:04:45 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-2.xml

[2009.11.02 08:58:25 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-3.xml

[2009.12.20 21:21:14 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-4.xml

[2010.01.12 09:43:27 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-5.xml

[2010.02.16 17:39:35 | 000,000,961 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-6.xml

[2010.03.13 13:28:33 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-7.xml

[2010.04.01 09:56:05 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-8.xml

[2010.04.03 17:41:19 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-9.xml

[2011.06.19 17:24:00 | 000,000,168 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin.gif

[2011.06.19 17:24:00 | 000,000,618 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin.src

[2010.02.03 15:37:50 | 000,000,947 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin.xml

[2011.07.29 14:05:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2009.01.19 21:20:17 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

File not found (No name found) -- 

[2011.07.08 09:31:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2009.03.31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll

[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (BrotherSoft Extreme Toolbar) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()

O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)

O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()

O4 - HKLM..\Run: [MAGIXautostart]  File not found

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()

O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)

O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)

O4 - HKCU..\Run: [PCFix]  File not found

O4 - HKCU..\Run: [playmb]  File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Lena\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O24 - Desktop BackupWallPaper: C:\Users\Lena\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{15b88716-9941-11de-b1ff-00235456f275}\Shell\AutoRun\command - "" = F:\Start.htm

O33 - MountPoints2\{5786923e-c431-11de-a6b8-00235456f275}\Shell - "" = AutoRun

O33 - MountPoints2\{5786923e-c431-11de-a6b8-00235456f275}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{57869264-c431-11de-a6b8-00235456f275}\Shell - "" = AutoRun

O33 - MountPoints2\{57869264-c431-11de-a6b8-00235456f275}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{57869274-c431-11de-a6b8-f1c1462cda3a}\Shell - "" = AutoRun

O33 - MountPoints2\{57869274-c431-11de-a6b8-f1c1462cda3a}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{578692c4-c431-11de-a6b8-00235456f275}\Shell - "" = AutoRun

O33 - MountPoints2\{578692c4-c431-11de-a6b8-00235456f275}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{578692c7-c431-11de-a6b8-00235456f275}\Shell - "" = AutoRun

O33 - MountPoints2\{578692c7-c431-11de-a6b8-00235456f275}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{578692e2-c431-11de-a6b8-884566132081}\Shell - "" = AutoRun

O33 - MountPoints2\{578692e2-c431-11de-a6b8-884566132081}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{578692e4-c431-11de-a6b8-884566132081}\Shell - "" = AutoRun

O33 - MountPoints2\{578692e4-c431-11de-a6b8-884566132081}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{d4ce5e01-ff09-11de-9034-e9cd8191ce7f}\Shell - "" = AutoRun

O33 - MountPoints2\{d4ce5e01-ff09-11de-9034-e9cd8191ce7f}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{d4ce5e02-ff09-11de-9034-e9cd8191ce7f}\Shell - "" = AutoRun

O33 - MountPoints2\{d4ce5e02-ff09-11de-9034-e9cd8191ce7f}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.08.22 16:33:23 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Lena\Desktop\OTL.exe

[2011.08.22 15:49:53 | 000,000,000 | ---D | C] -- C:\Users\Lena\AppData\Roaming\Malwarebytes

[2011.08.22 15:49:48 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011.08.22 15:49:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.08.22 15:49:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011.08.22 15:49:40 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011.08.22 15:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011.08.11 03:10:29 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll

[2011.08.11 03:10:17 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011.08.11 03:10:16 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011.08.11 03:10:15 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2011.08.11 03:10:15 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011.08.11 03:10:14 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011.08.11 03:10:14 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2011.08.11 03:10:14 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011.08.11 03:08:54 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2011.08.11 03:08:54 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2011.08.02 17:12:39 | 000,000,000 | ---D | C] -- C:\Users\Lena\AppData\Roaming\Mirillis

[2011.08.02 17:12:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Mirillis

[2011.08.02 17:12:30 | 000,000,000 | ---D | C] -- C:\Users\Lena\AppData\Local\Mirillis

[2011.08.02 17:12:16 | 000,000,000 | ---D | C] -- C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis

[2011.08.02 17:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mirillis

[2011.08.02 17:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Runtime

[2011.08.02 17:10:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer

[2011.07.29 10:47:59 | 000,000,000 | ---D | C] -- C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2011.07.24 21:52:19 | 000,000,000 | ---D | C] -- C:\Users\Lena\AppData\Roaming\Audacity

[2011.07.24 21:51:29 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)

[2011.07.24 20:47:29 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LMRTREND.dll

[2011.07.24 20:47:28 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\System32\tm20dec.ax

[2011.07.24 20:47:27 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft3.dll

[2011.07.24 20:47:24 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unam4ie.exe

[2011.07.24 20:47:19 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\danim.dll

[2011.07.24 20:47:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz.drv

[2011.07.24 20:47:18 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcut.dll

[2011.07.24 20:47:16 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.dll

[2011.07.24 20:47:16 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.dll

[2011.07.24 20:47:16 | 000,000,000 | ---D | C] -- C:\Windows\~dxmcab~

[2011.07.24 20:46:30 | 000,430,080 | ---- | C] (MAGIX AG) -- C:\Windows\System32\MXRestore.exe

[2011.07.24 20:46:30 | 000,188,416 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRES32.dll

[2011.07.24 20:46:30 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLTPO32.dll

[2011.07.24 20:46:30 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRD32.dll

[2011.07.24 20:46:30 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\STRING32.dll

[2011.07.24 20:46:30 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTIC32.dll

[2011.07.24 20:46:30 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTI32.dll

[2011.07.24 20:46:29 | 000,163,840 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDEV32.dll

[2011.07.24 20:46:29 | 000,151,552 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDRV32.dll

[2011.07.24 20:46:29 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDA32.dll

[2011.07.24 20:46:29 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCPY32.dll

[2011.07.24 20:46:29 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPTL32.dll

[2011.07.24 20:46:29 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDF32.dll

[2011.07.24 20:46:29 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRJ32.dll

[2011.07.24 20:46:29 | 000,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRF32.dll

[2011.07.24 20:46:29 | 000,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIO32.dll

[2011.07.24 20:46:29 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIMG32.dll

[2011.07.24 20:46:29 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPNT32.dll

[2011.07.24 20:46:29 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLMSC32.dll

[2011.07.24 20:46:29 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLISO32.dll

[2011.07.24 20:46:29 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDIR32.dll

[2011.07.24 20:46:29 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIX.dll

[2011.07.24 20:46:28 | 000,462,848 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLAV32.dll

[2011.07.24 20:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared

[2011.07.24 20:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX

[2011.07.24 20:44:47 | 001,089,536 | ---- | C] (eHelp Corporation.) -- C:\Windows\System32\ROBOEX32.DLL

[2011.07.24 20:44:47 | 000,085,504 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\HtmlWH.dll

[2011.07.24 20:44:47 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\INETWH32.dll

[2011.07.24 20:44:47 | 000,000,000 | ---D | C] -- C:\MAGIX

[2011.07.24 20:44:20 | 000,626,688 | ---- | C] (MAGIX AG) -- C:\Windows\System32\mgxoschk.dll

[2011.07.24 20:44:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\MAGIX

[2011.07.23 18:10:34 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2011.07.23 18:10:24 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll

[2008.06.03 08:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.08.22 16:43:02 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3296497871-3204600602-4166676122-1000UA.job

[2011.08.22 16:35:34 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2011.08.22 16:35:34 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011.08.22 16:35:34 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2011.08.22 16:35:34 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011.08.22 16:33:47 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.001

[2011.08.22 16:33:27 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Lena\Desktop\OTL.exe

[2011.08.22 16:28:55 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job

[2011.08.22 16:28:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011.08.22 16:28:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011.08.22 16:28:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.08.22 16:28:36 | 2951,897,088 | -HS- | M] () -- C:\hiberfil.sys

[2011.08.22 16:05:27 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{88B6D7CC-2168-41CD-AF29-0441FD2920FB}.job

[2011.08.22 16:04:04 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2011.08.22 16:03:38 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe

[2011.08.22 15:49:48 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.08.18 15:32:04 | 000,008,268 | ---- | M] () -- C:\Users\Lena\AppData\Local\d3d9caps.dat

[2011.08.14 14:18:36 | 000,000,472 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Lena.job

[2011.08.13 12:13:28 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3296497871-3204600602-4166676122-1000Core.job

[2011.08.10 01:48:32 | 000,002,082 | ---- | M] () -- C:\Users\Lena\Desktop\Google Chrome.lnk

[2011.08.09 17:14:25 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011.08.08 22:45:07 | 000,000,580 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Systemprüfung ausführen - Lena.job

[2011.08.08 19:54:11 | 000,012,026 | ---- | M] () -- C:\Users\Lena\Desktop\276996_235583776481624_5458966_n.jpg

[2011.08.02 17:12:17 | 000,002,017 | ---- | M] () -- C:\Users\Lena\Desktop\Splash Lite.lnk

[2011.08.02 17:10:44 | 013,377,240 | ---- | M] () -- C:\Users\Lena\Desktop\splash_lite_1_6_1_setup.exe

[2011.07.31 10:18:35 | 000,330,849 | ---- | M] () -- C:\Users\Lena\Desktop\Xchange-Formular_D_2011.pdf

[2011.07.29 14:05:23 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011.07.27 23:27:49 | 000,000,157 | ---- | M] () -- C:\Windows\MusicMaker.INI

[2011.07.27 22:27:50 | 000,435,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011.07.27 16:54:01 | 000,000,396 | ---- | M] () -- C:\Windows\BeatBox.INI

[2011.07.25 14:43:29 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2011.07.25 14:43:29 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2011.07.24 21:52:09 | 000,000,948 | ---- | M] () -- C:\Users\Lena\Desktop\Audacity 1.3 Beta (Unicode).lnk

[2011.07.24 20:47:16 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.dll

[2011.07.24 20:47:16 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.dll

[2011.07.24 20:46:59 | 000,000,739 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Online Druck Service.lnk

[2011.07.24 20:46:24 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Music Maker Schulversion.lnk

 
 ========== Files Created - No Company Name ==========

 

[2011.08.22 16:03:15 | 2951,897,088 | -HS- | C] () -- C:\hiberfil.sys

[2011.08.22 15:49:48 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.08.08 19:54:05 | 000,012,026 | ---- | C] () -- C:\Users\Lena\Desktop\276996_235583776481624_5458966_n.jpg

[2011.08.08 11:49:47 | 000,001,902 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

[2011.08.02 17:12:17 | 000,002,017 | ---- | C] () -- C:\Users\Lena\Desktop\Splash Lite.lnk

[2011.08.02 17:10:25 | 013,377,240 | ---- | C] () -- C:\Users\Lena\Desktop\splash_lite_1_6_1_setup.exe

[2011.07.31 10:18:35 | 000,330,849 | ---- | C] () -- C:\Users\Lena\Desktop\Xchange-Formular_D_2011.pdf

[2011.07.29 14:05:23 | 000,000,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2011.07.29 10:48:04 | 000,002,082 | ---- | C] () -- C:\Users\Lena\Desktop\Google Chrome.lnk

[2011.07.29 10:46:49 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3296497871-3204600602-4166676122-1000UA.job

[2011.07.29 10:46:47 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3296497871-3204600602-4166676122-1000Core.job

[2011.07.25 00:21:02 | 000,000,157 | ---- | C] () -- C:\Windows\MusicMaker.INI

[2011.07.24 23:28:43 | 000,000,396 | ---- | C] () -- C:\Windows\BeatBox.INI

[2011.07.24 21:52:09 | 000,000,960 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk

[2011.07.24 21:52:09 | 000,000,948 | ---- | C] () -- C:\Users\Lena\Desktop\Audacity 1.3 Beta (Unicode).lnk

[2011.07.24 20:47:19 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll

[2011.07.24 20:47:19 | 000,005,672 | ---- | C] () -- C:\Windows\System32\quartz.vxd

[2011.07.24 20:46:59 | 000,000,739 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Online Druck Service.lnk

[2011.07.24 20:46:30 | 000,038,912 | ---- | C] () -- C:\Windows\System32\mgxasio.dll

[2011.07.24 20:46:29 | 000,014,182 | ---- | C] () -- C:\Windows\System32\DLLAV32.lib

[2011.07.24 20:46:24 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Music Maker Schulversion.lnk

[2011.07.24 20:44:20 | 000,004,345 | ---- | C] () -- C:\Windows\mgxoschk.ini

[2010.08.25 23:34:05 | 000,000,534 | ---- | C] () -- C:\Windows\eReg.dat

[2010.03.07 16:56:10 | 000,008,268 | ---- | C] () -- C:\Users\Lena\AppData\Local\d3d9caps.dat

[2009.12.20 23:21:06 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe

[2009.09.01 06:31:56 | 000,022,723 | ---- | C] () -- C:\Windows\System32\ssp2ml3.dll

[2009.08.05 00:04:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009.08.05 00:04:50 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009.01.19 21:38:24 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat

[2008.11.09 21:51:23 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2008.11.09 20:43:18 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.001

[2008.11.09 18:09:47 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2008.11.04 18:26:18 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini

[2008.11.03 21:48:32 | 000,138,752 | ---- | C] () -- C:\Users\Lena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008.10.15 04:52:12 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe

[2008.10.15 04:48:08 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe

[2008.10.15 04:29:42 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin

[2008.10.15 03:45:19 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2008.04.16 13:11:34 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat

[2008.04.16 13:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat

[2008.04.16 13:11:34 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat

[2008.04.16 13:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat

[2008.04.16 12:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini

[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006.11.02 14:47:37 | 000,435,992 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll

[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI

[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2006.03.09 04:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
 

< End of report >

--- --- ---
[Code]

Und der Extras.txt

OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 22.08.2011 16:36:20 - Run 1

OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Lena\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6002.18005)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,75 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 61,32% Memory free

5,71 Gb Paging File | 4,54 Gb Available in Paging File | 79,47% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 116,44 Gb Total Space | 51,48 Gb Free Space | 44,21% Space Free | Partition Type: NTFS

Drive D: | 106,68 Gb Total Space | 25,04 Gb Free Space | 23,47% Space Free | Partition Type: NTFS

Drive E: | 9,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: LENA-PC | User Name: Lena | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 1

"InternetSettingsDisableNotify" = 1

"AutoUpdateDisableNotify" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0DD35FAB-14C6-4CEF-A81A-7109FEC9577E}" = lport=139 | protocol=6 | dir=in | app=system | 

"{410FA958-16FB-4D32-94BE-0595178385BB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 

"{4E8245FC-E1FD-4B3B-8033-9C4A9D53F930}" = lport=445 | protocol=6 | dir=in | app=system | 

"{5158E70C-762A-4FA9-9274-F999AA8DFD26}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{5DA06C04-1023-45B9-BDD2-60E36B9403DE}" = lport=138 | protocol=17 | dir=in | app=system | 

"{671DDBAD-4E10-4640-81AD-800E872108F9}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{7F49EB83-2BA5-4B42-895E-9A4C48CE1EE8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{8AD7CC60-028C-4607-B26B-A274C8D7185A}" = rport=139 | protocol=6 | dir=out | app=system | 

"{963F7AA1-1F5A-4669-BAA3-00B91625E44D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

"{9BADD786-FD00-4048-B9F4-57F5AF15E454}" = rport=137 | protocol=17 | dir=out | app=system | 

"{A8A755B0-BFB4-4483-B109-447E0E75AEF1}" = lport=137 | protocol=17 | dir=in | app=system | 

"{DAC76E44-34AB-4A8E-91F4-44B31B63092B}" = rport=138 | protocol=17 | dir=out | app=system | 

"{F9A2EAC6-0A1E-4F04-ADDC-B3C2F5824927}" = rport=445 | protocol=6 | dir=out | app=system | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0547DBCC-04C6-4F47-8C0D-37C56CB35BA3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{0724E1E2-0967-4785-A358-D545AE9C67E6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{082F9AEE-FC5F-44B7-BB8E-8D2F101A0512}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{08C4C9E1-9031-4988-862E-234483BED0E5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{0D4D874B-8137-4751-80FE-96A98C06C95D}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | 

"{242B8FDA-C3A2-429E-8330-043D272B4588}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{2557E8CF-4802-4119-8740-AFA8EDFBA806}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{2795AC94-6738-43C1-B6CD-6121674639D0}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | 

"{2CA76998-6F25-44FF-8FAA-214C3245CBED}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | 

"{34E1311B-1613-4C2A-A24C-96CCCA90F50A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{35C0860C-E7B0-4577-B44B-C2E89BE58C56}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | 

"{363FE157-383C-435D-9335-1EE95AAE774B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{3687F6AB-C239-417E-B794-B83174D67CAB}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | 

"{37B2631B-51AF-4C99-AA4F-615E17F103D6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{3CF84CB3-9E27-42B1-97D9-81E4D05D1B54}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{3FA0AC6B-E093-4C61-8C61-A55515494686}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{48DA9B56-B6A1-4CB7-972B-DBC8A0BC9563}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 

"{4F91F0C4-987E-48C7-8DBD-644B849A25FB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{5015D77B-2954-4CFF-B2FC-825B15262A53}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{53D71190-2CD4-4CBA-90D3-8C9BE43D3A1B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{59B5C315-6827-476B-A87C-AA351BFFAEB9}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | 

"{610E9587-0831-4FE2-BD6D-633A98FAB46E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{64098E2F-37D0-4AB9-B394-98A70FDDC13A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{6A657C84-99AF-473E-833F-64FA2B683B9D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{6FC1A795-EE1C-4282-A7B9-12905AB74762}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{75190CC7-A579-46DC-9231-05E19894A11B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{81E1BF74-F332-4570-AFC2-D1DB41D11266}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 

"{88F4BE79-997D-43F5-A08E-36F68112B8E6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{8B671B2F-9ACA-41B5-B38E-1D964AEF9E59}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | 

"{916ABA9C-D45B-4757-9C26-9D4CF9305723}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{96A2602D-7335-4CCA-B919-47E6A637D443}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 

"{A1019D77-A6EF-4ED3-B8FF-98E9C3A77451}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 

"{A715D4EB-CCCD-4F39-83EE-4E17A39AADC7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{A8931878-0806-47AD-BD3F-E9F71873E75F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{A9BDA513-28DC-4562-AB60-F2FFFA7F686E}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 

"{AC4A2D4D-962D-464B-8C1C-E36F8185647E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{B03CB145-6536-4D36-9AA1-131743195CD6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{B35E7B59-A230-48D9-9C6C-630FBA976AFD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{B571E19A-4280-43B8-B8CA-A87DA7C80B4F}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | 

"{C07BEC9B-B809-4109-9A56-B19F27A60BB8}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | 

"{C2336102-9EEA-4DE5-996C-488596C23DDC}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | 

"{CFFB01CA-A453-4004-A7CF-11720084E37B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{DC7B6369-3C29-400C-9EA0-BED6F905EED0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{DCFF2FAD-1881-4E12-8574-764C04352A65}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{E051E043-8F34-46DA-B85F-B4E41AC917C5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{E1B247D9-2389-4B0E-B562-4A8A1DCF68C7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{E1EBEA06-2718-4957-BB58-5BAD35AB61D5}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | 

"{E49CB503-939F-414C-8ACB-C11F54748181}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{EE8B5DAB-7777-4B87-971E-A4AD5AD343C9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 

"{FA95D3DE-B6E5-4841-8462-7A91785FF75F}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology

"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour

"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1

"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media

"{1EE3E00F-A62B-4EE7-8EDB-1E53FD3158E3}" = SymNet

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18

"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program

"{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework

"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3

"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security

"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module

"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core

"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun

"{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}" = Splash Lite

"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2

"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call

"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center

"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe

"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit

"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus

"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime

"{7B63B2922B174135AFC0E1377DD81EC2}" = 

"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module

"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2

"{8530BC7E-BA2B-44FB-A9D9-6EEF01C084F2}" = capella 2008

"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01

"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007

"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007

"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007

"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007

"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007

"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007

"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007

"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007

"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007

"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007

"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007

"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007

"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007

"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007

"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007

"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A23E5590-6799-437B-9723-2627BA800B6F}" = Dolby Control Center

"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.6

"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon

"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support

"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service

"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component

"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash

"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help

"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster

"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update

"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)

"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"ALUpdate_is1" = ALTools Update

"ALZip_is1" = ALZip

"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind

"BrotherSoft_Extreme Toolbar" = BrotherSoft Extreme Toolbar

"conduitEngine" = Conduit Engine

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"MAGIX Music Maker Schulversion D" = MAGIX Music Maker Schulversion (D)

"MAGIX Online Druck Service D" = MAGIX Online Druck Service (D)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800

"Messenger Plus! Live" = Messenger Plus! Live

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Mozilla Firefox 5.0.1 (x86 de)" = Mozilla Firefox 5.0.1 (x86 de)

"Mozilla Thunderbird (5.0)" = Mozilla Thunderbird (5.0)

"NSS" = Norton Security Scan

"NVIDIA Drivers" = NVIDIA Drivers

"PROHYBRIDR" = 2007 Microsoft Office system

"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)

"Samsung ML-1640 Series" = Samsung ML-1640 Series

"SMSERIAL" = Motorola SM56 Speakerphone Modem

"Softonic_Deutsch Toolbar" = Softonic_Deutsch Toolbar

"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"Uninstall_is1" = Uninstall 1.0.0.1

"VLC media player" = VLC media player 1.1.10

"VMidi" = vanBasco's Karaoke Player

"WinGimp-2.0_is1" = GIMP 2.6.11

"WinLiveSuite_Wave3" = Windows Live Essentials

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 10.08.2011 18:47:34 | Computer Name = Lena-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 10935

 

Error - 10.08.2011 18:47:36 | Computer Name = Lena-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 10.08.2011 18:47:36 | Computer Name = Lena-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 11981

 

Error - 10.08.2011 18:47:36 | Computer Name = Lena-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 11981

 

Error - 10.08.2011 18:47:38 | Computer Name = Lena-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 10.08.2011 18:47:38 | Computer Name = Lena-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 14258

 

Error - 10.08.2011 18:47:38 | Computer Name = Lena-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 14258

 

Error - 10.08.2011 21:00:50 | Computer Name = Lena-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 10.08.2011 21:00:50 | Computer Name = Lena-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 8006392

 

Error - 10.08.2011 21:00:50 | Computer Name = Lena-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 8006392

 

[ Media Center Events ]

Error - 31.12.2008 22:01:06 | Computer Name = Lena-PC | Source = Media Center Guide | ID = 0

Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerAccumulate failed;

 Win32 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center

 Guide 

 

Error - 12.02.2009 13:45:58 | Computer Name = Lena-PC | Source = MCUpdate | ID = 0

Description = Es konnte nicht auf den MCUpdate-Mutex gewartet werden. Ausnahme: 

'Der Wartezustand wurde aufgrund eines abgebrochenen Mutex beendet.'.

 

Error - 21.05.2009 17:18:02 | Computer Name = Lena-PC | Source = Media Center Guide | ID = 0

Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32

 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide
 

 

Error - 16.08.2009 16:34:34 | Computer Name = Lena-PC | Source = Media Center Guide | ID = 0

Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32

 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide
 

 

Error - 09.10.2009 10:04:51 | Computer Name = Lena-PC | Source = Media Center Guide | ID = 0

Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32

 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide
 

 

[ System Events ]

Error - 22.08.2011 09:47:50 | Computer Name = Lena-PC | Source = Service Control Manager | ID = 7001

Description = 

 

Error - 22.08.2011 09:47:50 | Computer Name = Lena-PC | Source = Service Control Manager | ID = 7001

Description = 

 

Error - 22.08.2011 09:47:50 | Computer Name = Lena-PC | Source = Service Control Manager | ID = 7001

Description = 

 

Error - 22.08.2011 09:47:51 | Computer Name = Lena-PC | Source = Service Control Manager | ID = 7001

Description = 

 

Error - 22.08.2011 10:04:30 | Computer Name = Lena-PC | Source = Service Control Manager | ID = 7000

Description = 

 

Error - 22.08.2011 10:06:15 | Computer Name = Lena-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description = 

 

Error - 22.08.2011 10:07:55 | Computer Name = Lena-PC | Source = Service Control Manager | ID = 7009

Description = 

 

Error - 22.08.2011 10:07:55 | Computer Name = Lena-PC | Source = Service Control Manager | ID = 7000

Description = 

 

Error - 22.08.2011 10:29:24 | Computer Name = Lena-PC | Source = Service Control Manager | ID = 7000

Description = 

 

Error - 22.08.2011 10:30:18 | Computer Name = Lena-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description = 

 

 

< End of report >

--- --- ---
[Code]

Punkt 3. fehlt noch!

Hallo Kira,

hier noch das Ergebnis von Punkt 3. Hatte ich irgendwie übersehen....

Code:

 2007 Microsoft Office system        Microsoft Corporation        18.10.2009        1.114MB        12.0.6425.1000

Activation Assistant for the 2007 Microsoft Office suites        Microsoft Corporation        14.10.2008        13,5MB        

Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        18.01.2009                10.0.12.36

Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        24.02.2010                10.0.45.2

Adobe Reader 8.2.6        Adobe Systems Incorporated        03.04.2011        133,9MB        8.2.6

ALTools Update        ESTsoft Corp.        08.02.2010        2,35MB        

ALZip        ESTsoft Corp.        08.02.2010        11,2MB        v7.52

Apple Application Support        Apple Inc.        22.08.2010        42,8MB        1.3.0

Apple Mobile Device Support        Apple Inc.        22.08.2010        19,9MB        3.1.0.62

Apple Software Update        Apple Inc.        08.11.2008        2,16MB        2.1.1.116

ASUS InstantFun        ASUS        13.10.2008        14,6MB        1.0.0015

ASUS Live Update        ASUS        14.10.2008        0,46MB        2.5.6

ASUS Power4Gear eXtreme        ASUS        13.10.2008        7,14MB        1.0.19

ASUS SmartLogon        ASUS        13.10.2008        10,7MB        1.0.0005

ASUS Splendid Video Enhancement Technology        ASUS        13.10.2008        25,0MB        1.02.0021

Asus_Camera_ScreenSaver        ASUS        14.10.2008                2.0.0007

Atheros Client Installation Program        Atheros        13.10.2008        10,0MB        7.0

ATK Generic Function Service        ATK        13.10.2008        0,45MB        1.00.0008

ATK Hotkey        ATK        13.10.2008        6,07MB        1.00.0034

ATK Media                14.10.2008        0,24MB        

ATKOSD2        ATK        13.10.2008        7,41MB        6.64.1.8

Audacity 1.3.13 (Unicode)        Audacity Team        23.07.2011        42,3MB        

Avira AntiVir Personal - Free Antivirus        Avira GmbH        09.08.2011        139,3MB        10.2.0.700

Bonjour        Apple Inc.        22.08.2010        0,76MB        2.0.2.0

BrotherSoft Extreme Toolbar        BrotherSoft Extreme        18.02.2011        3,96MB        6.2.7.3

capella 2008        capella-software        15.11.2010        36,5MB        6.00.9160

CCleaner        Piriform        23.08.2011        3,98MB        3.09

Cisco EAP-FAST Module        Cisco Systems, Inc.        13.10.2008        1,04MB        2.1.6

Cisco LEAP Module        Cisco Systems, Inc.        13.10.2008        1,04MB        1.0.12

Cisco PEAP Module        Cisco Systems, Inc.        13.10.2008        0,85MB        1.0.13

Conduit Engine        Conduit Ltd.        18.02.2011        3,82MB        

CyberLink LabelPrint        CyberLink Corp.        14.10.2008        86,4MB        2.0.2908

CyberLink Power2Go        CyberLink Corp.        13.10.2008        122,2MB        6.0.1924

DivX Plus DirectShow Filters        DivX, Inc.        18.05.2010        1,58MB        

Dolby Control Center        Dolby        13.10.2008        75,9MB        2.0.0706

Express Gate        devicevm        13.10.2008        641MB        0.8.6.0

Free Audio CD Burner version 1.2        DVDVideoSoft Limited.        20.10.2009        2,60MB        

Free YouTube to MP3 Converter version 3.2        DVDVideoSoft Limited.        20.10.2009        2,66MB        

FreeMind                11.06.2009        10,3MB        0.8.1

GIMP 2.6.11        The GIMP Team        21.06.2011        112,0MB        2.6.11

Google Chrome        Google Inc.        28.07.2011        279MB        13.0.782.112

ICQ7.1        ICQ        02.05.2010        45,5MB        7.1

iTunes        Apple Inc.        22.08.2010        161,7MB        9.2.1.5

Java(TM) 6 Update 18        Sun Microsystems, Inc.        01.03.2010        97,1MB        6.0.180

Java(TM) 6 Update 3        Sun Microsystems, Inc.        08.11.2008        160,7MB        1.6.0.30

LightScribe System Software  1.14.17.1        LightScribe        13.10.2008        21,0MB        1.14.17.1

LiveUpdate (Symantec Corporation)        Symantec Corporation        03.11.2008        16,8MB        3.4.1.232

MAGIX Music Maker Schulversion (D)        MAGIX AG        23.07.2011        472MB        11.0.1.3

MAGIX Online Druck Service (D)        MAGIX AG        23.07.2011        9,10MB        2.3.2.0

Malwarebytes' Anti-Malware Version 1.51.1.1800        Malwarebytes Corporation        21.08.2011        6,71MB        1.51.1.1800

Messenger Plus! Live        Patchou        10.10.2009        12,8MB        4.82.0.368

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU        Microsoft Corporation        21.08.2009        37,0MB        

Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        06.08.2009        37,0MB        

Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        25.06.2010        120,3MB        4.0.30319

Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        25.06.2010        24,5MB        4.0.30319

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        05.10.2009        0,25MB        8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        22.06.2011        0,29MB        8.0.61001

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        05.10.2009        0,19MB        9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        09.05.2011        0,58MB        9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218        Microsoft Corporation        01.03.2010        0,22MB        9.0.21022.218

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        23.08.2009        0,58MB        9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        28.02.2011        0,58MB        9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        22.06.2011        0,58MB        9.0.30729.6161

Motorola SM56 Speakerphone Modem                14.10.2008        1,95MB        

Mozilla Firefox 5.0.1 (x86 de)        Mozilla        28.07.2011        35,2MB        5.0.1

Mozilla Thunderbird (5.0)        Mozilla        07.08.2011        35,1MB        5.0 (de)

MSXML 4.0 SP2 (KB927978)        Microsoft Corporation        21.12.2009        35,00KB        4.20.9841.0

MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        21.12.2009        34,00KB        4.20.9870.0

MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        21.12.2009        1,34MB        4.20.9876.0

NB Probe                14.10.2008        2,76MB        

Norton Internet Security (Symantec Corporation)        Symantec Corporation        14.10.2008        74,5MB        15.5.0.23

Norton Security Scan        Symantec Corporation        11.06.2010        11,4MB        2.7.3.34

NVIDIA Drivers                14.10.2008                

OpenOffice.org 3.2        OpenOffice.org        05.12.2010        363MB        3.2.9502

QuickTime        Apple Inc.        14.04.2010        73,8MB        7.66.71.0

Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        13.10.2008        22,2MB        6.0.1.5683

Samsung ML-1640 Series        Samsung Electronics CO.,LTD        19.12.2009        67,8MB        

SimCity 4 Deluxe                24.08.2010        1.195MB        

Skype™ 4.2        Skype Technologies S.A.        16.04.2010        31,8MB        4.2.158

Softonic_Deutsch Toolbar                11.06.2009        1,91MB        

Splash Lite        Mirillis        01.08.2011        29,9MB        1.6.1

Synaptics Pointing Device Driver        Synaptics        14.10.2008        13,6MB        10.0.12.0

Text-To-Speech-Runtime        Magix Development GmbH        26.07.2011        0,25MB        1.0.0.0

Uniblue RegistryBooster        Uniblue Systems Ltd        06.09.2010        18,2MB        

Uninstall 1.0.0.1                20.10.2009        17,7MB        

vanBasco's Karaoke Player                05.11.2009        2,08MB        

VLC media player 1.1.10        VideoLAN        21.06.2011        788MB        1.1.10

Windows Live Anmelde-Assistent        Microsoft Corporation        05.10.2009        1,93MB        5.000.818.5

Windows Live Essentials        Microsoft Corporation        05.10.2009        44,1MB        14.0.8089.0726

Windows Live-Uploadtool        Microsoft Corporation        05.10.2009        0,22MB        14.0.8014.1029

WinFlash                14.10.2008        1,37MB        

Wireless Console 2        ATK        13.10.2008        2,12MB        2.0.10

Yontoo Layers Runtime 1.10.01        Yontoo LLC        01.08.2011        0,19MB        1.10.01

1.
Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

:OTL

IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

FF - prefs.js..CommunityToolbar.SearchFromAddressBarSavedUrl: "data:text/plain,keyword.URL=http://de.search.yahoo.com/search?ei=UTF-8&fr=ffbr-nb&p="

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.startup.homepage: "http://www.facebook.de"

FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found

[2011.02.19 17:56:12 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Lena\AppData\Roaming\mozilla\Firefox\Profiles\82smxyn2.default\extensions\engine@conduit.com

[2010.09.13 19:15:02 | 000,002,385 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\askcom.xml

[2009.10.06 14:48:43 | 000,002,163 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\bing.xml

[2010.12.22 17:23:04 | 000,000,941 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\conduit.xml

[2010.05.03 18:07:21 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-10.xml

[2011.07.30 19:32:02 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-11.xml

[2011.08.02 15:41:10 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-12.xml

[2009.09.15 00:04:45 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-2.xml

[2009.11.02 08:58:25 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-3.xml

[2009.12.20 21:21:14 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-4.xml

[2010.01.12 09:43:27 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-5.xml

[2010.02.16 17:39:35 | 000,000,961 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-6.xml

[2010.03.13 13:28:33 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-7.xml

[2010.04.01 09:56:05 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-8.xml

[2010.04.03 17:41:19 | 000,000,950 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin-9.xml

[2011.06.19 17:24:00 | 000,000,168 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin.gif

[2011.06.19 17:24:00 | 000,000,618 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin.src

[2010.02.03 15:37:50 | 000,000,947 | ---- | M] () -- C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\82smxyn2.default\searchplugins\icqplugin.xml

[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (BrotherSoft Extreme Toolbar) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

O4 - HKCU..\Run: [PCFix]  File not found

O4 - HKCU..\Run: [playmb]  File not found

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{15b88716-9941-11de-b1ff-00235456f275}\Shell\AutoRun\command - "" = F:\Start.htm

O33 - MountPoints2\{5786923e-c431-11de-a6b8-00235456f275}\Shell - "" = AutoRun

O33 - MountPoints2\{5786923e-c431-11de-a6b8-00235456f275}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{57869264-c431-11de-a6b8-00235456f275}\Shell - "" = AutoRun

O33 - MountPoints2\{57869264-c431-11de-a6b8-00235456f275}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{57869274-c431-11de-a6b8-f1c1462cda3a}\Shell - "" = AutoRun

O33 - MountPoints2\{57869274-c431-11de-a6b8-f1c1462cda3a}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{578692c4-c431-11de-a6b8-00235456f275}\Shell - "" = AutoRun

O33 - MountPoints2\{578692c4-c431-11de-a6b8-00235456f275}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{578692c7-c431-11de-a6b8-00235456f275}\Shell - "" = AutoRun

O33 - MountPoints2\{578692c7-c431-11de-a6b8-00235456f275}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{578692e2-c431-11de-a6b8-884566132081}\Shell - "" = AutoRun

O33 - MountPoints2\{578692e2-c431-11de-a6b8-884566132081}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{578692e4-c431-11de-a6b8-884566132081}\Shell - "" = AutoRun

O33 - MountPoints2\{578692e4-c431-11de-a6b8-884566132081}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{d4ce5e01-ff09-11de-9034-e9cd8191ce7f}\Shell - "" = AutoRun

O33 - MountPoints2\{d4ce5e01-ff09-11de-9034-e9cd8191ce7f}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{d4ce5e02-ff09-11de-9034-e9cd8191ce7f}\Shell - "" = AutoRun

O33 - MountPoints2\{d4ce5e02-ff09-11de-9034-e9cd8191ce7f}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe

[2011.08.22 16:28:55 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
 

:Commands

[purity]

[emptytemp]

und füge es hier ein: http://image.hijackthis.eu/upload/hjt1-021.jpg
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

2.
Deine Javaversion ist nicht aktuell!
Da aufgrund alter Sicherheitslücken ist Java sehr anfällig, deinstalliere zunächst alle vorhandenen Java-Versionen:
→ Systemsteuerung → Software → deinstallieren...
→ Rechner neu aufstarten
→ Downloade nun die Offline-Version von Java Version 6 Update 26 von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

3.
Adobe Reader aktualisieren :
- Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus")
Adobe Reader
Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..."

4.

Code:

Uniblue RegistryBooster

**Solchen "Registry-Bereinigern" gibt`s viele, die einige hundert oder sogar tausend Fehler in der Registrierung ständig finden, eine Vielzahl von Problemen, die eigentlich ganz harmlos sind (wenn überhaupt existieren;) Eventuell meldet sich regelmäßig mit einem Fenster mit der Aufforderung zur Problembehandlung, was nur beim Kauf des Programms möglich ist! Mit der Kaufversion tritt das Problem komischerweise nicht mehr auf...;)
Ich rate Dir also dringend davon ab solche Tools einzusetzen, die so tief in die Registry eingreifen und "völlig automatisch" versuchen Windows zu optimieren,, da eine winzige Änderung in der Registry (z.B "falsch gelöschte" Einträge) kann fatale Folgen haben! Dann wundert man sich, dass Windows irgendwann lahmt oder Abstürze bringt!- Ich kann mir nicht vorstellen, dass irgendein Programm zwischen nützlichen und unnützen unterscheiden kann und "völlig automatisch" entscheiden kann, was Windows wirklich benötigt und was nicht! Fraglich auch, ob alle zuvor angelegten Sicherungsdateien bei Problemen einfach wiederherstellen kann, wie es der Hersteller versprochen hat?

Windows garnix so dumm, wie oft behauptet wird! - Windows mit Eigenmittel zu beschleunigen, bietet an von Hause aus einen ordentlichen Werkzeugkoffer, mit guter Ausstattung für "Heimwerker":
...das Glück liegt darin, da weiß man wenigstens was man tut! http://www.world-of-smilies.com/wos_sonstige/a048.gif
►

5.
reinige dein System mit Ccleaner:

"Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
Starte dein System neu auf

lade Dir SUPERAntiSpyware FREE Edition herunter.
installiere das Programm und update online.
starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

7.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

8.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

► Wie ist den aktuellen Zustand des Rechners? Auffälligkeiten, Probleme?

Zitat:

► Berichte mir kurz über alle Umsetzungsschritte, die Du erledigt hast!